Cisco Cisco Firepower Management Center 4000

Cisco

Index

IN-23

FireSIGHT System User Guide

correlation events

correlation policies

correlation policy remediations

correlation rules

data collection

discovery events

discovery rules

enhancing detection

host attributes

host profiles

misidentifications

42-2, 42-3

network map

passive detection

performance statistics

remediation events

servers

Sourcefire Vulnerability ID (SVID)

37-26, 38-48, 38-53

third-party data collection

third-party vulnerabilities

vulnerabilities

white lists

network discovery events

event statistics

workflows

network discovery policies

advanced options

applying

discovery rules

monitored networks

port exclusions

restricting user logging

zones

network file trajectories

data points

events tables

SHA-256 hash values

summaries

trajectory maps

network layer

17-4, 18-28

network map

applications

Bugtraq ID

custom topology

CVE ID

host attributes

hosts

indications of compromise

introduction

mobile devices

network devices

SIDs

understanding

viewing hosts

vulnerabilities

network objects

as Security Intelligence objects

in intrusion rules

network routes

6-5

Networks (DCE/RPC option)

network settings, configuring

network surveys (white lists)

new client (discovery event type)

38-11, 39-10

new host (discovery event type)

38-11, 39-10

new network protocol (discovery event type)

38-11, 39-10

new operating system (discovery event type)

new OS (discovery event type)

new TCP port (discovery event type)

38-12, 39-10

new UDP port (discovery event type)

Nmap

adding an Nmap instance

introduction

managing

on-demand scans

remediations

41-11, 41-12, 43-11, 43-15

sample scanning profiles

scan instances

43-9, 43-14

scan targets