Endpoint Security

Need help on AMP Linux connector upgrade from 1.12.x to 1.13.x

We have currently various versions of Linux connector installed (1.12.1.676/1.12.3.698/1.12.4.702) on our machines.However Cisco has made all the above mentioned versions unsupported and they have asked us to upgrade to the latest version. a) So, we ...

Need help on Linux connector upgrade

We have currently various versions of Linux connector installed (1.12.1.676/1.12.3.698/1.12.4.702) on our machines.However Cisco has made all the above mentioned versions unsupported and they have asked us to upgrade to the latest version. a) So, we ...

File exclusions vs Folder (Directory exclsuions)

Hi Team, As far i know with McAfee and Symantec, Exclusion consideration is like if you keep C:\Test ( File exclusion) , if you keep C:\Test\(Directory Exclusion) , How does it work in AMP? is this is the same ? does it make any different considerati...

Cisco Threat Grid ICAP PROTOCOL SUPPORT

Hi ALL, Do Threat Grid supports the ICAP protocol or other protocol for third-party solution integration for sandboxing purposes. Thank's.

Resolved! ASA 5512 Certificate and Trustpoints

We have a Cisco ASA 5512. We recently had to have the running config restored by our Cisco partner and after the restoration, I noticed a slight change in the trustpoints. For the CA Certs, we have 3 - (1) ADSM_Trustpoint6 - General Purpose Use, (2)...

Does AMP scans inbound and outbound emails?

Hi Team, i don't see any option in policy for email scans , still i would like to know , does AMP scan inbound /Outbound emails ? Regards,Pruthvi

Endpoint Isolation allow DNS and/or DHCP

Pretty new to AMP for endpoints. I've been reading about Endpoint Isolation and just wondering what is the benefit of allowing DNS and/or DHCP on an isolated endpoint. Thanks

Resolved! Cannot connect to server error in AMP console

Hi Team, We see error in console : Cannot connect to server ? what are the basic troubleshooting steps need to be performed ?Please provide me detailed steps ? Regards,Pruthvi

Orbital Download in Cisco AMP

We have enabled Orbital search feature in Cisco AMP for our workstations in our environment, however after enabing the Orbital features machines have started to download some data over the internet. We would like to know what data it is trying to dow...

Anyconnect Hostscan question

The Catalina Mac OS is not compatabile with hostscan so VPN can't be used on laptops with the new OS. We are needing to upgrade (https://www.cisco.com/c/en/us/td/docs/security/asa/migration/guide/HostscanMigration43x-46x.html) but the question i have...

Resolved! Is it possible to have 2 ASAs 5525 on High Availability & 500 AnyConnect licenses in HA as well?

Hi everyhone, hope you are safe and at home. This is what I need: - 2 ASA 5525 on HA (one for Active and another for Passive)- 500 simultaneous AnyConnect sessions. If the ASA that has the 500 AnyConnect sessions gets damaged, the ASA for passive is ...

Is it possible to collect continuous event information through the API without duplication?

Resolved! Can I use wildcards in Orbital to select endpoints?

Can wildcards be used for hostname endpoint selection?host:SRV0087*

Resolved! AMP for Endpoints Connector CPU Utilization Limit?

Hi all,I'm looking for a little guidance on best practices for scanning a file server. With a little help from Cisco TAC I've got the AMP policy adjusted to run lightly on the file server, however the monthly scheduled full scan takes around 4 days t...

AMP For Endpoints for Managed Service Providers?

We use AMP for Endpoints across multiple customer accounts, but each account has a separate email user because AMP requires a new email to be used for every different tenant. In most circumstances, a customer does not provide an email for us to use s...

Endpoint Security

Forum Posts

Need help on AMP Linux connector upgrade from 1.12.x to 1.13.x

Need help on Linux connector upgrade

File exclusions vs Folder (Directory exclsuions)

Cisco Threat Grid ICAP PROTOCOL SUPPORT

Resolved! ASA 5512 Certificate and Trustpoints

Does AMP scans inbound and outbound emails?

Endpoint Isolation allow DNS and/or DHCP

Resolved! Cannot connect to server error in AMP console

Orbital Download in Cisco AMP

Anyconnect Hostscan question

Resolved! Is it possible to have 2 ASAs 5525 on High Availability & 500 AnyConnect licenses in HA as well?

Is it possible to collect continuous event information through the API without duplication?

Resolved! Can I use wildcards in Orbital to select endpoints?

Resolved! AMP for Endpoints Connector CPU Utilization Limit?

AMP For Endpoints for Managed Service Providers?

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

ISE as Radius Server with InTune Creds?

Best Practices: Managing Cisco AMP and Windows Defender on Intune Devi

Umbrella Secure Client (Anyconnect Umbrella only) and Citrix

Orbital Execute Powershell Cmdlet for installed modules from PSGallery

error:x509 certificate signed by unknown authority - Cisco Orbital AMP

Secure Client Cloud Management Deployments not saving

Add Secure Endpoint (AMP) to iPhones with MDM

Secure Endpoint or Client?

Pause or stop protection

how to integrate with ISE appliance(POC) exsting network