Internal Support Experience with Cisco AMP for Endpoints
May 28, 2020
Internal Support Experience with Cisco AMP for Endpoints
Overall Satisfaction with Cisco Advanced Malware Protection (AMP) for Endpoints
Day-to-day use, implementation, and deployment experience were awesome! Being in internal IT support, Cisco Advanced Malware Protection provides an additional layer of security with minimal to no effort in making sure that we have visibility and security with our endpoints. Maintenance and routine work were lessened due to the feature set that this application brought!
- We utilize Cisco AMP on our ASA and our CES as well.
- Using it everywhere gives us great visibility into where a file came from and what it does.
- It provides complete protection for endpoints, from the point of entry and acts to prevent vulnerabilities.
- In addition, it provides users with a view of possible blind spots which is cross-platform (Windows, Android, iOS, Linux, macOS) and can immediately perform isolation with only a few clicks!
- Sometimes during whitelisting, other files from security tools get isolated even if it's not user intended.
- Re-syncing policies also take some time, albeit in a straightforward process.
- As with all security software, false-positives are still detected.
- Hoping that once the library is expanded further, the false positives will be fewer.
- Greater thread detection and remediation
- Ease of management and visibility from the available modules
- Cisco security appliances
- Networking equipment for our WAN, LAN and WLAN
Overall integration with our existing Cisco products did not take a lot of time, as the cross-application support and integration of Cisco is top-notch. We only needed to add some of these existing appliances, either as hosts to monitor or modules to be added into the Cisco Advanced Malware Protection, and we were good to go.
At the moment, we are still deliberating if we are to further integrate this to our non-Cisco components, but it's looking like it's a go!
At the moment, we are still deliberating if we are to further integrate this to our non-Cisco components, but it's looking like it's a go!
The decision basically boiled down to future-proofing and further integration. We used Symantec Endpoint Protection for our user machines and laptops and went with Cisco's Advanced Malware Protection for the infrastructure side including network (wired and wireless), servers, and so on.
We are currently deliberating, as mentioned in the previous page, to fully remove Symantec all together and go full-on with Cisco's AMP.
We are currently deliberating, as mentioned in the previous page, to fully remove Symantec all together and go full-on with Cisco's AMP.