Cisco Botnet summary
February 5th, 2010
No comments
Since IOS 8.2, the Cisco ASA can protect you against Botnets. Here is some relevant information when you want to use the Botnet Traffic Filter in a Cisco ASA firewall with IOS 8.2.
1. A license is needed: ASA55xx-BOT-1YR=
2. You need to configure DNS snooping in the ASA
3. The following syslog ID’s are used with syslog:
338001
338002
338003
338004
5. Reverse access rules need to be configured.
A tutorial can be found here.