ASA: Block / Allow IM by Username

Document

Fri, 05/11/2012 - 03:08
May 11th, 2012

Introduction

The purpose of this document is to provide you an example of how to block all IM usernames except 1, using the modular policy framework on ASA.

Problem Description

We are faced with a challenge of blocking all the IM communication from the network except for a few users, based on their username.

Solution

The following example considers that you have a fair understanding of configuring modular policy framework on the ASA. Please enter the following configurations to block all the usernames on the IM except "[email protected]".

This section creates a regex entries for the allowed user.

regex user1 "[email protected]"

This section creates a class map to match the regex created earlier.

class-map type regex match-any allowed-senders

match regex user1

This section creates an inspection policy map for IM.

policy-map type inspect im filter-senders

parameters

match not login-name regex class allowed-senders

reset log

This section applies the previous inspection policy to the global policy for all traffic.

policy-map global_policy

class inspection_default

  inspect im filter-senders

This section applies the global policy to the service policy.

service-policy global_policy global

References

To learn more about modular policy framework on ASA please refer to

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/inspect.html#wp1479354

Loading.

Actions

This Document

Related Content