Cisco Cisco Firepower Management Center 4000

For more information, see the 

 table. 

One of:

the server vendor as identified by the system, Nmap or another active source, or that you 
specified using the host input feature

blank, if the system cannot identify its vendor based on known server fingerprints, or if the 
server was added to the network map using NetFlow data

One of:

the server version as identified by the system, Nmap or another active source, or that you 
specified using the host input feature

blank, if the system cannot identify its version based on known server fingerprints, or if the 
server was added to the network map using NetFlow data

The web application based on the payload content detected by the system in the http traffic. Note 
that if the system detects an application protocol of 

HTTP

 but cannot detect a specific web 

application, the system supplies a generic web browsing designation.

The categories, tags, risk level, and business relevance assigned to the web application. These filters 
can be used to focus on a specific set of data.

For more information, see the 

 table. 

The number of times the server was accessed. For servers added using the host input feature, this 
value is always 0.

One of the following values:

User: 

Application: 

Scanner: 

(Nmap or scanner added through network discovery configuration)

FireSIGHT, FireSIGHT Port Match, or FireSIGHT Pattern Match, for servers detected by the 
FireSIGHT System

NetFlow, for servers added to the network map based on NetFlow data

The system may reconcile data from multiple sources to determine the identity of a server; see 

. 

The name of the device that either detected the server or processed the NetFlow or host input data 
that added the server to the network map.