Cisco ASA Series Cli Configuration Manual page 71
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Introduction to the Cisco ASA
Table 1-5
New Features for ASA Version 9.0(1)/ASDM Version 7.0(1) (continued)
Feature
Cisco Cloud Web Security (ScanSafe)
Extended ACL and object enhancement to
filter ICMP traffic by ICMP code
Unified communications support on the
ASASM
NAT support for reverse DNS lookups
Description
Cisco Cloud Web Security provides content scanning and other malware
protection service for web traffic. It can also redirect and report about web
traffic based on user identity.
Note
Clientless SSL VPN is not supported with Cloud Web Security; be sure
to exempt any clientless SSL VPN traffic from the ASA service policy
for Cloud Web Security.
We introduced or modified the following commands: class-map type inspect
scansafe, default user group, http[s] (parameters), inspect scansafe, license,
match user group, policy-map type inspect scansafe, retry-count, scansafe,
scansafe general-options, server {primary | backup}, show conn scansafe,
show scansafe server, show scansafe statistics, user-identity monitor,
whitelist.
We introduced or modified the following screens:
Configuration > Device Management > Cloud Web Security
Configuration > Firewall > Objects > Class Maps > Cloud Web Security
Configuration > Firewall > Objects > Class Maps > Cloud Web Security >
Add/Edit
Configuration > Firewall > Objects > Inspect Maps > Cloud Web Security
Configuration > Firewall > Objects > Inspect Maps > Cloud Web Security >
Add/Edit
Configuration > Firewall > Objects > Inspect Maps > Cloud Web Security >
Add/Edit > Manage Cloud Web Security Class Maps
Configuration > Firewall > Identity Options
Configuration > Firewall > Service Policy Rules
Monitoring > Properties > Cloud Web Security
ICMP traffic can now be permitted/denied based on ICMP code.
We introduced or modified the following commands: access-list extended,
service-object, service.
We introduced or modified the following screens:
Configuration > Firewall > Objects > Service Objects/Groups
Configuration > Firewall > Access Rule
The ASASM now supports all Unified Communications features.
NAT now supports translation of the DNS PTR record for reverse DNS lookups
when using IPv4 NAT, IPv6 NAT, and NAT64 with DNS inspection enabled for
the NAT rule.
Cisco ASA Series CLI Configuration Guide
New Features
1-9
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
