Chapter 37
Configuring Inspection of Basic Internet Protocols
•
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
URI Filtering
The URI Filtering dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP > URI Filtering
The URI Filtering dialog box lets you configure the settings for an URI filter.
Fields
•
OL-20339-01
Security Level—Select the security level (low, medium, or high).
Low—Default.
–
Protocol violation action: Drop connection
Drop connections for unsafe methods: Disabled
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
Medium
–
Protocol violation action: Drop connection
Drop connections for unsafe methods: Allow only GET, HEAD, and POST
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
–
High
Protocol violation action: Drop connection and log
Drop connections for unsafe methods: Allow only GET and HEAD.
Drop connections for requests with non-ASCII headers: Enabled
URI filtering: Not configured
Advanced inspections: Not configured
URI Filtering—Opens the URI Filtering dialog box to configure URI filters.
–
Customize—Opens the Edit HTTP Policy Map dialog box for additional settings.
–
Default Level—Sets the security level back to the default level of Medium.
–
Security Context
Transparent Single
•
•
Match Type—Shows the match type, which can be a positive or negative match.
Multiple
Context
System
—
•
Cisco ASA 5500 Series Configuration Guide using ASDM
HTTP Inspection
37-31