Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Log & Event Manager (LEM) > How does Cisco Block IP active response work

How does Cisco Block IP active response work

Table of contents

Updated March 10, 2017

Overview

The LEM can block IP addresses on firewalls. 

Environment

  • LEM All versions
  • Cisco PIX and ASA firewalls

Detail

When LEM uses the Block IP active response, it connects to the firewall over ssh or telnet and issues a shun command like this:
shun {IP_Address}
This will cause the ASA to block all traffic originating at the specified ip address.

 

 

Last modified
17:08, 9 Mar 2017

Tags

Classifications

Public