Cisco Cisco Firepower Management Center 4000

Detector names must be unique within the protocol for the traffic you are inspecting. That is, you can 
create a TCP detector and a UDP detector with the same name, but you cannot create two TCP detectors 
with the same name.

Identify the application protocol you want to detect. You have the following options:

If you are creating a detector for an existing application protocol (for example, if you want to detect 
a particular application protocol on a non-standard port), select the application protocol from the 

drop-down list. Continue with the procedure in 

.

If you are creating a detector for a custom application, continue with the procedure in the next 
section, 

FireSIGHT

You can create a user-defined application to identify a custom application on your network. You can also 
create custom categories and custom tags to describe the application. Applications, categories, and tags 
created here are available in access control rules and in the application filter object manager as well. 

For more information on application detection, including a discussion of application protocols and the 
categories, tags, risk levels, and business relevance used to describe them, see 

Admin/Discovery Admin

On the Create Detector page, click 

.

The Application Editor pop-up window appears.

Type a 

 for the custom application. 

Type a 

 for the custom application.

Select a 

. 

Select a 

. 

Click 

 next to Categories to add a category and type a new category name or select an existing 

category from the 

 drop-down list.

Optionally, click 

 next to Tags to add a tag and type a new tag name or select an existing tag from the 

 drop-down list.

Click 

 to return to the Create Detector page.

Continue with the procedure in the next section, 

.

FireSIGHT