When we are using Cisco IOS firewall on ISR we can enable generic ip inspection as tcp or udp. When this is done why is it necessary to inspect application protocols like say telnet,http, Kazza_Version2 etc. as all these protocols are tcp (protocol number 5) which we are inspecting. Why is it necessary to inspect ports for say 23,or 80 or SMTP 25?
Please share the experience.
Any explanation on cisco.com or on any other URL is highly appereciable.
If you enable generic inspection (TCP or UDP), then there isn't a point in also having granular protocol inspection for the same base protocol (TCP/UDP). The purpose of granular protocol inspection is to be more restrictive than generic.
From config guide:
"The Cisco IOS Firewall performs inspections for TCP and UDP traffic. For example, TCP inspections include Telnet traffic (port 23, by default) as well as all other applications on TCP such as Hypertext Transfer Protocol (HTTP), e-mail, instant message (IM) chatter, and so on. Therefore, there is no easy way to inspect Telnet traffic alone and deny all other TCP traffic.
The Granular Protocol Inspection feature allows you to specify TCP or UDP ports using the PAM table. As a result, the Cisco IOS Firewall can restrict traffic inspections to specific applications, thereby permitting a higher degree of granularity in selecting which protocols are to be permitted and denied as shown in Figure 32. "
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...