Configuring a Layer 7 SCCP Inspection Policy
Configuring a Layer 7 SCCP Inspection Policy
Note
Creating a Layer 7 SCCP Inspection Policy Map
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
3-70
This section describes how to configure a Layer 7 SCCP inspection policy map.
Throughout the CLI, SCCP is referred to as "skinny." A Layer 7 class map is not
required for this feature. The ACE uses the SCCP inspection policy to filter traffic
based on the message ID and to perform user-configurable actions on that traffic.
You can associate a maximum of 1024 instances of the same type of regular
expression (regex) with a a Layer 4 policy map. This limit applies to all Layer 7
policy-map types, including generic, HTTP, RADIUS, RDP, RTSP, and SIP. You
configure regexes in the following:
Match statements in Layer 7 class maps
•
Inline match statements in Layer 7 policy maps
•
Layer 7 hash predictors for server farms
•
Layer 7 sticky expressions in sticky groups
•
Header insertion and rewrite (including SSL URL rewrite) expressions in
•
Layer 7 action lists
This section contains the following topics:
Creating a Layer 7 SCCP Inspection Policy Map
•
Adding a Description to the Layer 7 SCCP Inspection Policy Map
•
Including an Inline Match Statement in a Layer 7 SCCP Inspection Policy
•
Map
Specifying the Layer 7 SCCP Inspection Policy Map Action
•
You can create a Layer 7 SCCP inspection policy map by using the policy-map
type inspect skinny command in configuration mode. The syntax of this
command is as follows:
policy-map type inspect skinny name
Chapter 3
Configuring Application Protocol Inspection
OL-16202-01