Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

FWSM Deep Packet inspection

Status
Not open for further replies.

tboneshep

IS-IT--Management
Aug 25, 2008
3
US
Can the FWSM do deep packet inspection? If so, what is the overhead, and how does one configure this, or verify it is being done--Thanks
 
This is performed with Application Layer Gateways.

1. Defining a class-map – This defines the “match” conditions. In other words, this specifies what traffic will be flagged for this security policy.
2. Create a Policy-map – set conditions, send to IPS, set priority, etc. In other words, specify what the firewall will do with the “matched” traffic.
3. Modify the service map- (optional) This changes the default inspections performed on the specified service. For example, this is where you would change the default http header length. You can also specify the ftp commands that can be ran.
4. Specify a service-policy – This binds a policy map to an interface.


IT Security news and information
In plain English
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top