Cisco Cisco Firepower Management Center 4000

For example, a host serves SMTP traffic that does not have a vendor or version in the header. If you 
enable the SMTP server on the Vulnerability Mapping page of a system policy, then apply that policy to 
the Defense Center managing the device that detects the traffic, all vulnerabilities associated with SMTP 
servers are added to the host profile for the host.

Although detectors collect server information and add it to host profiles, the application protocol 
detectors will not be used for vulnerability mapping, because you cannot specify a vendor or version for 
a custom application protocol detector and cannot select the server for vulnerability mapping in the 
system policy.

Admin

Select 

.

The System Policy page appears.

You have the following options:

To modify vulnerability mapping settings in an existing system policy, click the edit icon (

) next 

to the system policy.

To configure vulnerability mapping settings as part of a new system policy, click 

.

Provide a name and description for the system policy as described in 

, and click 

.

In either case, the Access List page appears.

Click 

.

The Vulnerability Mapping page appears.

You have the following options:

To prevent vulnerabilities for a server from being mapped to hosts that receive application protocol 
traffic without vendor or version information, clear the check box for that server.

To cause vulnerabilities for a server to be mapped to hosts that receive application protocol traffic 
without vendor or version information, select the check box for that server.

You can select or clear all check boxes at once using the check box next to 

.

Click 

.

The system policy is updated. Your changes do not take effect until you apply the system policy to the 
Defense Center and its managed devices. See 

 for more 

information.