Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1087
Views
0
Helpful
0
Replies

OS Fingerprinting in the FMC

ThomasBauer78485
Level 1
Level 1

‎06-09-2021 11:25 AM

I'm running the FMC with two leaf domains, each domain containing an HA Pair of FTD devices. I seem to be unable to use the FTD devices to collect host information.

Example: I create an NMAP Scanner instance that uses the an FTD (active or failover) to collect data by running an NMAP scan. The scan goes for hours and returns no data.

Example 2: I create an NMAP Scanner instance that uses the Firepower Management Center itself to collect data. The scan finishes in about a minute but provides inaccurate or vague OS information.

I follow this document to create a custom OS fingerprint to improve the accuracy of my NMAP scans: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Host_Identity_Sources.html#ID-2219-00000052

Problem: When creating the Custom Fingerprint, I attempt to follow this direction "From the Device drop-down list, choose the Firepower Management Center or the device that you want to use to collect the fingerprint." However, only the FTD devices for that leaf show. The FMC itself does not.

Consequence: Custom Fingerprinting runs for hours and collect no data.

Request: How do I make the FMC show up in this device list? How do I correct the problem with NMAP or Fingerprint scanning when it originates from an FTD appliance?

1 person had this problem
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card