Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

application classification on PIX ver 7.0

As per info availiable, PIX ver 7.0 is able to to application inspection.

Is there an equivalent command to ip nbar protocol-discovery on the pix os ver 7.0 ?

In my present scenario I am using this command on my router interface which is connected to ISP (Internet). In the future the ISP will be changed and there will be no access to the internet router (will be controlled by ISP), the connection from the router will be terminated at the pix outside interface .

present scenario

inside network --> pix -->router -->isp

future scenario

inside network-->pix -->isp

Regards

Vijay Sequeira

2 REPLIES
New Member

Re: application classification on PIX ver 7.0

"show service-policy global" is about as good as it gets.

Of course you can setup other service policies and different class-maps to inspect different protocols. It's not as nice as NBAR, but it may do the trick depending on what you're looking for

New Member

Re: application classification on PIX ver 7.0

We are currently using Nbar templates in Cacti(network graphing solution) to find out the percentage of different traffic(ftp, http etc) in the internet link.For NBAR to work we only need to enable the "ip nbar protocol discovery" on the relevant interface and the nbar queries and templates do the rest.

When we change from the current ISP to the other we will not have access to the ISP device located at our premises, The link from the device will be terminated at our fw public interface.

Regards

Vijay Sequeira

142
Views
0
Helpful
2
Replies
CreatePlease login to create content