17-20
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Inspection Rules Page
Field Reference
Configure RPC Dialog Box
Use the RPC dialog box to edit settings for RPC inspection on IOS devices. RPC inspection blocks traffic
for all RPC programs except for those you specify. To allow more than one RPC program, create a rule
for each program number you want to allow.
Navigation Path
Go to the Add or Edit Inspect/Application FW Rule Wizard, Inspected Protocol Page, page 17-16, select
RPC in the protocols table, and click Configure.
Field Reference
Custom Protocol Dialog Box
Use the Custom Protocol dialog box to assign a name to the protocol and port specification you made on
the Add or Edit Inspect/Application FW Rule Wizard, Step 2, page 17-12 for IOS devices.
Navigation Path
Go to the Add or Edit Inspect/Application FW Rule Wizard, Inspected Protocol Page, page 17-16, select
custom protocol in the protocols table, and click Configure.
Configure Dialog Box
Use the Configure dialog box to select a policy map object for HTTP or IM inspection. The maps used
for these types of inspection differ depending on the operating system version used on the device. Select
the desired version and then click Select to select the desired policy map object or to create a new one.
Table17-8 Configure IMAP or POP3 Dialog Boxes
Element Description
Reset Connection on Invalid
IMAP/POP3 packet
Whether to reset, or drop, the connection between the client and server
if an invalid packet is encountered. The client will have to repeat the
validation process to reconnect to the server.
Enforce Secure
Authentication
Whether to require that the client use a secure login to the server, that
is, so that passwords are not sent in clear text.
Table17-9 Configure RPC Dialog Box
Element Description
Program Number The program number to permit. Values are 1-4294967295.
Wait Time The number of minutes to keep a hole in the firewall open to allow
subsequent connections from the same source address to the same
destination address and port. Values are 0-35791 minutes. The default
is 0.