Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
357
Views
10
Helpful
2
Replies

PIX 7.0 - How do I block MS instant messenger

rod.blackie
Level 1
Level 1

‎05-19-2005 11:51 PM - edited ‎02-21-2020 12:09 AM

I need to know how to block MS instant messenger with the new PIX 7.0 software.

Can anyone help ?

Thanks.

Rod

0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎05-22-2005 06:22 PM

You can read about advanced HTTP inspection here:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_70/config/inspect.htm#wp1202503

We can only stop this if the IM program tries to use port 80 to get out. I also believe that this inspection currently only covers Yahoo and AOL IM's, but more will be coming soon. Also, this level of HTTP inspection is going to put a greater load on your PIX since it now needs to look into every HTTP packet to see exactly what it is, if you have a lot of HTTP traffic going through this device then you will need to monitor both CPU on the device and response times for normal web traffic to make sure it doesn't have adverse effects.

Having said all that, you first need to create a class map as such:

class-map http_port

   match port tcp eq 80

   exit

Then create a HTTP inspection map:

http-map outbound_http

   port-misuse im action drop

   port-misuse default action allow

   exit

Then create a policy map to tie the two together:

policy-map outbound_policy

   class http-port

   inspect http outbound_http

   exit

   exit

Then finally attach that policy map to an interface:

service-policy outbound_policy interface inside

rod.blackie
Level 1
Level 1
In response to gfullage

‎05-23-2005 12:01 AM

Thank you very much - most helpful.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card