Cisco Botnet summary
Since IOS 8.2, the Cisco ASA can protect you against Botnets. Here is some relevant information when you want to use the Botnet Traffic Filter in a Cisco ASA firewall with IOS 8.2.
1. A license is needed: ASA55xx-BOT-1YR=
2. You need to configure DNS snooping in the ASA
3. The following syslog ID’s are used with syslog:
338001
338002
338003
338004
5. Reverse access rules need to be configured.
A tutorial can be found here.