A method and system for generating filters based on analyzed flow data are
disclosed. A method generally comprises separating the data into
different network flows, analyzing at least one of the network flows, and
detecting potentially harmful network flows. A filter is generated to
prevent packets corresponding to the detected potentially harmful network
flows from passing through the network device.