Filter
Top Products
19-13
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 19 Managing Firewall Botnet Traffic Filter Rules
Botnet Traffic Filter Rules Page
BTF Drop Rules Editor
Use the BTF Drop Rules Editor to identify malware traffic that you want to automatically drop. You can
specify multiple drop rules per interface.
Navigation Path
To access the BTF Drop Rules Editor, right-click inside the work area of the Drop Rules table on the
Traffic Classification tab and then select Add Row, or right-click an existing entry and select Edit Row.
Related Topics
• Enabling Traffic Classification and Actions for the Botnet Traffic Filter, page 19-6
• Understanding Botnet Traffic Filtering, page 19-1
• Task Flow for Configuring the Botnet Traffic Filter, page 19-2
• Botnet Traffic Filter Rules Page, page 19-9
• Dynamic Blacklist Configuration Tab, page 19-10
• Traffic Classification Tab, page 19-11
• BTF Enable Rules Editor, page 19-12
• Whitelist/Blacklist Tab, page 19-14
• Device Whitelist or Device Blacklist Dialog Box, page 19-15
• Configure DNS Dialog Box, page 17-18
ACL Specifies the access-list to use for identifying the traffic that you want
to monitor. If you do not specify an access list, by default you monitor
all traffic.
To specify the traffic that you want to monitor, click Select to the right
of the ACL field to select an Access Control List object that identifies
the traffic that you want to monitor. For example, you might want to
monitor all port 80 traffic on the outside interface. For more
information about Access Control List objects, see Creating Access
Control List Objects, page 6-49.
Table 19-2 BTF Enable Rules Editor (Continued)
Element Description