Cisco Cisco Firepower Management Center 2000

FireSIGHT

You can use the Defense Center to view a table of detected application details. Then, you can manipulate 
the event view depending on the information you are looking for.

The page you see when you access application details differs depending on the workflow you use. There 
are two predefined workflows. You can also create a custom workflow that displays only the information 
that matches your specific needs. For more information, see 

The 

 below describes some of the specific actions you can perform on an 

application details workflow page. You can also perform the tasks described in the 

 table.

Admin/Any Security Analyst

Select 

.

The first page of the default application details workflow appears. To use a different workflow, including 
a custom workflow, click 

. For information on specifying a different default workflow, 

see 

.

If you are using a custom workflow that does not include the table view of application details, click 

, then select 

.

FireSIGHT

When a monitored host connects to another host, the FireSIGHT Systemcan, in many cases, determine 
what application was used. The system detects various web browsers, email clients, instant messengers, 
peer-to-peer applications, and so on.

When the system detects traffic for a known client, application protocol, or web application, it logs 
information about the application and the host running it. Descriptions of the fields in the application 
details table follow.

learn more about the contents of the 
columns in the table

find more information in 

.

open the Application Detail View for a 
specific application

click the application detail view icon (

) next to a client.