Botnet Traffic Filter not Blocking Traffic

Answered Question
Nov 19th, 2009

Hello,

I recently purchased the botnet traffic filter license.  I got the PAK key, installed the license and restarted the ASA.

I have verified that the database has been updated by issuing the command 'sh dynamic-filter updater-client' through the CLI.

My question is though when I have tried to test visiting a website that is within the botnet database, the ASA allows me to visit the site.  What am I missing? Why isn't the ASA blocking traffic to these sites?

-- Phil

I have this problem too.
0 votes
Correct Answer by Panos Kampanakis about 7 years 1 week ago

Phil,

You are right, the botnet feature will not block. For now it will only monitor and alert but not block.

This is something that will be implemented in the future probably.

Currently it only notifies you and you can look at the host at fault.

I hope it helps.

PK

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Panos Kampanakis Mon, 11/23/2009 - 15:07

Phil,

You are right, the botnet feature will not block. For now it will only monitor and alert but not block.

This is something that will be implemented in the future probably.

Currently it only notifies you and you can look at the host at fault.

I hope it helps.

PK

Actions

This Discussion