Cisco Secure Endpoint is an advanced EDR solution that is highly effective and scalable. Our experience previously with MalwareBytes and Microsoft Defender was not horrible, but these products were not as effective and did not integrate well with our other security products to …
Being all products of a similar nature, Cisco Advance Malware Protection stands out for its simplicity, low resource consumption, reporting, work dashboards and integration with the rest of the already installed suit.
Those are the most notable aspects, although the rest of the …
AMP is far superior to Symantec in my opinion. It is much more robust and customizable. It is much easier to manage systems and to spot trouble areas. Deploying and upgrading clients is much simpler. It is a much more lightweight client on the desktop. Overall a much better …
When looking for a Malware Protection for Endpoints, AMP was our first and only choice. We like the fact that Cisco has a whole line of security software that can work together and so our goal has been to use the Cisco Suite that includes Umbrella, Firepower, AMP. We are very …
We looked at the other option of full web content filtering and decided this was a better approach for us. We really did not evaluate other options like Zscaler or Sophos.
These products are used in conjunction with Umbrella to help cover the gaps in the product. Websense was the closest product we had in the past, however the cost and operating of the product became more and more difficult and costly.
None of the other products tested offered the simplicity and ease of use of Umbrella and the guarantee that your endpoints will be secured regardless of network.
We did not evaluate any other products as Cisco Umbrella was perfect and already part of the Cisco eco system, so things like native API integration made it a easy decision.
The simplicity of administration, the possibility of having a roaming user scheme with differential security policies for each case, and its integration with other products were key when deciding and undoubtedly generated a very positive impact both in the tasks of the IT team …
Cisco Secure Endpoint is well suited for keeping track of the many different and points that we have in our organization. All of these devices can easily be monitored with Cisco Secure Endpoint. It can monitor our servers and our desktops and laptops in our environment. It isn’t as appropriate for our student devices. However, those aren’t as critical since they are just Chromebooks.
So the well-suited product, it's actually in two areas. One I already touched base on earlier which is the ability to have a federal model where we have the flexibility to set high-level policies from a group perspective while giving the independence of the business unit to operate and model the system to meet their needs. The second one, which is very powerful, especially in the last few years, is the remote workers. I'm able to protect and extend that edge of my security to their endpoint regardless if they are a Cisco Live or if they are at a bar or on a train basically anywhere. So as a chemical company, we have a lot of OT or ICS industrial control systems, which are highly regulated and highly scrutinized and usually require a physical presence while Cisco umbrella is mostly a cloud native type of product. So it doesn't fit well in that environment, which is detached from the internet doing well.
Once we, I guess one turned out that path because we have a small IT team, one of the big factors that came into play is how easy it was to deploy and the kind of security it provides for your endpoint devices. For us, it's got all those AI capabilities that really help. So traditionally when there was an incident on Alert on an antivirus program, you'd have a couple of guys run across the office to try to pull a plug. One of the awesome features with Secure Endpoint is its isolation mode that clamps down endpoint devices and then just isolate it. It's connected to, I think Cisco's tell us the threat intel environment. So they've got up-to-date metrics and fixes on threats out in the wild. And once they detect that, they apply it across your whole brand. So yeah, really effective for us.
One of the things that really stands out is the retrospective detections. So say something's detected two weeks later of a product that you had on your system. Initially it scanned it past, but then they discover vulnerability. The product has the ability to come back and retrospectively apply restrictions on specific applications you have on your environment. So I think that's one key winner.
The interface has many views that all look the same, except that functionalities are different. This makes it incredibly difficult to find the action you want to take.
Built-in exclusion sets are missing a number of notable Anti-Malware products and must be manually implemented.
High learning curve due to complexity of the solution and the range of features it contains. Provided documentation is hidden in a small icon at the top of the page which is often off-screen when needed.
Color choices lead to panic situations during deployment. 1 questionable file could lead to the main display showing a large, bright red alert which makes customers think their whole environment is compromised.
Umbrella Virtual Appliances have been buggy in resolving local domain hosts.
Integration between other Cisco and Meraki products is complicated.
