1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Software
  5. 4700M
  6. Configuration manual

Configuring An Ftp Inspection Class Map; Creating An Ftp Inspection Class Map; Adding A Layer 7 Ftp Inspection Class Map Description; Defining Ftp Match Request Methods - Cisco 4700M Configuration Manual

Application control engine appliance security
Hide thumbs Also See for 4700M:
Table of Contents

Advertisement

Chapter 3
Configuring Application Protocol Inspection

Configuring an FTP Inspection Class Map

Creating an FTP Inspection Class Map

OL-16202-01
This section contains the following topics:
Creating an FTP Inspection Class Map

Adding a Layer 7 FTP Inspection Class Map Description

Defining FTP Match Request Methods

You can define a class map to be used for the inspection of FTP request commands
by using the class-map type ftp inspect command in configuration mode.
The syntax of this command is as follows:
class-map type ftp inspect match-any map_name
The keywords and arguments are as follows:
match-any—Determines how the ACE inspects FTP request commands
when multiple match criteria exist in a class map. Only one of the match
criteria listed in the class map is satisfied to match the FTP command
inspection class in the class map.
map_name—Name assigned to the class map. Enter an unquoted text string
with no spaces and a maximum of 64 alphanumeric characters. The class
name is used for both the class map and to configure policy for the class in
the policy map.
The CLI displays the class map FTP command inspection configuration mode. To
classify the FTP request commands for inspection by the ACE, include one or
more of the match request-method commands to configure the match criteria for
the Layer 7 class map. See the
For example, to specify FTP_INSPECT_L7CLASS as the name of a class map
and identify that at least one FTP inspection command in the class map must be
satisfied for the ACE to indicate a match, enter:
host1/Admin(config)# class-map type ftp inspect match-any
FTP_INSPECT_L7CLASS
host1/Admin(config-cmap-ftp-insp)# match request-method cdup
host1/Admin(config-cmap-ftp-insp)# match request-method mkdir
host1/Admin(config-cmap-ftp-insp)# match request-method get
host1/Admin(config-cmap-ftp-insp)# match request-method put
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
Configuring a Layer 7 FTP Command Inspection Policy
"Defining FTP Match Request Methods"
section.
3-31

Advertisement

Table of Contents
loading

Related Manuals for Cisco 4700M

Related Content for Cisco 4700M

This manual is also suitable for:

4700 series

Table of Contents