Cisco Secure Endpoint

Formerly Cisco AMP

Cisco Secure Endpoint is a very good endpoint protection solution. It would be particularly good for someone with the time and ability to really work with it to get the most out of it. This would include the other Cisco product integrations and systems that it works well with.

The basic features of the software are not too hard to use. Some of the advanced features can be more difficult. We find that our less experienced tech staff has a much more difficult time working in the dashboard.

In terms of technical support for Cisco Secure Endpoint, the support has been pretty good. All the cases I submitted were solved in a reasonable time frame, and it was a good experience. However, I find that not as many vendors have the expertise I would expect.

AMP is well suited for organizations that have made the investment with Cisco's full security suite. The integration provided with all other platforms such as the firewall, web and email gateway, and Cisco Umbrella works well to not only quickly detect malicious activity, but block it before it hits the endpoint. Cisco AMP is not suited for small organizations, who are looking for a sole A/V product. Missing out on all the additional integration would make AMP a very pricey product.

Of all the anti-malware tools I've used, I found Cisco Secure Endpoints to be one of the top players in the market. Its ability to detect malicious content and then retrospectively go back and quarantine older files was a key feature that was counted on time after time. In addition, the timeline view of activity really helped us work backward from when an event was detected to discover its entry point.

Cisco's AMP support is pretty good. There were not many occasions where I felt that their engineers were inexperienced or that I had to wait too long for a response. Overall, I received support for items that were even outside of their scope, such as deployment planning and policy management.

Cisco Secure Endpoint is a great product and since it has worked for us, I'm recommending it to every other business. All businesses face online threats and cyber-attacks and will this endpoint protection software, your business is in a better position to handle threats.

Using and understanding Cisco Secure Endpoint is easy.

The support is knowledgeable and very responsive.

It is a great security solution for corporations of all sizes that care about keeping their technology and users secure.

It is very autonomous, secure, and highly configurable.

Cisco Secure Endpoint plays a huge role in keeping the employees secure.

Cisco Secure Endpoint is well suited for every organization and it is fully capable for detect and prevent malware attacks on your organization. it gives us [all] the security features which help us to manage the organization without any security attack and downtime. we can easy to configure and deploy in [the] existing network and we will never face any big downtime. the customer support is also very good and helpful. Cisco provides lots of documentation for help.

We have been using this for the last 2 years and we never faced any malware attacks on our organizations. [Cisco Secure Endpoint] is an advanced and high-performance tool for detecting and preventing malware attacks on your organization. [We] can configure and install the [Cisco Secure Endpoint] very easily and manage through a centralized [location.]

Cisco is always best and known for good 24/7 technical support. the [SLA] is very good and cisco provides us all the information document for study. the [Cisco] support community is also very good and helpful.

Cisco Secure Endpoint has proven to be well suited for most if not all of our security concerns on our endpoints. From the annoying unwanted PUA to the sophisticated attack by an APT, it has been outstanding in identifying and stopping malicious activities on our endpoints both workstations and servers.

The platform provides an enormous amount of capability and information to the administrators in an intuitive and meaningful format. From monitoring to the development of different security policies for our environment, Cisco Secure Endpoint is an easy to use and effective endpoint security solution. Once a threat enters your environment, you are able to identify it and track its trajectory and stop it in its tracks.

From our customer service representative to Cisco TAC for technical support, we have experienced fantastic support. Our customer service representative is always responsive and resolves all of our needs. Furthermore, our technical support from Cisco TAC has been great. As an example, we recently had an issue with the Exploit Prevention Engine (Cisco Secure Endpoint has several malware engines) blocking a specific Excel file within our environment. Cisco TAC worked with my staff to identify the issue and resolve it in a timely and effective manner. If a particular issue is not resolved by a technician, it is quickly escalated to higher level support staff.

AMP has effectively cleaned malware on our endpoints. Unfortunately, there have been many false positives with no real explanation or detail. The engine that runs AMP is somewhat heavy on system resources, you should carefully consider the impact on production servers before deploying this to the enterprise. Since AMP is very configurable, it can be used in a variety of ways on any operating system or platform including iPhone, and Linux.

AMP is very difficult to use compared to other products we've seen. It's hard to understand why there are so many different logins for the various products that supposedly integrate with AMP. We had weekly phone calls for months to implement the product yet none of the IT department really enjoys using this product or feels comfortable with the accuracy of detections. The number of false positives is high.

