для Cisco Cisco Firepower Management Center 2000

The Edit Vulnerability Settings pop-up window appears.

Update the settings as needed.

Click 

 to save the vulnerability settings and return to the Advanced tab of the network discovery 

policy. 

You must apply the network discovery policy for your changes to take effect. For more 
information, see 

.

FireSIGHT

For your system to detect and tag indications of compromise (IOC), you must first activate at least one 
IOC rule in your discovery policy. Each IOC rule corresponds to one type of IOC tag, and all IOC rules 
are predefined by Cisco; you cannot create original rules. You can enable any or all rules, depending on 
the needs of your network and organization. For example, if hosts using software such as Microsoft 
Excel never appear on your monitored network, you may decide not to enable the IOC tags that pertain 
to Excel-based threats. For more information on the IOC feature, see 

You must also enable the FireSIGHT System features associated with the IOC rules you enable, such as 
intrusion and malware protection; if a rule’s associated feature is not enabled, no relevant data is 
collected and the rule cannot trigger. For more information on the types of IOC rules and their associated 
features, see 

Admin/Discovery Admin

Click the edit icon (

) next to 

.

The Edit Indications of Compromise Settings pop-up window appears.

To toggle the entire IOC feature off or on, click the slider next to 

.

To enable or disable individual IOC rules, click the slider in the rule’s 

 column.

Click 

 to save your IOC rule settings and return to the Advanced tab of the discovery policy.

Your changes are saved.

You must apply the network discovery policy for your changes to take effect. For more 
information, see 

.

FireSIGHT