Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
553
Views
0
Helpful
3
Replies

Default HTTP inspection map

mikedelafield
Beginner
Beginner

‎04-06-2014 06:31 PM - edited ‎03-11-2019 09:02 PM

Hi guys.

When configuring Inspect HTTP there is an option to use Default HTTP Inspection Map.

Its used here as an example on the documentation;

From the Select HTTP Inspect Map window, check the radio button next to Use the Default HTTP inspection map. The default HTTP inspection is used in this example. Then, click OK.

However I cannot actually see anywhere what these Default settings are.

For example; it is possible to set varying security levels when configuring manually (low-medium-high) with differing options in each, but what are the security level and specific settings when choosing default?

I cannot find any reference to these.

If anyone can help that would be great.

Thanks.

Mike

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-06-2014 08:01 PM

I'm not sure which reference you're citing, but in ASDM if you go to "Configuration > Firewall > Objects > Inspect Maps > HTTP" and click on "Add" you will see a dialog box with a slider which shows what each level consists of by default. You can further customize by choosing the Details, URI Filtering, etc.

(Very very few people actually use the built-in http inspection and instead use either a 3rd party solution like WebSense URL filtering or a Proxy server like WSA or BlueCoat or else use the ASA CSC module of NGFX CX module with AVC and WSE.)

See the following screenshot for what I wan talking about in my first paragraph:

0 Helpful