19-10
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 19 Managing Firewall Botnet Traffic Filter Rules
Botnet Traffic Filter Rules Page
Related Topics
• Understanding Botnet Traffic Filtering, page 19-1
• Task Flow for Configuring the Botnet Traffic Filter, page 19-2
• Dynamic Blacklist Configuration Tab, page 19-10
• Traffic Classification Tab, page 19-11
• BTF Enable Rules Editor, page 19-12
• BTF Drop Rules Editor, page 19-13
• Whitelist/Blacklist Tab, page 19-14
• Device Whitelist or Device Blacklist Dialog Box, page 19-15
• Configure DNS Dialog Box, page 17-18
Dynamic Blacklist Configuration Tab
Use the Dynamic Blacklist Configuration tab to enable database updates from the Cisco update server
and to enable use of the downloaded dynamic database by the security appliance.
Navigation Path
From the Botnet Traffic Filter Rules Page, page 19-9, click the Dynamic Blacklist Configuration tab.
Related Topics
• Configuring the Dynamic Database, page 19-4
• Understanding Botnet Traffic Filtering, page 19-1
• Task Flow for Configuring the Botnet Traffic Filter, page 19-2
• Botnet Traffic Filter Rules Page, page 19-9
• Traffic Classification Tab, page 19-11
• BTF Enable Rules Editor, page 19-12
• BTF Drop Rules Editor, page 19-13
• Whitelist/Blacklist Tab, page 19-14
• Device Whitelist or Device Blacklist Dialog Box, page 19-15
• Configure DNS Dialog Box, page 17-18
Field Reference
Table 19-1 Dynamic Blacklist Configuration Tab
Element Description
Enable Dynamic Blacklist
From Server
Enables downloading of the dynamic database from the Cisco update
server. If you do not have a database already installed on the security
appliance, it downloads the database after approximately 2 minutes.
The update server determines how often the security appliance polls the
server for future updates, typically every hour.
Note If the device is in multiple context mode, configure this option
on the System context for that device.