Cisco ASA 5505 Configuration Manual page 808

HTTP Inspection
•
•
•
•
HTTP Inspection Overview
Use the HTTP inspection engine to protect against specific attacks and other threats that may be
associated with HTTP traffic. HTTP inspection performs several functions:
•
•
•
The latter two features are configured in conjunction with Filter rules.
The enhanced HTTP inspection feature, which is also known as an application firewall and is available
when you configure an HTTP map, can help prevent attackers from using HTTP messages for
circumventing network security policy. It verifies the following for all HTTP messages:
•
•
•
Select HTTP Map
The Select HTTP Map dialog box is accessible as follows:
Add/Edit Service Policy Rule Wizard > Rule Actions > Protocol Inspection Tab >
Select HTTP Map
The Select HTTP Map dialog box lets you select or create a new HTTP map. An HTTP map lets you
change the configuration values used for HTTP application inspection. The Select HTTP Map table
provides a list of previously configured maps that you can select for application inspection.
Fields
•
•
•
Modes
The following table shows the modes in which this feature is available:
Cisco ASA 5500 Series Configuration Guide using ASDM
37-24
"URI Filtering" section on page 37-31
"Add/Edit HTTP Policy Map (Security Level)" section on page 37-32
"Add/Edit HTTP Policy Map (Details)" section on page 37-33
"Add/Edit HTTP Map" section on page 37-34
Enhanced HTTP inspection
URL screening through N2H2 or Websense
Java and ActiveX filtering
Conformance to RFC 2616
Use of RFC-defined methods only.
Compliance with the additional criteria.
Use the default HTTP inspection map—Specifies to use the default HTTP map.
Select an HTTP map for fine control over inspection—Lets you select a defined application
inspection map or add a new one.
Add—Opens the Add Policy Map dialog box for the inspection.
Chapter 37 Configuring Inspection of Basic Internet Protocols
OL-20339-01