Cisco Systems and the ASA Services Module Manual De Usuario

ciscoasa(config-pmap)# parameters

ciscoasa(config-pmap-p)# mask-banner

ciscoasa(config)# class-map match-all ftp-traffic

ciscoasa(config-cmap)# match port tcp eq ftp

ciscoasa(config)# policy-map ftp-policy

ciscoasa(config-pmap)# class ftp-traffic

ciscoasa(config-pmap-c)# inspect ftp strict mymap

ciscoasa(config)# service-policy ftp-policy interface inside

FTP application inspection generates the following log messages:

An Audit record 303002 is generated for each file that is retrieved or uploaded. 

The FTP command is checked to see if it is RETR or STOR and the retrieve and store commands 
are logged. 

The username is obtained by looking up a table providing the IP address.

The username, source IP address, destination IP address, NAT address, and the file operation are 
logged.

Audit record 201005 is generated if the secondary dynamic channel preparation failed due to 
memory shortage.

In conjunction with NAT, the FTP application inspection translates the IP address within the application 
payload. This is described in detail in RFC 959.

This section describes the HTTP inspection engine. This section includes the following topics:

Use the HTTP inspection engine to protect against specific attacks and other threats that are associated 
with HTTP traffic. HTTP inspection performs several functions:

Enhanced HTTP inspection

URL screening through N2H2 or Websense 

See 

 for information.

Java and ActiveX filtering

The latter two features are configured in conjunction with the filter command. For more information 
about filtering, see