Cisco AMP is unnecessarily difficult to administer
July 24, 2021

Cisco AMP is unnecessarily difficult to administer

Anonymous | TrustRadius Reviewer
Score 5 out of 10
Vetted Review
Verified User

Overall Satisfaction with Cisco Secure Endpoint (formerly Cisco AMP)

We are currently using Cisco AMP across the entire organization. All endpoints with the exception of a few servers have the agent installed. Our main use for AMP is to protect and clean any malware that may enter our environment. AMP provides an enterprise grade anti-virus/anti-malware solution with centralized cloud management.
  • AMP remediates threats without administrator intervention
  • AMP provides a detailed dashboard of new threats or events that occur
  • AMP is very configurable, policies can be scoped granularly
  • The dashboard should be easier to use
  • The agent updates are very cumbersome to manage
  • AMP support is difficult to use compared to Meraki. Lots of hoops to jump through to get someone on the phone.
  • Cisco AMP has been very difficult to implement.
  • Cisco AMP has not proven to be better than the last AV we used.
  • We have wasted a lot of time trying to figure out false detections.
AMP is very difficult to use compared to other products we've seen. It's hard to understand why there are so many different logins for the various products that supposedly integrate with AMP. We had weekly phone calls for months to implement the product yet none of the IT department really enjoys using this product or feels comfortable with the accuracy of detections. The number of false positives is high.
I've called support a few times and my experience was very poor. The process of opening a ticket is unnecessarily difficult. You are required to speak to multiple people. One person answers the phone and takes basic details, creates the ticket, then you wait for a call back from their engineers depending on how severe your issue is. In comparison to Meraki support where you get help right away after providing them your support passcode, AMP has a long way to go!
  • Arctic Wolf
We've provided Arctic Wolf API access to AMP to help monitor our detections.
Compared to Malwarebytes Enterprise, AMP is significantly harder to configure, update, implement, use. The overall burden that AMP puts on the IT department is rather high.
AMP has effectively cleaned malware on our endpoints. Unfortunately, there have been many false positives with no real explanation or detail. The engine that runs AMP is somewhat heavy on system resources, you should carefully consider the impact on production servers before deploying this to the enterprise. Since AMP is very configurable, it can be used in a variety of ways on any operating system or platform including iPhone, and Linux.

Cisco Secure Endpoint Feature Ratings

Anti-Exploit Technology
Endpoint Detection and Response (EDR)
Centralized Management
Infection Remediation
Vulnerability Management
Malware Detection