topic Cisco AMP Query in Endpoint Security https://community.cisco.com/t5/endpoint-security/cisco-amp-query/m-p/4784888#M7355 <P>Hi All,</P><P>I have install amp agent in user device where internet is accessible and it works fine. Now user wants only particular amp urls should allowed and rest of internet should&nbsp; be blocked. Will applying such restrction on user machine will make amp works as its working with full access internet ?. Below are the list of amp urls i will allowed from firewall.</P><P>&nbsp;</P><TABLE><TBODY><TR><TD>4.x Windows only: cloud-ec.apjc.amp.cisco.com</TD></TR><TR><TD>cloud-ec-asn.apjc.amp.cisco.com</TD></TR><TR><TD>cloud-ec-est.apjc.amp.cisco.com</TD></TR><TR><TD>enrolment.apjc.amp.cisco.com</TD></TR><TR><TD>console.apjc.amp.cisco.com</TD></TR><TR><TD>mgmt.apjc.amp.cisco.com</TD></TR><TR><TD>intake.apjc.amp.cisco.com</TD></TR><TR><TD>policy.apjc.amp.cisco.com</TD></TR><TR><TD>upgrades.apjc.amp.cisco.com</TD></TR><TR><TD>crash.apjc.amp.cisco.com</TD></TR><TR><TD>ioc.apjc.amp.cisco.com</TD></TR><TR><TD>clam-defs.apjc.amp.cisco.com</TD></TR><TR><TD>tetra-defs.amp.cisco.com</TD></TR><TR><TD>custom-signatures.apjc.amp.cisco.com</TD></TR><TR><TD>rff.amp.cisco.com</TD></TR><TR><TD>submit.amp.cisco.com</TD></TR><TR><TD>apde.apjc.amp.cisco.com</TD></TR></TBODY></TABLE> Wed, 01 Mar 2023 12:08:57 GMT sv7 2023-03-01T12:08:57Z Cisco AMP Query https://community.cisco.com/t5/endpoint-security/cisco-amp-query/m-p/4784888#M7355 <P>Hi All,</P><P>I have install amp agent in user device where internet is accessible and it works fine. Now user wants only particular amp urls should allowed and rest of internet should&nbsp; be blocked. Will applying such restrction on user machine will make amp works as its working with full access internet ?. Below are the list of amp urls i will allowed from firewall.</P><P>&nbsp;</P><TABLE><TBODY><TR><TD>4.x Windows only: cloud-ec.apjc.amp.cisco.com</TD></TR><TR><TD>cloud-ec-asn.apjc.amp.cisco.com</TD></TR><TR><TD>cloud-ec-est.apjc.amp.cisco.com</TD></TR><TR><TD>enrolment.apjc.amp.cisco.com</TD></TR><TR><TD>console.apjc.amp.cisco.com</TD></TR><TR><TD>mgmt.apjc.amp.cisco.com</TD></TR><TR><TD>intake.apjc.amp.cisco.com</TD></TR><TR><TD>policy.apjc.amp.cisco.com</TD></TR><TR><TD>upgrades.apjc.amp.cisco.com</TD></TR><TR><TD>crash.apjc.amp.cisco.com</TD></TR><TR><TD>ioc.apjc.amp.cisco.com</TD></TR><TR><TD>clam-defs.apjc.amp.cisco.com</TD></TR><TR><TD>tetra-defs.amp.cisco.com</TD></TR><TR><TD>custom-signatures.apjc.amp.cisco.com</TD></TR><TR><TD>rff.amp.cisco.com</TD></TR><TR><TD>submit.amp.cisco.com</TD></TR><TR><TD>apde.apjc.amp.cisco.com</TD></TR></TBODY></TABLE> Wed, 01 Mar 2023 12:08:57 GMT https://community.cisco.com/t5/endpoint-security/cisco-amp-query/m-p/4784888#M7355 sv7 2023-03-01T12:08:57Z Re: Cisco AMP Query https://community.cisco.com/t5/endpoint-security/cisco-amp-query/m-p/4784903#M7357 The URLs you need to allow are documented here:<BR /><A href="https://www.cisco.com/c/en/us/support/docs/security/sourcefire-amp-appliances/118121-technote-sourcefire-00.html" target="_blank">https://www.cisco.com/c/en/us/support/docs/security/sourcefire-amp-appliances/118121-technote-sourcefire-00.html</A><BR /> Wed, 01 Mar 2023 12:35:25 GMT https://community.cisco.com/t5/endpoint-security/cisco-amp-query/m-p/4784903#M7357 Ken Stieers 2023-03-01T12:35:25Z