Hi All Anyone else see a spike in Retrospective Detections over the weekend? Specifically .in12.talos detections. All seemed to link to .js files from programs like grammarly, Adobe etc. All unable to quarantine. Noticed a similar post last year so w...
Forum Posts
Hi, I see a small difference in the results from the API and what is shown in the AMP4E Events dashboard. I made an API request and found that the event type "System Process Protection" does not show the field named "Reason" while the dashboard does....
Resolved! IPS resources on Firepower
Hi,If there are 2 instances for 2 customers on 4100 series firewall. Is it possible to assign specific resources to a specific customer also for IPS?can anyone provide any cisco documentation ? Mateen
Hello Cisco Community,I can't seem to find the option to initiate a scan on all computers in a group - can anyone point me in the right direction as to where this can be done, if at all?Thanks!
Is it possible to use Nokia Vital QIP DDI as ISE AAA identity store (ISE should authenticate clients using QIP as identity store)
I am attempting to deploy Cisco Umbrella throughout my organization. For iOS devices, the Cisco Security Connector app is required, and I am pushing it to our devices using Jamf. I have pushed the app and configuration and it works correctly, but I w...
After updating to a newer version of AMP, we have experienced an issue where several users (not all) continue to be prompted for a reboot, even after the update has been installed and the user has rebooted several times. Any suggestions?
Hello, Has anyone seen the sample logs below sent over the syslog server? I have already opened a TAC case but just in case anyone has experience any of this or might have any idea. Basically, our two node ISE deployment are sending these logs to Spl...
Hello, Does anyone have experience with pushing an AMP connector update to 500+ computers at once? Im looking for a best practice to update my company but Im not sure if I should just go ahead and update the policy to update all at once. Does AMP pu...
Is it possible to exclude hidden folders in Cisco AMP? We have app developers who create windows 10 apps and these apps run from program files->windowsapps. I tried to exclude this folder as Path in the exclusions folder but when we try to run the ap...
HI,Is it possible to remove AMP for Endpoints via the Dashboard? The PC in question is no longer in our possession, so we won't be able to uninstall directly on PC. Regards/Maverick63dk
Resolved! AMP for Network best practices
Looking for AMP for Network best practices notes: best practice for Tuning File and Malware Inspection Performance and Storage best practice for file type inspection for malware check such as portable file, docx etc.
HiWe noticed that Cisco AMP data stored on disk, prevents from shrinking drive by Bitlocker so it prevents from starting process of encryption.MBAM reports error while shrinking disk. After troubleshooting, this is always caused by cisco amp data on ...
Resolved! Cisco Umbrella
What is Cisco Umbrella, How it can enhance Security of Endpoint/Network? Thanks
Do you have any recommendations on how to deploy AMP for Endpoints in the Process Control Network area?
