1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Software
  5. 4700M
  6. Configuration manual

Cisco 4700M Configuration Manual page 164

Application control engine appliance security
Hide thumbs Also See for 4700M:
Table of Contents

Advertisement

Configuring a Layer 7 HTTP Deep Inspection Policy
The CLI displays the class map HTTP application protocol inspection
configuration mode. To classify the HTTP application inspection of traffic for
evaluation by the ACE, include one or more of the following commands to
configure the match criteria for the Layer 7 class map:
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
3-40
match-all —(Default) Network traffic needs to satisfy all of the match
criteria (implicit AND) to match the Layer 7 HTTP deep packet
inspection class map. The match-all keyword is applicable only for
match statements of different HTTP deep packet inspection types. For
example, specifying a match-all condition for URL, HTTP header, and
URL content statements in the same class map is valid. However,
specifying a match-all condition for multiple HTTP headers with the
same names or multiple URLs in the same class map is invalid.
match-any—Network traffic needs to satisfy only one of the match
criteria (implicit OR) to match the Layer 7 HTTP deep packet inspection
class map. The match-any keyword is applicable for match statements
of different Layer 7 HTTP deep packet inspection type or multiple
instances of the same type with different names. For example, the ACE
allows you to specify a match-any condition for cookie, HTTP header,
and URL content statements in the same class map, but it does not allow
you to specify a match-any condition for URL length, HTTP header
length, and content length statements in the same class map.
map_name—Name assigned to the class map. Enter an unquoted text string
with no spaces and a maximum of 64 alphanumeric characters.
match content—See the
match content length—See the
for Inspection"
section.
match cookie secondary—See the
Inspection"
section.
match header—See the
match header length—See the
Length for Inspection"
match header mime-type—See the
Messages for Inspection"
match port-misuse—See the
Category"
section.
Chapter 3
Configuring Application Protocol Inspection
"Defining HTTP Content Match Criteria"
"Defining the Length of the HTTP Content
"Defining a Secondary Cookie for HTTP
"Defining an HTTP Header for Inspection"
"Defining the HTTP Maximum Header
section.
"Defining a Header MIME-Type
section.
"Defining an HTTP Traffic Restricted
section.
section.
OL-16202-01

Advertisement

Table of Contents
loading

Related Manuals for Cisco 4700M

Related Products for Cisco 4700M

This manual is also suitable for:

4700 series

Table of Contents