Hello, Does CISCO AMP scan for web browser cookies? Thank you.
Hello, Does CISCO AMP scan for web browser cookies? Thank you.
Hello everybodyI am trying to implement dot1x on eve-ng and everytime I try I receive weird results!My current problem is that my switch doesn't seem to send username to ISE server and I am only able to use MAB. Here is my configuration: SW1#sh run...
Cisco Secure Endpoint flags Lsass dump as Cloud IOC. EDR tool did not stop the dump, most likely because Windows native tools were used. I have ticketing in place to alert on the event. Does anybody know how do I blacklist the activity(command line i...
Hello. I have a bunch of VMWare hosted servers that AMP is hogging memory on. Most noticeably, it's really hogging it up on several servers that have 4GB of memory, to the point where I get constant Nagios alerts about memory usage. Previous, I could...
Hi Everyone,We wanna Implent Posture assessment in LAN. With temporal Agent everything works fine. But when we wan to client Use anyconnect Posture module, Client provisioning portal shows an error "An error occurred. Contact the helpdesk for assista...
Hi,In response to a security incident, I would like to query one group of endpoints in AMP (Secure Endpoint) for network connections to a specific IP address. How can I do that in Orbital?Thanks for your time.Have a great day.T
On 6/28 and 6/29 I received a large uptick in old PDF docs getting quarantined as PDF.Spam.Heur5. In all cases, these pdf files have been on these workstations for two or more years. Anyone else seeing this? False positives, or better late than ne...
Hi, I have seen this ISE reference for guest authentication & ISE: https://community.cisco.com/t5/security-documents/ise-guest-access-deployment-guide/ta-p/3640475 , but i am still unsure if wired guest users can be redirected to a Sponsor Captive...
Hi, I have a number of files on Windows 10 that are showing as clean One is svchost.exe SHA256 5d00bbeb147e0c838a622fc42c543b2913d57eaca4e69d9a37ed61e98c819347 It is reporting as clean. However, the product name is Microsoft in Russian, which i...
Which tool can manage Windows Patch Management Check/Remediation with non administrator-level users during network access e.g. VPN? (I am using Cisco AnyConnect) At the current guide... Cisco AnyConnect Secure Mobility Client Administrator Guide, R...
if I have amp installed on some workstations and protected by password, but unfortioanloity I don't have access to management counsel and passwords are forgotten , how can I remove it
Zero Day Exploit of Microsoft Support Diagnostic Tool Detection. What components of Cisco Secure Endpoint will detect and block this vulnerability? https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-to...
Hello, I have a rather interesting issue that I am having trouble figuring out. AMP scans have returned 3 separate endpoints now with the same malicious phishing pdf that is seemingly located in someone's user profile. Normally this would be fine, be...
Hi community! We have a few Surface tablets that need Windows Early Launch Antimalware Protection temporarily off in order to boot. https://docs.microsoft.com/en-us/windows-hardware/drivers/install/early-launch-antimalware Alternatively we can remove...
I am very new to this Cisco product, and am currently going through some vendor security questions, and one of the questions is if our end user security will generate a log in the case of a failure to write a separate log. This might be a very simple...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Subject | Author | Posted |
---|---|---|
11-05-2024 01:09 PM | ||
10-01-2024 05:16 AM | ||
09-19-2024 08:29 PM | ||
09-18-2024 06:06 AM | ||
09-17-2024 10:54 AM |