Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5505 Botnet Traffic Filter


We just received the "Botnet Traffic Filter" license for the ASA 5505.

The problem we have is that we cannot create a auto-drop rule.

Step 4

(Optional) To automatically drop malware traffic, perform the following steps.

To manually drop traffic, see the "Blocking Botnet Traffic Manually" section.

a. In the Blacklisted Traffic Actions area, click Add.

The Add Blacklisted Traffic Action dialog box appears.

b. From the Interface drop-down list, choose the interface on which you want to drop traffic. Only interfaces on which you enabled Botnet Traffic Filter traffic classification are available.

c. In the Threat Level area, choose one of the following options to drop traffic specific threat levels. The default level is a range between Moderate and Very High.

The only option under White/Blacklist is manually add IP adresses for White/Blacklist.

There's no other Blacklist section.

How can we drop the Botnet traffic automatically? We don't want to drop it manually.

Kind Regards,


CreatePlease to create content