Cisco Cisco Firepower Management Center 4000

If a fingerprint is inactive, you can modify all elements of the fingerprint and resubmit it to the Defense 
Center. This includes all properties you specified when creating the fingerprint, such as fingerprint type, 
target IP addresses and ports, vulnerability mappings, and so on. When you edit an inactive fingerprint 
and submit it, it is resubmitted to the system and, if it is a client fingerprint, you must resend traffic to 
the appliance before activating it. Note that you can select only a single vulnerability mapping for an 
inactive fingerprint. After you activate the fingerprint, you can map additional operating systems and 
versions to its vulnerabilities list.

If a fingerprint is active, you can modify the fingerprint name, description, custom operating system 
display, and map additional vulnerabilities to it. 

For more information, see the following sections:

FireSIGHT

If a fingerprint is inactive, you can modify its properties and resubmit it to the system. This includes 
making changes such as the type of fingerprint to use, the target system to fingerprint, and so on. 

Admin/Discovery Admin

Select 

> 

, then click 

.

The Custom Fingerprint page appears.

Click the edit icon (

) next to the fingerprint you want to edit.

The Edit Custom Fingerprint page appears.

Make changes to the fingerprint as necessary:

If you are modifying a client fingerprint, see 

 for more information 

about the options you can configure.

If you are modifying a server fingerprint, see 

information about the options you can configure.

Click 

 to resubmit the fingerprint.

If you modified a client fingerprint, remember to send traffic from the host to the appliance 
gathering the fingerprint.

FireSIGHT

When a fingerprint is active, you can change its name, description, and display label. In addition, you 
can manage vulnerability mappings, including adding and deleting vulnerability mappings.