I've never really understood the ASA inspection policy. I've copied the default one below:
class-map inspection_default match default-inspection-traffic policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect ip-options inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp service-policy global_policy global
I don't understand what it is actually doing. The Cisco docs just say "Inspections—Contains a static, predefined set of application-level inspection functions". This literally doesn't mean anything to me. So that people don't go off topic and talk about what you can do with inspection policies, qos etc, I want someone to explain to me what the default inspection policy is doing here for tftp, for example.
No comments:
Post a Comment