Endpoint Security

cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco CyberSecurity

Forum Posts

What are the possible reasons why AMP agent mark a malicious file as quarantine failed? We have instance that the agent pop-up and showed threat detected but based on the description it was quarantined failed. Thanks!

Mady by Level 4
  • 7779 Views
  • 3 replies
  • 0 Helpful votes

I have errors in windows event viewer system logs " event 7011   A timeout (30000 Milliseconds) was reached while waiting for a transaction response from the CiscoAMP_5.1.7 service"Continuously this shows up in system log    Any idea

mrjemyers by Visitor
  • 3698 Views
  • 1 replies
  • 0 Helpful votes

Sourcefire newbie here...I have to remove FireAMP agents from computers, but I would like to do this from the FireAMP management console.  I know that if you navigate to Management>Computers and you highlight the computer in question you have the opt...

Hello, We use AMP integrated with Firepower and send events to our SIEM via eStreamer.  We have been seeing events with a "file_action" of 0.  Our documentation does not identify what this type of event might be.   The most current documentation I co...

khendrick512 by Community Member
  • 3612 Views
  • 3 replies
  • 0 Helpful votes

We are trying to understand why it took around four (4) days for the file analysis to determine the disposition of the unknown file with network trajectory below (screenshot).  Please have someone take a closer look on our IPS and provide comprehensi...

John by Level 4
  • 2304 Views
  • 1 replies
  • 0 Helpful votes

When installing on servers it is recommended to use the /skipdfc switch. I am looking for a way to validate that this switch was or was not used on a specific server. There should be a way to verify that the DFC drive is not installed, but I haven't ...

Hello, I am getting 'MALWARE-CNC Win.Trojan.Glupteba C&C server READY command to client" alerts from Source port 10003 to high numbered destination ports in my network. Most of the source IP belongs a Linux server in my network. Where can I find the ...

Top Solution Authors