19-12
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 19 Managing Firewall Botnet Traffic Filter Rules
Botnet Traffic Filter Rules Page
Task Flow for Configuring the Botnet Traffic Filter, page19-2
Botnet Traffic Filter Rules Page, page19-9
Dynamic Blacklist Configuration Tab, page19-10
Whitelist/Blacklist Tab, page19-14
Device Whitelist or Device Blacklist Dialog Box, page19-15
Configure DNS Dialog Box, page 17-18
BTF Enable Rules Editor
Use the BTF Enable Rules Editor to specify the interfaces on which you want to enable the Botnet Traffic
Filter and to identify the traffic that you want to monitor. You can specify only one enable rule per
interface.
Navigation Path
To access the BTF Enable Rules Editor, right-click inside the work area of the Enable Rules table on the
Traffic Classification tab and then select Add Row, or right-click an existing entry and select Edit Row.
Related Topics
Enabling Traffic Classification and Actions for the Botnet Traffic Filter, page 19-6
Understanding Botnet Traffic Filtering, page19-1
Task Flow for Configuring the Botnet Traffic Filter, page19-2
Botnet Traffic Filter Rules Page, page19-9
Dynamic Blacklist Configuration Tab, page19-10
Traffic Classification Tab, page 19-11
BTF Drop Rules Editor, page 19-13
Whitelist/Blacklist Tab, page19-14
Device Whitelist or Device Blacklist Dialog Box, page19-15
Configure DNS Dialog Box, page 17-18
Field Reference
Table19-2 BTF Enable Rules Editor
Element Description
Interfaces The interfaces or interface roles on which you want to enable the Botnet
Traffic Filter. Enter the name of the interface or the interface role, or
click Select to select the interface or role from a list, or to create a new
role. An interface must already be defined to appear on the list.
You can use the All Interfaces role object to enable botnet filtering
globally (selected by default). If you configure an interface-specific
classification, the settings for that interface override the global settings.
Interface role objects are replaced with the actual interface names when
the configuration is generated for each device. See Understanding
Interface Role Objects, page 6-67.