Submit a ticketCall us

Solarwinds & Cisco Live! Barcelona
Join us from the 29th of January to the 2nd of February at Cisco Live 2018 in Barcelona, where we will continue to show how monitoring the network with SolarWinds will keep you ahead of the game. At our booth (WEP 1A), we will demonstrate how SolarWinds network solutions can help. As a bonus, we are also hosting a pre-event webinar - Blame the Network, Hybrid IT Edition with our SolarWinds Head Geek™, Patrick Hubbard on January 24th - GMT (UTC+0): 10:00 a.m. to 11:00 a.m. There's still time to RSVP.

Home > Success Center > Log & Event Manager (LEM) > How does Cisco Block IP active response work

How does Cisco Block IP active response work

Table of contents

Updated March 10, 2017

Overview

The LEM can block IP addresses on firewalls. 

Environment

  • LEM All versions
  • Cisco PIX and ASA firewalls

Detail

When LEM uses the Block IP active response, it connects to the firewall over ssh or telnet and issues a shun command like this:
shun {IP_Address}
This will cause the ASA to block all traffic originating at the specified ip address.

 

 

Last modified

Tags

Classifications

Public