Cisco ASA 5505 Configuration Manual page 1083
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Chapter 50
Configuring the Botnet Traffic Filter
Figure 50-2
Figure 50-2
Infected
Host
Licensing Requirements for the Botnet Traffic Filter
The following table shows the licensing requirements for this feature:
Model
License Requirement
All models
You need the following licenses:
•
•
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Firewall Mode Guidelines
Supported in routed and transparent firewall mode.
Failover Guidelines
Does not support replication of the DNS reverse lookup cache, DNS host cache, or the dynamic database
in Stateful Failover.
OL-20339-01
shows how the Botnet Traffic Filter works with the static database.
How the Botnet Traffic Filter Works with the Static Database
Host Cache
3a. Match?
Connection to:
3
209.165.201.3
Syslog Server
Botnet Traffic Filter License.
Strong Encryption (3DES/AES) License to download the dynamic database.
Security Appliance
Static
DNS
Database
2a. Add
1a. DNS Request:
bad.example.com
Botnet Traffic
Filter
3b. Send
Syslog Message/Drop Traffic
Cisco ASA 5500 Series Configuration Guide using ASDM
Licensing Requirements for the Botnet Traffic Filter
Add entry:
1
bad.example.com
DNS Server
Internet
Malware Home Site
209.165.201.3
DNS Reply:
2
209.165.201.3
50-5
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
