Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
439
Views
0
Helpful
3
Replies

CSS11000 - NIMDA filters

leonel
Level 1
Level 1

‎10-03-2002 05:29 PM

I have created appropriate filters (according to Cisco's Document) that filter the NIMDA virus. Although it works for REQUESTS that come to IPs that haven't got a Content Rule defined it DOES NOT work for IPs that have a CONTENT RULE associated with it. WHY?

Any help will be appreciated.

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎10-07-2002 03:48 AM

because for any routing device, they prefer to use the most specific information.

So, you need another content rule to block nimda virus for each ip which already have their own content rule.

0 Helpful

leonel
Level 1
Level 1
In response to Gilles Dufour

‎10-07-2002 02:38 PM

Can you be more specific .... perhaps you could show us a quick content rule config that applies to the above-mentioned scenario ...

Thanking you in advance,

Leonel

0 Helpful

acarcoba
Level 1
Level 1

‎10-07-2002 08:15 AM

I had the same problem, what we did was to use a filter on the internet router using policies. I tried with 3 different versions of Operating System on the CSS and it did not work. I think there is something missing on the document or something that has to be known before applying the filters.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents