07-10-2013 09:43 AM - edited 03-11-2019 07:10 PM
Hi Everyone,
I was reading this from cisco live--
Configuring layer 7 inspection
1.Create a Layer 7 class map to identify traffic by matching criteria specific to applications:
2.Create a Layer 7 policy map to defend against Application Layer attacks by referencing a Layer 7 class-map and applying an action
3.Create a Layer 3/4 policy map to associate traffic defined in a Layer 3/4 class map and reference the Layer 7 policy map:???
I understand lines 1 and 2 but need to know what does line 3 mean?Need explanation on that?
Regards
Mahesh
Solved! Go to Solution.
07-10-2013 10:14 AM
Hello,
Example:
class-map L3_Class
match access-list L3_ACL
class-map type inspect http match-all BlockDomainsClass
match request header host regex class DomainBlockList
policy-map type inspect http http_inspection_policy
class BlockDomainsClass
reset log
policy-map inside-policy ---------------------{ L3 Policy-map }
class L3_Class ---------------------------------{ L3 Classs-map }
inspect http http_inspection_policy-----{ L7 policy-map }
I hope this helps.
Regards,
Felipe.
07-10-2013 12:23 PM
Mahesh,
After the L7 policy-map has been created, this is how you can apply it.
Regards,
Felipe.
07-10-2013 10:14 AM
Hello,
Example:
class-map L3_Class
match access-list L3_ACL
class-map type inspect http match-all BlockDomainsClass
match request header host regex class DomainBlockList
policy-map type inspect http http_inspection_policy
class BlockDomainsClass
reset log
policy-map inside-policy ---------------------{ L3 Policy-map }
class L3_Class ---------------------------------{ L3 Classs-map }
inspect http http_inspection_policy-----{ L7 policy-map }
I hope this helps.
Regards,
Felipe.
07-10-2013 10:41 AM
Hi Felipe,
Ya that helped a lot.Can you please tell the reason why we need to do step 3?
Regards
Mahesh
07-10-2013 12:23 PM
Mahesh,
After the L7 policy-map has been created, this is how you can apply it.
Regards,
Felipe.
07-10-2013 01:21 PM
Hi Felipe,
Thanks for answering.
Regards
Mahesh
07-10-2013 01:31 PM
Mahesh,
You're welcome, I'm glad to be of help.
Regards,
Felipe.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide