Introduction
The purpose of this document is to provide you an example of how to block all IM usernames except 1, using the modular policy framework on ASA.
Problem Description
We are faced with a challenge of blocking all the IM communication from the network except for a few users, based on their username.
Solution
The following example considers that you have a fair understanding of configuring modular policy framework on the ASA. Please enter the following configurations to block all the usernames on the IM except "abc@yahoo.com".
This section creates a regex entries for the allowed user.
regex user1 "abc@yahoo.com"
This section creates a class map to match the regex created earlier.
class-map type regex match-any allowed-senders
match regex user1
This section creates an inspection policy map for IM.
policy-map type inspect im filter-senders
parameters
match not login-name regex class allowed-senders
reset log
This section applies the previous inspection policy to the global policy for all traffic.
policy-map global_policy
class inspection_default
inspect im filter-senders
This section applies the global policy to the service policy.
service-policy global_policy global
References
To learn more about modular policy framework on ASA please refer to
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/inspect.html#wp1479354