17-77
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
Configuring SIP Maps
Use the Add and Edit SIP Map dialog boxes to configure values used for SIP application inspection. A
SIP inspection map lets you change the default configuration values used for SIP application inspection.
SIP is a widely used protocol for Internet conferencing, telephony, presence, events notification, and
instant messaging. Partially because of its text-based nature and partially because of its flexibility, SIP
networks are subject to a large number of security threats.
SIP application inspection provides address translation in message header and body, dynamic opening
of ports and basic sanity checks. It also supports application security and protocol conformance, which
enforce the sanity of the SIP messages, as well as detect SIP-based attacks.
Navigation Path
Select Manage > Policy Objects, then select Maps > Policy Maps > Inspect > SIP (ASA/PIX/FWSM)
from the Object Type selector. Right-click inside the work area, then select New Object or right-click a
row and select Edit Object.
Related Topics
Understanding Map Objects, page 6-72
Configuring Protocols and Maps for Inspection, page 17-21
Configuring Class Maps for Inspection Policies, page 17-26
Category Allows you to select Cat-A through Cat-G.
This is the category assigned to the object. Categories help you
organize and identify rules and objects. See Using Category Objects,
page 6-12.
Allow Value Override per
Device
Overrides
Edit button
Whether to allow the object definition to be changed at the device level.
For more information, see Allowing a Policy Object to Be Overridden,
page 6-18 and Understanding Policy Object Overrides for Individual
Devices, page 6-17.
If you allow device overrides, you can click the Edit button to create,
edit, and view the overrides. The Overrides field indicates the number
of devices that have overrides for this object.
Match Condition and Action tab only
Class The name of the class map
Action Allows you to select the action you want to take when policy violations
occur
+ [the "add" button] Opens the Add Match Condition and Action dialog box. This dialog
box has the following fields:
Match Type
Class Map
Action
Table17-45 ScanSafe Add Match Condition and Action Dialog Box (Continued)
Element Description
Parameters