Cisco Cisco Firepower Management Center 2000 开发者指南

This chapter contains information on the schema and supported joins for tables related to discovery 
events and the Cisco network map.

Your FireSIGHT System generates discovery events continuously as it monitors the traffic produced by 
your hosts and network devices.

The network map is a repository of information about the network assets reported in discovery events. 
For each detected host and network device, the network map contains information such as operating 
system, servers, client applications, host attributes, vulnerabilities, and so on.

Vulnerabilities are descriptions of specific compromises or exploits to which hosts may be susceptible. 
Cisco maintains its own vulnerability database (VDB), which cross-references the Bugtraq database and 
MITRE’s CVE database. You can also import third-party vulnerability data using the host input feature.

Note that the information about a given host in the network map can vary according to the type of host 
and the information available in the monitored traffic. 

For more information, see the sections listed in the following table. The Version column indicates the 
FireSIGHT System versions that support each table. While support for deprecated tables continues in 
the current product release, Cisco strongly recommends avoiding the use of deprecated tables and fields, 
to ensure continued support in the future.

applications detected on the hosts in your monitored 
network.

5.0+

the category, tags, productivity, and risk associated with 
an application detected in your monitored network.

5.2+

the category, tags, productivity, and risk associated with 
an application detected in your monitored network.

deprecated in Version 5.2. Superseded by

 

5.0-5.1.x

the tags associated with an application detected in your 
monitored network.

5.0+

discovery and host input events.

5.0+

basic information on the hosts in your monitored network. 5.2+