17-64
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
Configuring IM Maps for ASA 7.2+, PIX 7.2+ Devices
Use the Add and Edit IM Map dialog boxes to define settings for define an Instant Messenger (IM)
inspect map for devices running ASA/PIX 7.2 or higher. An IM map lets you change the default
configuration values used for IM application inspection.
Instant Messaging causes concern due to its use of clear text when conducting business and the potential
for network attacks and the spreading of viruses. Thus, you might want to block certain types of instant
messages from occurring, while allowing others.
For ASA and PIX devices, IM application inspection provides detailed access control to control network
usage. You can use regular expressions to help stop leakage of confidential data and the propagation of
network threats. You can inspect Yahoo! Messenger or MSN Messenger traffic.
Navigation Path
Select Manage > Policy Objects, then select Maps > Policy Maps > Inspect > IM (ASA 7.2+/PIX
7.2+) from the Object Type selector. Right-click inside the work area, then select New Object or
right-click a row and select Edit Object.
Related Topics
Understanding Map Objects, page 6-72
Configuring Protocols and Maps for Inspection, page 17-21
Content Type The content type to evaluate as specified in the content-type header
field. You can select one of the following:
Specified By—A predefined MIME type.
Unknown—The MIME type is not known. Select Unknown when
you want to evaluate the item against all known MIME types.
Violation—The magic number in the body must correspond to the
MIME type in the content-type header field.
Regular Expression, Regular Expression Group—The regular
expression or regular expression group to evaluate. See the
explanation for the Value field for an explanation of these options.
Request Method The specified request method to match. You can select one of the
following:
Specified By—The predefined request method.
Regular Expression, Regular Expression Group—The regular
expression or regular expression group to evaluate. See the
explanation for the Value field for an explanation of these options.
Table17-36 HTTP Class and Policy Maps (ASA 7.2+/PIX 7.2+) Add and Edit Match Condition and
Action Dialog Boxes (Continued)
Element Description