19-10
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 19 Managing Firewall Botnet Traffic Filter Rules
Botnet Traffic Filter Rules Page
Related Topics
Understanding Botnet Traffic Filtering, page19-1
Task Flow for Configuring the Botnet Traffic Filter, page19-2
Dynamic Blacklist Configuration Tab, page19-10
Traffic Classification Tab, page 19-11
BTF Enable Rules Editor, page 19-12
BTF Drop Rules Editor, page 19-13
Whitelist/Blacklist Tab, page19-14
Device Whitelist or Device Blacklist Dialog Box, page19-15
Configure DNS Dialog Box, page 17-18
Dynamic Blacklist Configuration Tab
Use the Dynamic Blacklist Configuration tab to enable database updates from the Cisco update server
and to enable use of the downloaded dynamic database by the security appliance.
Navigation Path
From the Botnet Traffic Filter Rules Page, page19-9 , click the Dynamic Blacklist Configuration tab.
Related Topics
Configuring the Dynamic Database, page 19-4
Understanding Botnet Traffic Filtering, page19-1
Task Flow for Configuring the Botnet Traffic Filter, page19-2
Botnet Traffic Filter Rules Page, page19-9
Traffic Classification Tab, page 19-11
BTF Enable Rules Editor, page 19-12
BTF Drop Rules Editor, page 19-13
Whitelist/Blacklist Tab, page19-14
Device Whitelist or Device Blacklist Dialog Box, page19-15
Configure DNS Dialog Box, page 17-18
Field Reference
Table19-1 Dynamic Blacklist Configuration Tab
Element Description
Enable Dynamic Blacklist
From Server
Enables downloading of the dynamic database from the Cisco update
server. If you do not have a database already installed on the security
appliance, it downloads the database after approximately 2 minutes.
The update server determines how often the security appliance polls the
server for future updates, typically every hour.
Note If the device is in multiple context mode, configure this option
on the System context for that device.