Internal Support Experience with Cisco AMP for Endpoints
May 28, 2020

Internal Support Experience with Cisco AMP for Endpoints

Rik Aragoza | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Cisco Advanced Malware Protection (AMP) for Endpoints

Day-to-day use, implementation, and deployment experience were awesome! Being in internal IT support, Cisco Advanced Malware Protection provides an additional layer of security with minimal to no effort in making sure that we have visibility and security with our endpoints. Maintenance and routine work were lessened due to the feature set that this application brought!
  • We utilize Cisco AMP on our ASA and our CES as well.
  • Using it everywhere gives us great visibility into where a file came from and what it does.
  • It provides complete protection for endpoints, from the point of entry and acts to prevent vulnerabilities.
  • In addition, it provides users with a view of possible blind spots which is cross-platform (Windows, Android, iOS, Linux, macOS) and can immediately perform isolation with only a few clicks!
  • Sometimes during whitelisting, other files from security tools get isolated even if it's not user intended.
  • Re-syncing policies also take some time, albeit in a straightforward process.
  • As with all security software, false-positives are still detected.
  • Hoping that once the library is expanded further, the false positives will be fewer.
  • Greater thread detection and remediation
  • Ease of management and visibility from the available modules
If you are looking at a new security software or at least planning to change your current one, make sure that this is on the short-list as the feature-set is extensive!

It provides complete protection for endpoints, from the point of entry, and acts to prevent vulnerabilities.

It provides users with a view of possible blind spots which is cross-platform (Windows, Android, iOS, Linux, macOS) and can immediately perform isolation with only a few clicks.
All cases (albeit minimal) were handled appropriately towards resolution by Cisco's support. Kudos to them!
We only looked at administrator guides and deployment materials for end-user training, as it's only a handful of people in the support team that is working with this application. We also had senior security engineers assisting on the deployment making it a breeze. Administrator and Deployment guides helped a lot, in addition to the support that Cisco provides if needed.
  • Cisco security appliances
  • Networking equipment for our WAN, LAN and WLAN
Overall integration with our existing Cisco products did not take a lot of time, as the cross-application support and integration of Cisco is top-notch. We only needed to add some of these existing appliances, either as hosts to monitor or modules to be added into the Cisco Advanced Malware Protection, and we were good to go.

At the moment, we are still deliberating if we are to further integrate this to our non-Cisco components, but it's looking like it's a go!
The decision basically boiled down to future-proofing and further integration. We used Symantec Endpoint Protection for our user machines and laptops and went with Cisco's Advanced Malware Protection for the infrastructure side including network (wired and wireless), servers, and so on.

We are currently deliberating, as mentioned in the previous page, to fully remove Symantec all together and go full-on with Cisco's AMP.
For starters looking for endpoint security, or companies looking to upgrade those initial safe measures, Cisco Advanced Malware Protection is definitely worth a look to see if it would be compatible with their use-case. Even for bigger and most established companies, I think it's still worth considering all together.

It might not be appropriate for those who already have a long-term/standing security application that they go with as the migration or transition towards Cisco AMP might not be well suited.

Cisco AMP for Endpoints Feature Ratings

Anti-Exploit Technology
7
Endpoint Detection and Response (EDR)
7
Centralized Management
8
Hybrid Deployment Support
6
Infection Remediation
8
Vulnerability Management
7
Malware Detection
9