Basically I have 3 Block IP rules and 3 different networks. 2 are COLOs and 1 is in our Corp datacenter with an ASA at each location. I have setup 3 Cisco Active reponses for each of these ASAs. From what I understand when each of the Block IP actions are activated the shun command is sent to all of the Cisco Active Responses. I really need the ability to specify which Cisco Active Response I want to use with a specific Block IP Action.
In some regards this probably doesn't matter but I just don't like the idea of filling up each of my ASAs' with commands they doesn't need. Also if for some reason the Block IP does happen to block a legitimate IP then I have to manually remove that deny from each of the ASAs.
