I modified the default inspections of esmtp and dns as follows: for ESMTP, added parameters mask-banner and mail-relay CISCO.COM ,
for DNS, added parameters id-randomization and protocol-enforcement, interestingly, when i added them to the class default under global_policy , doing a show run , reveals that some commands are missing ? for eg. for esmtp under its policy inspect parameter setting i do NOT see mask-banner keyword that i put, and also for dns under its policy inspect parameter i do NOT see protocol-enforcement keyword! Well, i didnt get any error so far and commands were accepted does it mean, i have done the question correct ,since i cannot test it in the lab , or else kindly let me know any method to test it or verify the commands that i put was correctly inplace !
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
