https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3334856#M4988 <P>Hello&nbsp;<SPAN>&nbsp;</SPAN><SPAN class="UserName lia-user-name lia-user-rank-Community-Member lia-component-message-view-widget-author-username"><A id="link_15" class="lia-link-navigation lia-page-link lia-user-name-link" href="https://supportforums.cisco.com/t5/user/viewprofilepage/user-id/461515" target="_self"><SPAN class="">aswantek</SPAN></A></SPAN></P> <P>&nbsp;</P> <P><SPAN class="UserName lia-user-name lia-user-rank-Community-Member lia-component-message-view-widget-author-username"><SPAN class="">I have reviewed your queries.&nbsp;</SPAN></SPAN></P> <P>&nbsp;</P> <P>1.) Can a specific group/policy be used instead of the "default" policy as defined in the "Business" pull down. This is quite important in our environment - Yes, you can create specific group/policy from the Policy tab&nbsp; accordingly and enable the features as per your requirements.</P> <P>&nbsp;</P> <P>2.) When creating the VDI template, does it need to connect/register with the AMP cloud? I am not sure why you would register the template as it never is "used" in production except to generate the non-peristent VDIs - Are you mentioning about creating the golden image for Identity persistence here ?</P> <P>&nbsp;</P> <P>3.) One of the CISCO docs recommends Identity Persistence of By hostname across business be used. Is that reasonable? Its completely based on your environment . Without knowing about your environment we cannot really commend on the same.&nbsp;</P> <P>4.) Also recommended was to NOT install TETRA. Is that reasonable? Its recommended to avoid using TETRA in Server environment and also if there is any other antivirus already running in the system.</P> <P>&nbsp;</P> <P><SPAN class="UserName lia-user-name lia-user-rank-Community-Member lia-component-message-view-widget-author-username"><SPAN class="">Regards</SPAN></SPAN></P> <P><SPAN class="UserName lia-user-name lia-user-rank-Community-Member lia-component-message-view-widget-author-username"><SPAN class="">Jetsy&nbsp;</SPAN></SPAN></P> <P><SPAN>&nbsp;</SPAN></P> Wed, 21 Feb 2018 07:50:55 GMT Jetsy Mathew 2018-02-21T07:50:55Z https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3334576#M4987 <P>Has anyone had any real world experience deploying AMP for Endpoints on Virtual Desktops (VMView to be specific) Our VDI environment uses <STRONG>non-persistent</STRONG> WIndows 7 and WIndows 10 desktops. The official CISCO/Firepower documentation is a&nbsp; bit vague. I have a few questions:</P> <P>1.) Can a specific group/policy be used instead of the "default" policy as defined in the "Business" pull down. This is quite important in our environment.</P> <P>2.) When creating the VDI template, does it need to connect/register with the AMP cloud? I am not sure why you would register the template as it never is "used" in production except to generate the non-peristent VDIs</P> <P>3.) One of the CISCO docs recommends Identity Persistence of By hostname across business be used. Is that reasonable?</P> <P>4.) Also recommended was to NOT install TETRA. Is that reasonable?</P> <P>&nbsp;</P> Sat, 09 Mar 2019 01:46:48 GMT https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3334576#M4987 aswantek 2019-03-09T01:46:48Z https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3334856#M4988 <P>Hello&nbsp;<SPAN>&nbsp;</SPAN><SPAN class="UserName lia-user-name lia-user-rank-Community-Member lia-component-message-view-widget-author-username"><A id="link_15" class="lia-link-navigation lia-page-link lia-user-name-link" href="https://supportforums.cisco.com/t5/user/viewprofilepage/user-id/461515" target="_self"><SPAN class="">aswantek</SPAN></A></SPAN></P> <P>&nbsp;</P> <P><SPAN class="UserName lia-user-name lia-user-rank-Community-Member lia-component-message-view-widget-author-username"><SPAN class="">I have reviewed your queries.