Application Protocol Inspection Overview
Application Protocol Inspection Overview
Performing Application Protocol Inspection
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
3-2
Examples of Application Protocol Inspection Configurations
•
Viewing Application Protocol Inspection Statistics and Service Policy
•
Information
Certain applications require special handling of the data portion of a packet as the
packets pass through the ACE. Application protocol inspection helps to verify the
protocol behavior and identify unwanted or malicious traffic that passes through
the ACE. Based on the specifications of the traffic policy, the ACE accepts or
rejects the packets to ensure the secure use of applications and services.
This section contains the following topics on application protocol inspection:
Performing Application Protocol Inspection
•
Application Inspection Protocol Overview
•
You can configure the ACE to perform application protocol inspection, sometimes
referred to as an application protocol "fixup" for applications that do the
following:
Embed IP addressing information in the data packet including the data
•
payload.
Open secondary channels on dynamically assigned ports.
•
Chapter 3
Configuring Application Protocol Inspection
OL-16202-01