Cisco Secure Endpoint (formerly Cisco Advanced Malware Protection [AMP] for Endpoints) offers cloud-delivered next-generation antivirus, endpoint protection platform (EPP), and advanced endpoint detection and response (EDR).
N/A
Microsoft Defender for Endpoint
Score 8.5 out of 10
N/A
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
Cisco Secure Endpoint is an advanced EDR solution that is highly effective and scalable. Our experience previously with MalwareBytes and Microsoft Defender was not horrible, but these products were not as effective and did not integrate well with our other security products to …
Microsoft Defender for Endpoint has the best integration for us in our (mostly) Windows environment. Also we are using M365 E3 so this already included Microsoft Defender for Endpoint P1. The extra cost for Defender for Endpoint P2 is definitely worth it. You need to see these …
Anyone making use of multiple Cisco cloud security products would benefit from its integrations with other products. It is appropriate for medium to large organizations due to the flexibility and depth of configuration options available to administrators. It is appropriate for organizations with strained resources in the security division, because the default configurations provide a high level of security without much micro-management. It is less appropriate for small shops where there are fewer specific configurations needed, and the depth of that functionality is not needed. It is not recommended for budget-constrained organizations due to its relatively high price compared to competitors.
As the remote working/use of multiple machines have become common, along with the ease of working , the vulnerability have also drastically increased as no one is really sure that the credentials (single step authentication) are safe. With the Automated remediation of threats and detection response the secure access of the machines are improved as we take multiple production machines access at a single time. Showing detailed information about the threat, user, device- reduces the time consumption
I really enjoy the level that we get with our licensing for the timeline on devices, being able to see what happened when it happened down to the millisecond to know exactly what happened when someone clicked something, did something bad, installed something bad, or whichever. And the alert monitoring is really useful for sending emails whenever there's anything that's remotely detected, even if it's a false positive.
It is a little hard to do threat analysis or investigation when you try to correlate the detection with other security control systems like firewalls, web proxies, etc.
AMP is very difficult to use compared to other products we've seen. It's hard to understand why there are so many different logins for the various products that supposedly integrate with AMP. We had weekly phone calls for months to implement the product yet none of the IT department really enjoys using this product or feels comfortable with the accuracy of detections. The number of false positives is high.
In terms of technical support for Cisco Secure Endpoint, the support has been pretty good. All the cases I submitted were solved in a reasonable time frame, and it was a good experience. However, I find that not as many vendors have the expertise I would expect.
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Cisco Advanced Malware Protection (AMP) for Endpoints is one of a wide spectrum of Cisco security products and is the first step that can bring you to start using Cisco AnyConnect and Cisco ISE to integrate with them.
This product does do a very good job of providing basic security protection for our client endpoints. We decided to go with this product because of the ease of setup and integration into the Windows server environment. We have not had any complaints from any of our clients using this product.
AMP has been able to catch some serious infections and stop them from doing huge damage in our environment.
The overall cost of AMP vs the cost of not having this protection and getting hit with malware, or other nefarious damage to your environment is well worth the money.
Positive - Alot of money saved because of looming security threats today in Work from Home environments. Lesser IT cost because of its automation capabilities has made it a really good choice
Positive - Because of enhanced security , downtimes are reduced thus profits are increased
Negative- Training cost is something which could have been avoided if this defender had some integration with self training modules
Negative - Too much costly. Integration cost, new setup cost, ongoing licensing cost etc is too high