Showing results for 
Search instead for 
Did you mean: 
Blog- Changes on Community Labels

Cisco AMP update procedure



We use Cisco AMP (cloud) and we have about 4000 endpoints. When we started the endpoints update, a lot endpoints started to update at the same times and our bandwidht was painfully impacted.


Can you please share with me an recommended update procedure ? I know some community members use SCCM to do that, It will be nice if someone can share the procedure.


Thank you.

Hall of Fame Master

Re: Cisco AMP update procedure

Instructions for SCCM deployment can be found in the "AMP Deployment Strategy Guide".


The latest version is linked from this page:


Re: Cisco AMP update procedure

How about making a new group with update window set and then just move machines from group to another in staggered allotments.

Thats what i plan on doing in my environment which is over 160k endpoints. This past go around we used SCCM and it had it's own issues where it was supposed to reboot the machine and it did not do it. even thought the sccm logs said it did

Cisco Employee

Re: Cisco AMP update procedure


yes, you are right, we have to improve this feature or the scheduling for Signature updates. We are working actively with Customers/Partners to generate us much as possible feature requests for AMP4E. 


Enclosed two things for Tetra.
Bildschirmfoto 2019-01-07 um 08.25.13.png


Scheduling must be configured more in Detail. E.g. adding a Time and a random value within a time range 
when the client does the update. When clients are starting the update at the same time this generated high
load in vdi environment (boot storm) or bigger locations.

Wen updating signatures or upgrading the product the update/upgrade mechanism must meet the network topology.
Also if there are time windows where no traffic is allowed on specific WAN links this must be able to
be configured in AMP console.
Companies with many network locations and mobile users are needing a dynamic selection of the update servers. 
The update scheduling must fit the network topology and other organizational needs.

This is also needed to avoid high load on limited WAN links at the customer like radio link connections,
WAN optimization and so on.

So if you agree with this needed updates please contact your Cisco representative to open a feature request.




CreatePlease to create content
Content for Community-Ad
Blog-Cisco Community Designated VIP Dinner CLEUR2019