Cisco Cisco Firepower Management Center 4000

well as the IP address(es) of the host. If you do not have a preferred workflow for connection events, you 
must select one. For more information about connection data, see 

FireSIGHT

You can delete an application from a host profile to remove applications that you know are not running 
on the host. Note that deleting an application from a host may bring the host into compliance with a white 
list.

If the system detects the application again, it re-adds it to the network map and the host profile.

Admin/Any Security Analyst

In the 

 section of the host profile, click the delete icon (

) next to the application you want 

to delete.

The application is deleted for that host. 

FireSIGHT

The VLAN Tag section of the host profile appears if the host is a member of a Virtual LAN (VLAN). 

Physical network equipment often uses VLANs to create logical network segments from different 
network blocks. The system detects 802.1q VLAN tags and displays the following information for each:

 identifies the VLAN where the host is a member. This can be any integer between zero and 

4095 for 802.1q VLANs.

 identifies the encapsulated packet containing the VLAN tag, which can be either Ethernet or 

Token Ring. 

 identifies the priority in the VLAN tag, which can be any integer from zero to 7, where 7 is 

the highest priority.

If VLAN tags are nested within the packet, the system processes and the Defense Center displays the 
innermost VLAN tag. The system collects and the Defense Center displays VLAN tag information only 
for MAC addresses that it identifies through ARP and DHCP traffic.

VLAN tag information can be useful, for example, if you have a VLAN composed entirely of printers 
and the system detects a Microsoft Windows 2000 operating system in that VLAN. VLAN information 
also helps the system generate more accurate network maps.