&nbsp;</SPAN></SPAN></P> <P>&nbsp;</P> <P>1.) Can a specific group/policy be used instead of the "default" policy as defined in the "Business" pull down. This is quite important in our environment - Yes, you can create specific group/policy from the Policy tab&nbsp; accordingly and enable the features as per your requirements.</P> <P>&nbsp;</P> <P>2.) When creating the VDI template, does it need to connect/register with the AMP cloud? I am not sure why you would register the template as it never is "used" in production except to generate the non-peristent VDIs - Are you mentioning about creating the golden image for Identity persistence here ?</P> <P>&nbsp;</P> <P>3.) One of the CISCO docs recommends Identity Persistence of By hostname across business be used. Is that reasonable? Its completely based on your environment . Without knowing about your environment we cannot really commend on the same.&nbsp;</P> <P>4.) Also recommended was to NOT install TETRA. Is that reasonable? Its recommended to avoid using TETRA in Server environment and also if there is any other antivirus already running in the system.</P> <P>&nbsp;</P> <P><SPAN class="UserName lia-user-name lia-user-rank-Community-Member lia-component-message-view-widget-author-username"><SPAN class="">Regards</SPAN></SPAN></P> <P><SPAN class="UserName lia-user-name lia-user-rank-Community-Member lia-component-message-view-widget-author-username"><SPAN class="">Jetsy&nbsp;</SPAN></SPAN></P> <P><SPAN>&nbsp;</SPAN></P> Wed, 21 Feb 2018 07:50:55 GMT https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3334856#M4988 Jetsy Mathew 2018-02-21T07:50:55Z https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3337902#M4989 <P>We are having issues following the limited documentation provided by CISCO with regard to deploying the AMP connector on VMView VDI desktops. Is there a DEFINITIVE step by step document that goes through this process?</P> Mon, 26 Feb 2018 15:01:32 GMT https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3337902#M4989 aswantek 2018-02-26T15:01:32Z https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3723214#M4990 <P>Hi Aswantek, I have successfully deployed Cisco AMP on non-persistent virtual desktops in a XenServer / XenDesktop environment.&nbsp;&nbsp;It took some time to get it to a functional state without filling the write-cache disk and without causing performance issues.</P> <P>&nbsp;</P> <P>You first need to make sure you have all the correct exclusions for your environment.</P> <P>&nbsp;</P> <P>Steps I followed are:</P> <P>&nbsp;</P> <P>1.&nbsp; Modify the policies for both your Cisco AMP default group and&nbsp;your target group as follows:</P> <P>a) Disable Tetra Engine</P> <P>b) Enable Identity Persistence with the option "By Hostname across Business"</P> <P>&nbsp;</P> <P>2.&nbsp; Download the connector (with policy) and install onto your imaging machine using command-line install with the switches:&nbsp; &nbsp;/skipdfc 1 /skiptetra 1</P> <P>&nbsp;</P> <P>3.&nbsp; Once installed, stop the Cisco AMP service.&nbsp; Easiest way is from command-line:&nbsp;</P> <P>%programfiles%\cisco\amp\x.x.x\sfc.exe -k &lt;protectionpassword&gt;</P> <P>&nbsp;</P> <P>4.&nbsp; Run the following commands to recreate the local.xml file (contains GUID)<BR /><BR /></P> <PRE><STRONG>del "%PROGRAMFILES%\Cisco\AMP\local.xml"</STRONG></PRE> <PRE><STRONG>echo ^&lt;config^&gt;^&lt;/config^&gt; &gt; "%PROGRAMFILES%\Cisco\AMP\local.xml"</STRONG></PRE> <P>&nbsp;5.&nbsp; Shutdown the machine without restarting the service.</P> Thu, 11 Oct 2018 03:51:30 GMT https://community.cisco.com/t5/endpoint-security/amp-for-endpoints-deploying-on-vmview-vdis/m-p/3723214#M4990 phil.reeves 2018-10-11T03:51:30Z