Cisco Cisco Firepower Management Center 2000

In the Product Mappings section, select the operating system, product, and versions you want to use for 
fix mapping from the following lists (if applicable):

For example, if you want your mapping to assign the selected fixes from Red Hat Linux 9 to hosts where 
the patch is applied, select 

 as the vendor, 

 as the product, and 

 as the version.

Click 

 to save the fix map. 

FireSIGHT

To add vulnerability information from a third party to the VDB, you must map the third-party 
identification string for each imported vulnerability to any existing Cisco, Bugtraq, or Snort ID. After 
you create a mapping for the vulnerability, the mapping works for all vulnerabilities imported to hosts 
in your network map and allows impact correlation for those vulnerabilities. 

Note that you must also enable impact correlation for third-party vulnerabilities to allow correlation to 
occur. For more information, see 

. For 

versionless or vendorless applications, you must also map vulnerabilities for the application types in the 
system policy. For more information, see 

Also, although many clients have associated vulnerabilities, and clients are used for impact assessment, 
you cannot use third-party client vulnerabilities for impact assessment.

If you have already created a third-party mapping on another Defense Center, you can export it and then 
import it onto this Defense Center. You can then edit the imported mapping to suit your needs. For more 
information, see 

Admin

Select 

 

, then click 

.

The User Third-Party Mappings page appears.

You have two choices:

To edit an existing vulnerability set, click 

 next to the vulnerability set.

To create a new vulnerability set, click 

.

The Edit Third-Party Vulnerability Mappings page appears.