Endpoint Security

cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Forum Posts

Hi All, We are facing replication issue in our environment we have 8 nodes in our deployment 2 Admin 2 Monitoring and 2 PSN and running dot1x , BYOD and posture services. On primary node we are getting Replication issue for all other nodes and when w...

Bhardwajp by Beginner
  • 906 Views
  • 1 replies
  • 5 Helpful votes

I'm not sure if this is the right place to ask. I have an old EXE file, which has been incorrectly flagged as malware by both Cisco and Windows Defender. I have contacted Microsoft support, they confirmed that it was a false positive. Therefore, they...

Gtok8 by Beginner
  • 1204 Views
  • 1 replies
  • 5 Helpful votes

Hi Team, One of our customers had a malware attack on the critical servers hence in the process of a endpoint AMP PoV. The connectivity for these servers to Cisco cloud has been provided as per the documentation of FireAMP. But still getting an erro...

ymadheka by Enthusiast
  • 5205 Views
  • 3 replies
  • 0 Helpful votes

In our VMware Horizon 8.1 environment with Windows 10 20H2 linked clones we are implementing AMP for Endpoints.The installation with the Identity Persistence (setup.exe /R /S /goldenimage 1) works fine. Also the Ubuntu Local AMP update server works w...

Nijkerk by Beginner
  • 1302 Views
  • 2 replies
  • 0 Helpful votes

Hi Everyone.   I'm trying to write a guide for our analysts on how to perform threat validation when receiving Malicious Activity Detection alerts. I have a filter set up in AMP that emails the groups when certain events are observed. Specifically we...

Hello,Is there a way to check what happened to the malicious file when Cisco Endpoint Security detects a threat and generate an even. When I enter the Sha-256 hash I can see other information but not what happened? For example: Threat detected and fi...

IamSamSaul by Beginner
  • 1927 Views
  • 3 replies
  • 5 Helpful votes

AMP sometimes sends massive alerts about exploit prevention. Mostly its from IEXPLORE.exe, Acrord32.exe, RdrCEP.exe, EwUpdater.exe.  Why is this happening? they are all safe apps. Is there anyway to stop this alerts? besides disabling the option?  

hkim6 by Beginner
  • 1047 Views
  • 0 replies
  • 0 Helpful votes
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Top Solution Authors