Intrusion Prevention Enhancements
The new service policy rules can actually fall into the category of perimeter protection or intrusion prevention. In the ASA/PIX Security Appliance, intrusion prevention is thought of in two ways:
Signature protection— Protection based on signature matches with an associated action such as drop, alarm, and reset.
Application firewall— Protection based on protocol compliance and optionally user configuration. Protocol compliance stops malicious software that tries to use HTTP as a tunneling protocol to pass other data besides web traffic through your security device. You are also given the option to write your own customer rules to enforce security features such as blocking file attachments and URI size overloading. ...
Get Securing Your Business with Cisco ASA and PIX Firewalls now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.