Reporting is not always accurate; for example, if you configure a Meraki access point to use an Umbrella Virtual Appliance, you lose device reporting. All reporting shows up under the AP's IP.
First off I never give anything a "10" unless it's perfect. LOL - I grade on the curve. I think OpenDNS/Umbrella is a very good product. I think that fact that Cisco absorbed them is one of the proofs of that. I have used the product back when it was free for companies our size. I have not always appreciated the cost - but in the post pandemic cyber chaos, I believe the cost benefit ratio is still very high. I have honestly not looked at other products because Umbrella continues to work to my satisfaction. I consider Umbrella to be one of the key layers in my cyber security strategy.
AMP is very difficult to use compared to other products we've seen. It's hard to understand why there are so many different logins for the various products that supposedly integrate with AMP. We had weekly phone calls for months to implement the product yet none of the IT department really enjoys using this product or feels comfortable with the accuracy of detections. The number of false positives is high.
Better features and easy to manage system with great customer support and overall usability is great as it works for hybrid environment with ease as it is having features for on prem users as wells as cloud users with great customer support and great team of trained engineers to support our opeartions.
Cisco Umbrella's availability was great, they got back to me in less than an hour to get my problem solved.
We needed to get our Meraki AP's hooked up to Cisco Umbrella to monitor that specific traffic and they got back to me promptly, they guided me and explained every question I had.
our experience with cisco products has always been awesome and same is the case with cisco umbrella .Under umbrella cisco provides flexible and scalable software solution to use across different dept and sites . These softwares are very user friendly ,pages load quickly as these applications are designed for minimum latency and reports are also provided quickely
In terms of technical support for Cisco Secure Endpoint, the support has been pretty good. All the cases I submitted were solved in a reasonable time frame, and it was a good experience. However, I find that not as many vendors have the expertise I would expect.
We have not had a chance to use Cisco support frequently, but when we needed to troubleshoot some issues that we were having with the agent installation, the support was very responsive and the solution that they offered worked. The only reason I give it one less point is that the turnaround time for non-critical issues is very long.
Quite easy to understand training modules prepared by knowledgeable trainers. Training modules have included all the desired features of these softwares and the content delivery is very good from the respective module trainers and it explains in details the features and apart from that further training material support is also provided if needed.
At the time we were forced to move from Cloud Web Security to Cisco Umbrella, Cisco Umbrella was far from being a direct replacement. It was frustrating and difficult to migrate due to the lack of functionality. This has since been addressed, however we now have legacy rulesets that were built as bandaids that cannot be removed. Hopefully the migration to Secure Access will address this.
Cisco Secure Endpoint is an advanced EDR solution that is highly effective and scalable. Our experience previously with MalwareBytes and Microsoft Defender was not horrible, but these products were not as effective and did not integrate well with our other security products to allow us to monitor and react quickly to address threats that were within our network. Key to any security effort is mitigation and the ability to quickly identify and respond so any damage can be avoided or limited.
Auto SIG Tunnels is a feature that helps in provisioning tunnels automatically using Cisco Umbrella APIs and so this is one win for choosing Cisco Umbrella over others. With Cisco SD-WAN viptela, the Cisco Umbrella stacks up well because its the same vendor so less complexities and interoperability issues.
Cisco umbrella provides fleaxible and scalable software solutions which are easy deploy across multiple departments and sites wherever needed and this softwares are very easy to use and provides the best interface along with cisco support for other devices apart from cisco infrastructure but still there is scope for improvement on the inclusion of latest features
AMP has been able to catch some serious infections and stop them from doing huge damage in our environment.
The overall cost of AMP vs the cost of not having this protection and getting hit with malware, or other nefarious damage to your environment is well worth the money.
Cisco Umbrella has been an excellent investment for us. The extra protection it provides in a very simple way has been well worth the costs.
Cisco Umbrella is very easy to setup and manage and can do most of the things we need with little daily interaction so we are free to work on other systems that need more attention.
Utilizing the Cisco Umbrella reporting features, we can determine what systems might need additional attention. If we see systems attempting certain types of access, we quickly know there is likely something on the device that probably needs removed.
Specific Cisco Umbrella reports can help us determine if we need to do user education and develop cyber habits.
