The Cisco vulnerability database (VDB) is a database of known vulnerabilities to which hosts may be susceptible, as well as fingerprints for operating systems, clients, and applications. The system uses the VDB to help determine whether a particular host increases your risk of compromise.
The Cisco Talos Security Intelligence and Research Group (Talos) issues periodic updates to the VDB.
The Cisco Firepower Application Detector Reference contains the release notes and information about the application detectors supported in the VDB release. For each application listed in the reference, you can find the following information:
Description—A brief description of the application.
Categories—A general classification for the application that describes its most essential function. Example categories include web services provider, e-commerce, ad portal, and social networking.
Tags—Predefined tags that provide additional information about the application. Example tags include webmail, SSL protocol, file sharing/transfer, and displays ads. An application can have zero, one, or more tags.
Risk—The likelihood that the application is used for purposes that might be against your organisation’s security policy. The risk levels are Very High, High, Medium, Low, and Very Low.
Business Relevance—The likelihood that the application is used within the context of your organisation’s business operations, as opposed to recreationally. The relevance levels are Very High, High, Medium, Low, and Very Low.
Couldn't find this anywhere, so made it myself, its a group that excludes all RFC1918 addressing and contains all other IPv4 addresses. It includes RFC3330 but I don't think that will concern most people. object-group network INTERNETnetwork-ob...
Is there a best practice around handling Cisco FlexConnect APs and their switchport configuration when doing profiling? Flex APs require commands relating to trunking and native VLAN etc. - which is different to the usual port template ...
Hello, Is there any keepalive mechanism between the switch and ISE. I need to know if there is a way which can enable the switch to know if ISE server is online and available at any particular time.The idea is that lets suppose we try to authenticate...
Hello Experts, I want to utilize existing hardware for Stealthwatch Enterprise deployment. We have UCS 5108 with B200 M5 Servers. I am following below link for the Virtual Server sizing: https://www.cisco.com/c/dam/en/us/td/docs/security/stealth...