EasyManuals Logo
Home>Cisco>Firewall>FirePOWER ASA 5500 series

Cisco FirePOWER ASA 5500 series User Manual

Cisco FirePOWER ASA 5500 series
989 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #461 background imageLoading...
Page #461 background image
25-43
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 25 Configuring Application Layer Protocol Inspection
HTTP Inspection
The second LCN of 259 has a foreign RTP IP address/port pair of 172.30.254.203/49606 and an RTCP
IP address/port pair of 172.30.254.203/49607 with a local RTP IP address/port pair of
10.130.56.3/49606 and RTCP port of 49607.
Monitoring H.323 RAS Sessions
The show h323-ras command displays information for H.323 RAS sessions established across the
security appliance between a gatekeeper and its H.323 endpoint. Along with the debug h323 ras event
and show local-host commands, this command is used for troubleshooting H.323 RAS inspection engine
issues.
The show h323-ras command displays connection information for troubleshooting H.323 inspection
engine issues. The following is sample output from the show h323-ras command:
hostname# show h323-ras
Total: 1
GK Caller
172.30.254.214 10.130.56.14
This output shows that there is one active registration between the gatekeeper 172.30.254.214 and its
client 10.130.56.14.
HTTP Inspection
This section describes the HTTP inspection engine. This section includes the following topics:
HTTP Inspection Overview, page 25-43
Configuring an HTTP Inspection Policy Map for Additional Inspection Control, page 25-44
HTTP Inspection Overview
Use the HTTP inspection engine to protect against specific attacks and other threats that may be
associated with HTTP traffic. HTTP inspection performs several functions:
Enhanced HTTP inspection
URL screening through N2H2 or Websense
Java and ActiveX filtering
The latter two features are configured in conjunction with the filter command. For more information
about filtering, see Chapter 20, “Applying Filtering Services.”
Note The no inspect http command also disables the filter url command.
The enhanced HTTP inspection feature, which is also known as an application firewall and is available
when you configure an HTTP map (see “Configuring an HTTP Inspection Policy Map for Additional
Inspection Control”), can help prevent attackers from using HTTP messages for circumventing network
security policy. It verifies the following for all HTTP messages:
Conformance to RFC 2616
Use of RFC-defined methods only.
Compliance with the additional criteria.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco FirePOWER ASA 5500 series and is the answer not in the manual?

Cisco FirePOWER ASA 5500 series Specifications

General IconGeneral
BrandCisco
ModelFirePOWER ASA 5500 series
CategoryFirewall
LanguageEnglish

Related product manuals