I've been running the ASA Botnet Filter in my demo lab pretty much since the feature came out. I demo the feature quite a bit because it is always picking up bad traffic and it shows well. My licesence is current, in fact is has 273 days left:
Botnet Traffic Filter : Enabled 273 days
Just recently I noticed that the stastics are all 0's and no data in the reports is showing. The updater-client is functioning. I can log a blacklist hit, but the ASA does not drop the traffic or show the hit in the statistics. Is this a bug?
Enabled on interface outside
Total conns classified 0, ingress 0, egress 0
Total whitelist classified 0, ingress 0, egress 0
Total greylist classified 0, dropped 0, ingress 0, egress 0
Total blacklist classified 0, dropped 0, ingress 0, egress 0
I don't know when exacly this happened. The latest version I was running was 8.4(3). I tried rolling back to 8.4(2) but still the same. My config hasn't changed. Any ideas?
Please note that the minimum cryptography settings in AnyConnect 4.9 have been increased. Please ensure that your head-end is properly configured for the more stringent cryptography settings (if applicable) or users will be unable to connect after updatin...
In this guide will we be taking a look at how to configure the web.config file using the URL Rewrite tool when deploying the TETRA update server. This guide is meant as a companion to the existing guides and to help fill in some in...
Note: This guide is provided as a best effort to better help users understand the potential impact running multiple clients with TETRA, SPERO, ETHOS, DFC and SHA256 Lookups enabled and their bandwidth usage. The sizes in these guides are s...
When I log into my application, I'm suddenly asked to create a new organization. Did something change or migrate? I already had an organization.
You may be starting from security.cisco.com and mistakenly clicking "SecureX sign-on...
I followed these instructions and setup all my accounts to use SecureX sign-on, including my AMP account (my Cisco Security Account - CSA). When I use SecureX, and I click on the AMP "launch" button, I have to login again. Why?