I've called support a few times and my experience was very poor. The process of opening a ticket is unnecessarily difficult. You are required to speak to multiple people. One person answers the phone and takes basic details, creates the ticket, then you wait for a call back from their engineers depending on how severe your issue is. In comparison to Meraki support where you get help right away after providing them your support passcode, AMP has a long way to go!

AMP is best as part of a Cisco suite of solutions. If you are just looking for end point protection and do not use other Cisco products, get something else. AMP is best when integrated into Firepower, SecureX, and Umbrella. With all of these parts feeding data in and out, AMP becomes another piece of the puzzle to protect against common and day zero malware.

The UI is slow and clunky. The event search function needs an overhaul (you can't sort or search by custom terms or by event criticality). However, it allows for great visibility on individual machines and by using scheduled reports we can capture each event and use a parser to pull the important ones.

TAC responds quickly and well. They also are helpful during health checks in providing a laundry list of ways to improve our utilization of AMP. That said, TAC is a bit of a roll of the dice. About 80% of their agents are helpful, the other chunk are less useful than a Google search.

Specific tool for specific need. If you have a gap in your security infrastructure (protection from malware) you might think to use Cisco Advanced Malware Protection (AMP) for Endpoints to make sure your company's devices are safe. But also you can go beyond and enforce your SOC with Cisco AnyConnect where Cisco Advanced Malware Protection (AMP) for Endpoints is used as one of modules.

Great web interface, which allows you to easily manage all devices and have an overall view of the whole security picture.

Like most Cisco products, Cisco Advanced Malware Protection (AMP) for Endpoints has a great knowledge base on Cisco's community portal, but unfortunately the Cisco support team cannot always clearly describe the solution for your issue, especially if it is related to the demo period. Nevertheless, Cisco goes to great efforts to improve your current situation with Cisco Advanced Malware Protection (AMP) for Endpoints support.

While on the expensive side, Cisco Advanced Malware Protection (AMP) is a solid product that is very robust and can be customized a lot. It can also integrate with Cisco's threat grid, umbrella, firepower and other security solutions to give a more broad range of visibility.

Cisco support is top notch.

Any internet-connected device can be protected (Windows, Mac, Linux, Android, & Apple) and Cisco Advanced Malware Protection can integrate with email, web, and firewall security products to provide full coverage and visibility.
Cisco Threat Response (free) makes investigation and prevention much easier. The ability to share casebook with other users makes collaboration during incident response effective.

Easy to deploy, use, manage.

Support for AMP is excellent, some of the best engineers I have worked with.

For starters looking for endpoint security, or companies looking to upgrade those initial safe measures, Cisco Advanced Malware Protection is definitely worth a look to see if it would be compatible with their use-case. Even for bigger and most established companies, I think it's still worth considering all together.

It might not be appropriate for those who already have a long-term/standing security application that they go with as the migration or transition towards Cisco AMP might not be well suited.

If you are looking at a new security software or at least planning to change your current one, make sure that this is on the short-list as the feature-set is extensive!

It provides complete protection for endpoints, from the point of entry, and acts to prevent vulnerabilities.

It provides users with a view of possible blind spots which is cross-platform (Windows, Android, iOS, Linux, macOS) and can immediately perform isolation with only a few clicks.

All cases (albeit minimal) were handled appropriately towards resolution by Cisco's support. Kudos to them!
We only looked at administrator guides and deployment materials for end-user training, as it's only a handful of people in the support team that is working with this application. We also had senior security engineers assisting on the deployment making it a breeze. Administrator and Deployment guides helped a lot, in addition to the support that Cisco provides if needed.

AMP is a great addition to any organization. AMP is your eyes and ears, keeps you on the pulse of your organizations end point safety. The console is easy to use. AMP has helped us see immediate threats so that things do not go unnoticed in our environment and that is a huge win.

We have needed very little support, but anytime we need to reach out for assistance they have always been helpful and knowledgeable about the product and helped us resolve any issues or needs we may have.

AMP is well suited for any organization, it helps to reduce risks on catching malware on endpoints.

Anytime we have needed support they have helped us to solve our issues quickly.

For us, Cisco AMP has been well suited for us to easily check for potential security breaches, malware, etc. I can't really think of any limitations.

It's been a very effective tool for the company.

AMP is great for providing endpoint visibility of your endpoints. However, it is not a catch-all for everything happening on your systems. Limited visibility to powershell execution is a weak point and would require further analysis.