Botnet Traffic Filter not Blocking Traffic

Answered Question
Nov 19th, 2009
User Badges:

Hello,


I recently purchased the botnet traffic filter license.  I got the PAK key, installed the license and restarted the ASA.


I have verified that the database has been updated by issuing the command 'sh dynamic-filter updater-client' through the CLI.


My question is though when I have tried to test visiting a website that is within the botnet database, the ASA allows me to visit the site.  What am I missing? Why isn't the ASA blocking traffic to these sites?


-- Phil

Correct Answer by Panos Kampanakis about 7 years 7 months ago

Phil,


You are right, the botnet feature will not block. For now it will only monitor and alert but not block.

This is something that will be implemented in the future probably.

Currently it only notifies you and you can look at the host at fault.


I hope it helps.


PK

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Panos Kampanakis Mon, 11/23/2009 - 15:07
User Badges:
  • Cisco Employee,

Phil,


You are right, the botnet feature will not block. For now it will only monitor and alert but not block.

This is something that will be implemented in the future probably.

Currently it only notifies you and you can look at the host at fault.


I hope it helps.


PK

Actions

This Discussion