Cisco ASA 5505 Configuration Manual page 814
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
HTTP Inspection
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
HTTP Inspect Map
The HTTP Inspect Map dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP
The HTTP pane lets you view previously configured HTTP application inspection maps. An HTTP map
lets you change the default configuration values used for HTTP application inspection.
HTTP application inspection scans HTTP headers and body, and performs various checks on the data.
These checks prevent various HTTP constructs, content types, and tunneling and messaging protocols
from traversing the security appliance.
HTTP application inspection can block tunneled applications and non-ASCII characters in HTTP
requests and responses, preventing malicious content from reaching the web server. Size limiting of
various elements in HTTP request and response headers, URL blocking, and HTTP server header type
spoofing are also supported.
Fields
•
•
•
Cisco ASA 5500 Series Configuration Guide using ASDM
37-30
Response Header Count—Applies the regular expression match to the header of the response
–
with a maximum number of headers.
Greater Than Count—Enter the maximum number of headers.
Response Header Length—Applies the regular expression match to the header of the response
–
with length greater than the bytes specified.
Greater Than Length—Enter a header length value in bytes.
–
Response Header non-ASCII—Matches non-ASCII characters in the header of the response.
Response Status Line—Applies the regular expression match to the status line.
–
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
Security Context
Transparent Single
•
•
HTTP Inspect Maps—Table that lists the defined HTTP inspect maps.
Add—Configures a new HTTP inspect map. To edit an HTTP inspect map, choose the HTTP entry
in the HTTP Inspect Maps table and click Customize.
Delete—Deletes the inspect map selected in the HTTP Inspect Maps table.
Chapter 37
Configuring Inspection of Basic Internet Protocols
Multiple
Context
System
—
•
OL-20339-01
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
