Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

19-9

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 19 Managing Firewall Botnet Traffic Filter Rules

Botnet Traffic Filter Rules Page

• To specify the traffic that you want to monitor, click Select to the right of the ACL field to select

an Access Control List object that identifies the traffic that you want to monitor. For example,

you might want to monitor all port 80 traffic on the outside interface. For more information

about Access Control List objects, see Creating Access Control List Objects, page 6-49.

d. In the Threat Level area, choose one of the following options to drop traffic specific threat levels.

The default level is a range between Moderate and Very High.

Note We highly recommend using the default setting unless you have strong reasons for changing

the setting.

• Value—Specify the threat level you want to drop.

• Range—Specify a range of threat levels.

Note Static blacklist entries are always designated with a Very High threat level.

e. Click OK.

The BTF Drop Rules Editor closes and the rule is added to the Drop Rules table.

Step 4 To add more rules, repeat steps 2 and 3, as required. When finished adding rules, click Save to save your

changes.

Step 5 To treat graylisted traffic as blacklisted traffic for action purposes, on the Dynamic Blacklist

Configuration tab, check the Treat Ambiguous traffic as Blacklist check box.

If you do not enable this option, graylisted traffic will not be dropped if you configure a drop rule for

that traffic.

Botnet Traffic Filter Rules Page

You can use the Botnet Traffic Filter Rules page to define rules for identifying malicious traffic passing

through your ASA security device.

The Botnet Traffic Filter Rules page is divided into three sections:

• Dynamic Blacklist Configuration Tab, page 19-10

• Traffic Classification Tab, page 19-11

• Whitelist/Blacklist Tab, page 19-14

Navigation Path

To access the Botnet Traffic Filter Rules page, do one of the following:

• (Device view) Select a device, then select Firewall > Botnet Traffic Filter Rules from the Policy

selector.

• (Policy view) Select Firewall > Botnet Traffic Filter Rules from the Policy Type selector. Select

an existing policy or create a new one.

• (Map view) Right-click a device and select Edit Firewall Policies > Botnet Traffic Filter Rules.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems CL-28826-01 Security Camera User Manual