Configuring Tcp Normalization - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Preventing Network Attacks
This chapter describes how to prevent network attacks by configuring TCP normalization, limiting TCP
and UDP connections, and many other protection features.
This chapter includes the following sections:
•
•
•
•
•
•
Configuring TCP Normalization
The TCP normalization feature lets you specify criteria that identify abnormal packets, which the
security appliance drops when they are detected. This feature uses Modular Policy Framework, so that
implementing TCP normalization consists of identifying traffic, specifying the TCP normalization
criteria, and activating TCP normalization on an interface. See
Framework,"
To configure TCP normalization, perform the following steps:
Step 1
To specify the TCP normalization criteria that you want to look for, create a TCP map by entering the
following command:
hostname(config)# tcp-map tcp-map-name
For each TCP map, you can specify one or more settings.
Step 2
Configure the TCP map criteria by entering commands for one or more of the following options:
•
•
OL-10088-01
Configuring TCP Normalization, page 23-1
Configuring Connection Limits and Timeouts, page 23-4
Preventing IP Spoofing, page 23-5
Configuring the Fragment Size, page 23-6
Blocking Unwanted Connections, page 23-6
Configuring IP Audit for Basic IPS Support, page 23-7
for more information.
Prevent inconsistent TCP retransmissions:
hostname(config-tcp-map)# check-retransmission
Verify the checksum:
hostname(config-tcp-map)# checksum-verification
C H A P T E R
Chapter 21, "Using Modular Policy
Cisco Security Appliance Command Line Configuration Guide
23
23-1
Advertisement
Table of Contents
Troubleshooting
