Cisco Secure Endpoint vs. Microsoft Defender for Endpoint

Anyone making use of multiple Cisco cloud security products would benefit from its integrations with other products. It is appropriate for medium to large organizations due to the flexibility and depth of configuration options available to administrators. It is appropriate for organizations with strained resources in the security division, because the default configurations provide a high level of security without much micro-management. It is less appropriate for small shops where there are fewer specific configurations needed, and the depth of that functionality is not needed. It is not recommended for budget-constrained organizations due to its relatively high price compared to competitors.

Incentivized

As the remote working/use of multiple machines have become common, along with the ease of working , the vulnerability have also drastically increased as no one is really sure that the credentials (single step authentication) are safe. With the Automated remediation of threats and detection response the secure access of the machines are improved as we take multiple production machines access at a single time. Showing detailed information about the threat, user, device- reduces the time consumption

Incentivized

• Identifies malware, malicious processes/services and other events well
• Great automated actions features such as host isolation
• Detailed threat visibility such as file trajectory
• Integration with other Cisco suite of security products
• Great value
• Low false positive rate
• Lightweight agent
• Variety of reporting
• Stable agent

Incentivized

• I really enjoy the level that we get with our licensing for the timeline on devices, being able to see what happened when it happened down to the millisecond to know exactly what happened when someone clicked something, did something bad, installed something bad, or whichever. And the alert monitoring is really useful for sending emails whenever there's anything that's remotely detected, even if it's a false positive.

Incentivized

• I don't know if this is a bad feature but the engine is very sensitive it picks up a lot of things that are not always threats.
• While AMP is a strong product it is not cheap.
• Software upgrades usually require a reboot which can make it difficult with student devices.

Incentivized

• Hard to integrate with third party SIEM solution
• Not available for OS other than Windows
• It is a little hard to do threat analysis or investigation when you try to correlate the detection with other security control systems like firewalls, web proxies, etc.

the renewal must be studied with different factors

Incentivized

AMP is very difficult to use compared to other products we've seen. It's hard to understand why there are so many different logins for the various products that supposedly integrate with AMP. We had weekly phone calls for months to implement the product yet none of the IT department really enjoys using this product or feels comfortable with the accuracy of detections. The number of false positives is high.

Incentivized

Ease of use

Incentivized

no complain and no issue with availability

Incentivized

In terms of technical support for Cisco Secure Endpoint, the support has been pretty good. All the cases I submitted were solved in a reasonable time frame, and it was a good experience. However, I find that not as many vendors have the expertise I would expect.

Incentivized

The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session

Incentivized

no participation in implementation

Incentivized

Cisco Advanced Malware Protection (AMP) for Endpoints is one of a wide spectrum of Cisco security products and is the first step that can bring you to start using Cisco AnyConnect and Cisco ISE to integrate with them.

Incentivized

This product does do a very good job of providing basic security protection for our client endpoints. We decided to go with this product because of the ease of setup and integration into the Windows server environment. We have not had any complaints from any of our clients using this product.

Incentivized

• AMP has been able to catch some serious infections and stop them from doing huge damage in our environment.
• The overall cost of AMP vs the cost of not having this protection and getting hit with malware, or other nefarious damage to your environment is well worth the money.

Incentivized

• Positive - Alot of money saved because of looming security threats today in Work from Home environments. Lesser IT cost because of its automation capabilities has made it a really good choice
• Positive - Because of enhanced security , downtimes are reduced thus profits are increased
• Negative- Training cost is something which could have been avoided if this defender had some integration with self training modules
• Negative - Too much costly. Integration cost, new setup cost, ongoing licensing cost etc is too high

Incentivized