Reviews (1-5 of 5)
November 20, 2019
AMP is being used across our organization on workstations and servers.
- Detects malware and viruses on endpoints.
- AMP shows a timeline associated with an event and if the malicious event has spread.
- AMP quarantines but also does retroactive pullbacks of malicious attachments or downloads if they are later discovered to be bad.
- I would like to see some emphasis put on being able to makes notes if there is an incident you are working on so other analysts do not have to open the incident or ask you if you have worked on the incident.
- More clarity around files/downloads that are quarantined...so that they do not end up in your incidents but maybe another tab for incidents that AMP resolved without need for work by an analyst.
- I would like to see silent upgrades. At this moment in order to upgrade you have to do a reboot, this is my biggest frustration.
Read Nicole McMillian's full review
AMP is a great addition to any organization. AMP is your eyes and ears, keeps you on the pulse of your organizations end point safety. The console is easy to use. AMP has helped us see immediate threats so that things do not go unnoticed in our environment and that is a huge win.
November 16, 2019
Score 9 out of 10
AMP is being used across the whole organization and several costumers. We use it to block malware, provides visibility to what is running on our endpoints.
Read Jesus Franco's full review
AMP is well suited for any organization, it helps to reduce risks on catching malware on endpoints.
June 12, 2019
AMP is used globally across the entire organization. It provides great protection and visibility to what is executing on my servers and endpoints. Operationalizing the tool with our ITSM system allows for quicker remediation.
- Provides good visibility to vulnerable software.
- Device trajectory for applications is very useful when determining if an application should really be whitelisted.
- It is very effective at mitigating command and control.
- The tool needs a facility for submitting SHA-256 and samples via the web interface to report false positives. This is a very common issue and a quicker method for submitting these types of items must be addressed.
- Reporting need to be reintroduced as it was available in earlier versions of the management portal.
- The limited number of exclusions can be challenging depending on the environment.
Read Scott Shipley's full review
AMP is great for providing endpoint visibility of your endpoints. However, it is not a catch-all for everything happening on your systems. Limited visibility to powershell execution is a weak point and would require further analysis.
October 02, 2019
Score 10 out of 10
It is being used across the entire organization. We use it to block malware attacks and other types of potential security attacks.
Read Elvin Thomas's full review
For us, Cisco AMP has been well suited for us to easily check for potential security breaches, malware, etc. I can't really think of any limitations.
November 19, 2019
Cisco Advanced Malware Protection (AMP) is being used across our entire school district for endpoint protection. We have over 10K devices, that it protects from various antivirus and malware threats. Its is a very robust cloud managed solution.
- It gives great visibility of all detected threats across our devices.
- It is very easy to deploy and maintain.
- The cloud UI is constantly being updated with new features.
- I don't know if this is a bad feature but the engine is very sensitive it picks up a lot of things that are not always threats.
- While AMP is a strong product it is not cheap.
- Software upgrades usually require a reboot which can make it difficult with student devices.
Read this authenticated review
While on the expensive side, Cisco Advanced Malware Protection (AMP) is a solid product that is very robust and can be customized a lot. It can also integrate with Cisco's threat grid, umbrella, firepower and other security solutions to give a more broad range of visibility.
Cisco AMP for Endpoints Scorecard Summary
Feature Scorecard Summary
About Cisco AMP for Endpoints
Cisco Advanced Malware Protection (AMP) for Endpoints is a combined endpoint protection platform (EPP) and endpoint detection and response (EDR) software, providing a total endpoint protection solution.
Cisco AMP for Endpoints Technical Details