Installation guide

ManualsBrandsCisco ManualsComputer equipmentExplorer 4700

491

492

493

494

495

496

497

498

499

500

12-76

Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance

OL-26645-02

Chapter 12 Configuring Traffic Policies

Configuring Rules and Actions for Policy Maps

Header MIME Type Multipurpose Internet Mail Extension (MIME) message types are used for application inspection

decisions.

In the Header MIME Type field, select the MIME message type to be used for this match

condition.

Port Misuse The misuse of port 80 (or any other port running HTTP) is used for application inspection

decisions.

Indicate the application category to be used for this match condition:

• IM—Indicates that instant messaging applications are to be used for this match condition.

• P2P—Indicates that peer-to-peer applications are to be used for this match condition.

• Tunneling—Indicates that tunneling applications are to be used for this match condition.

Request Method The request method is used for application inspection decisions.

By default, ACE appliances allow all request and extension methods. This option allows you to

configure class maps that define application inspection decisions based on compliance to request

methods defined in RFC 2616 and by HTTP extension methods.

1. In the Request Method Type field, select the type of compliance to be used for application

inspection decision:

–

Ext—Indicates that an HTTP extension method is to be used for application inspection

decisions.

–

RFC—Indicates that a request method defined in RFC 2616 is to be used for application

inspection decisions.

Depending on your selection, the Ext Request Method field or the RFC Request Method field

appears.

2. In the Request Method field, select the specific request method to be used.

Strict HTTP Internal compliance checks are performed to verify that a message is compliant with the HTTP

RFC standard, RFC 2616. If the HTTP message is not compliant, the ACE appliance performs the

specified Layer 7 policy map action.

Note Strict HTTP is only available an inline match condition. Because this Layer 7 HTTP deep

inspection match criteria cannot be combined with other match criteria, it appears as an

inline match condition.

Table 12-30 HTTP Deep Packet Inspection Match Types (continued)

Match Condition Type Description