EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1082 background imageLoading...
Page #1082 background image
50-4
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 50 Configuring the Botnet Traffic Filter
Information About the Botnet Traffic Filter
For the DNS host cache, after an entry times out, the adaptive security appliance periodically requests a
refresh for the entry.
For the DNS host cache, the maximum number of blacklist entries and whitelist entries is 1000 each.
Table 50-1 lists the maximum number of entries in the DNS reverse lookup cache per model.
How the Botnet Traffic Filter Works
Figure 50-1 shows how the Botnet Traffic Filter works with the dynamic database plus DNS inspection
with Botnet Traffic Filter snooping.
Figure 50-1 How the Botnet Traffic Filter Works with the Dynamic Database
Table 50-1 DNS Reverse Lookup Cache Entries per Model
ASA Model Maximum Entries
ASA 5505 5000
ASA 5510 10,000
ASA 5520 20,000
ASA 5540 40,000
ASA 5550 40,000
ASA 5580 100,000
Security Appliance
DNS
Reverse
Lookup Cache
Infected
Host
Malware Home Site
209.165.201.3
Syslog Server
Dynamic
Database
DNS Server
DNS Snoop
1
DNS Request:
bad.example.com
3
Connection to:
209.165.201.3
2
DNS Reply:
209.165.201.3
Internet
Botnet Traffic
Filter
3b. Send
Syslog Message/Drop Traffic
1a. Match?
3a. Match?
2a. Add
248631

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals