cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

330
Views
0
Helpful
1
Replies
Highlighted
Beginner

Botnet Data, who is submitting this info?

I recently purchased Botnet for an ASA and have it configured and working properly. I am however curious on who is responsible for its database content. I have seen it block many IPs that are from reputable sources with a "High Risk" label.

IPs that belong to Microsoft and other major manufacturers.

Not much of an issue to whitelist them but unfortunately when a user is blocked they are not displayed a message of any sort via the web browser. It is not until I go into the ASA/botnet app do I see the block. Then wonder why it is listed.

Does anyone have any information on how the data is collected and by who?

Everyone's tags (3)
1 REPLY 1
Highlighted

Botnet Data, who is submitting this info?

Hello,

The database is download it from CISCO server ( similar to the Ironport database server) , and its done by different intelligence mechanisms that will set into the database the latest blacklisted sites.

This will help you:

http://tools.cisco.com/squish/3D92F

Regards,

Julio

Rate all the helpful posts

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC