EasyManuals Logo
Home>Cisco>Network Hardware>ASA Series

Cisco ASA Series User Manual

Cisco ASA Series
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1407 background imageLoading...
Page #1407 background image
CHAPTER
1-1
Cisco ASA Series CLI Configuration Guide
1
Configuring the Botnet Traffic Filter
Malware is malicious software that is installed on an unknowing host. Malware that attempts network
activity such as sending private data (passwords, credit card numbers, key strokes, or proprietary data)
can be detected by the Botnet Traffic Filter when the malware starts a connection to a known bad IP
address. The Botnet Traffic Filter checks incoming and outgoing connections against a dynamic database
of known bad domain names and IP addresses (the blacklist), and then logs or blocks any suspicious
activity.
You can also supplement the Cisco dynamic database with blacklisted addresses of your choosing by
adding them to a static blacklist; if the dynamic database includes blacklisted addresses that you think
should not be blacklisted, you can manually enter them into a static whitelist. Whitelisted addresses still
generate syslog messages, but because you are only targeting blacklist syslog messages, they are
informational.
Note If you do not want to use the Cisco dynamic database at all, because of internal requirements, you can
use the static blacklist alone if you can identify all the malware sites that you want to target.
This chapter describes how to configure the Botnet Traffic Filter and includes the following sections:
• Information About the Botnet Traffic Filter, page 1-1
• Licensing Requirements for the Botnet Traffic Filter, page 1-6
• Prerequisites for the Botnet Traffic Filter, page 1-6
• Guidelines and Limitations, page 1-6
• Default Settings, page 1-6
• Configuring the Botnet Traffic Filter, page 1-7
• Monitoring the Botnet Traffic Filter, page 1-17
• Configuration Examples for the Botnet Traffic Filter, page 1-19
• Where to Go Next, page 1-21
• Feature History for the Botnet Traffic Filter, page 1-22
Information About the Botnet Traffic Filter
This section includes information about the Botnet Traffic Filter and includes the following topics:
• Botnet Traffic Filter Address Types, page 1-2

Table of Contents

Other manuals for Cisco ASA Series

Preview: Configuration Guide
Configuration Guide428 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
BrandCisco
ModelASA Series
CategoryNetwork Hardware
LanguageEnglish

Related product manuals