topic Re: application level checks on 1811 in Network Security

application level checks on 1811

suthomas1 — Mon, 11 Mar 2019 19:13:51 GMT

We have a remote 1811 router which has zone based in it. We want to check if zone based configuring is doing any check on applications & if so, which all applications.

is there any command to identify that.

TIA

Re: application level checks on 1811

Jitendriya Athavale — Wed, 24 Nov 2010 13:23:26 GMT

zone based firewall is cable of doing l7 inspection. it is capable of lot things , but do youhave any specific thing in mind that you are looking for

if it is ok you might want to paste

show run class-map

show run policy-map

show zone-pair security

so that we can check it and inform what your zone based firewall is configured for

Re: application level checks on 1811

suthomas1 — Thu, 25 Nov 2010 06:47:05 GMT

thanks. unfortunately that device cant be accessed by me.But i have been told that it has only statements for allowing traffic from certain zones to others.

i was looking to see if there is any ftp or so application inspection on it.

but the site people tell me they dont find anything in the configurations about ftp.

So will that mean it is not doing any level 4 -7 inspection.

TIA

Re: application level checks on 1811

Jitendriya Athavale — Thu, 25 Nov 2010 08:58:28 GMT

if you have any inspect rules for ftp traffic, then ftp inspection is happening

Re: application level checks on 1811

suthomas1 — Thu, 25 Nov 2010 12:13:34 GMT

thanks.

similarly, on an asa, due to some previous problems, smtp inspection was turned off.

but in the configuration, following was seen :

policy-map type inspect esmtp smtp_map

parameters

as the smtp inspection was already not being inspected. will the above smtp_map work or take active role & cause inspection for smtp.

service-policy does not show any smtp inspection.

is this a normal way to see this even after smtp has been turned off.

TIA