55-6
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter55 Configuring the Botnet Traffic Filter
Licensing Requirements for the Botnet Traffic Filter
Licensing Requirements for the Botnet Traffic Filter
The following table shows the licensing requirements for this feature:
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Firewall Mode Guidelines
Supported in routed and transparent firewall mode.
Failover Guidelines
Does not support replication of the DNS reverse lookup cache, DNS host cache, or the dynamic database
in Stateful Failover.
IPv6 Guidelines
Does not support IPv6.
Additional Guidelines and Limitations
TCP DNS traffic is not supported.
You can add up to 1000 blacklist entries and 1000 whitelist entries in the static database.
Default Settings
By default, the Botnet Traffic Filter is disabled, as is use of the dynamic database.
For DNS inspection, which is enabled by default, Botnet Traffic Filter snooping is disabled by default.
Configuring the Botnet Traffic Filter
This section includes the following topics:
Task Flow for Configuring the Botnet Traffic Filter, page55-7
Configuring the Dynamic Database, page55-7
Model License Requirement
All models You need the following licenses:
Botnet Traffic Filter License.
Strong Encryption (3DES/AES) License to download the dynamic database.