Solved: Re: AIC HTTP request method category

fernando.vs · ‎10-27-2010

Hi,

I'm working on my IPS exam for CCSP certification, i have a doubt about the difference between "define request method" and " reconized request method" withing the AIC http method category, what i can understand define request method is used to define policies with signatures that include a single HTTP method, however i can't think on how reconized request method signatures can be used, i have noticed that you can define several methods in one signature, so i might think that is the same signature but applied to several methods at same time. It looks the same with MIME type, that also includes "define content type" and "reconigzed content type". I will appreciate if someone can give me some explanation or an example about these options.

thanks all for your replies.

Christopher Dreier · ‎11-06-2010

Hello Fernando,

Your understanding is correct. recognized-request-methods are those methods recognized by the sensor. Using this selection makes it easy to include every method that the sensor understands.

Take a look at signature 12676/0 for an example of how recognized-request-methods is used and signatures 12677/0 - 12712/0 for examples of define-request-method is used.

Thank you,

Blayne Dreier

Cisco TAC Escalation Team

**Please check out our Podcasts**

TAC Security Show: http://www.cisco.com/go/tacsecuritypodcast

TAC IPS Media Series: https://supportforums.cisco.com/community/netpro/security/intrusion-prevention?view=tags&tags=tac_ips_media_series

View solution in original post

Christopher Dreier · ‎11-06-2010