17-58
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
Field Reference
Configuring HTTP Maps for ASA 7.2+ and PIX 7.2+ Devices
Use the Add and Edit HTTP Map dialog boxes to define the match criterion and values for the HTTP
inspect map for ASA and PIX software releases 7.2 and higher.
Navigation Path
Select Manage > Policy Objects, then select Maps > Policy Maps > Inspect > HTTP (ASA 7.2+/PIX
7.2+) from the Object Type selector. Right-click inside the work area, then select New Object or
right-click a row, then select Edit Object.
Related Topics
Understanding Map Objects, page 6-72
Configuring Protocols and Maps for Inspection, page 17-21
Configuring Class Maps for Inspection Policies, page 17-26
Field Reference
Table17-34 HTTP Map Transfer Encoding Tab
Element Description
Available and Selected
Encoding Types
Action
Generate Syslog
The Available Encoding Types list contains the types of transfer
encoding for which you can define firewall inspection settings.
To configure an action for a type, select it, then select an action and
optionally select Generate Syslog if you want a message added to the
syslog when an HTTP request containing the selected type is
encountered. Click the >> button to add it to the Selected Encoding
Types list. (To remove a type from the selected list, select it and click
the << button.)
Tip You can select multiple types at a time using Ctrl+click if the
action and syslog requests are the same for each.
The actions you can specify are:
Allow Packet—Allow the message.
Drop Packet—Close the connection.
Reset Connection (default)—Send a TCP reset message to client
and server.
Specify the action to be
applied for the remaining
available encoding types
above.
Whether to define a default action for the types for which you have not
configured specific actions above. If you select this option, select the
action and syslog setting to use for the default action.
Table17-35 Add and Edit HTTP Map Dialog Boxes (ASA 7.2+/PIX 7.2+)
Element Description
Name The name of the policy object. A maximum of 40 characters is allowed.