So normally I boot an ipad up, add the network, reboot and change the tag of the ipad to the preconfigured tag I want to have it under. I've rebooted it a few times and searched over and over, it's not being seen under my dasboard. Anyways I just got...
When attempting to download the current connector from the Console, the first download succeeds, then subsequent downloads are triggering an alert for Gen:Variant.Symmi.84797Policy was updated today for the Endpoint and on version 8.1.3
Hi, I have a couple of questions:1> In the Script Control section of the policy.xml file there is an option to exclude certain processes or whitelist a folder, however I couldn't find where to configure these settings in the Secure Endpoint console. ...
I am using pda through cisco wireless. and, apWhile replacing it with 9120, the authentication method was changed to 802.1x. According to the customer, the service has been unstable since the change, and looking at the log of the pda,intermittentlyCo...
Meraki Windows MDM user updated their Windows 10 Enterprise machine to Windows 11 before we could block the ability to do so with a GPO. Now their Windows profile will not sync. Previously the Windows profile and agent were installed correctly per Me...
We have a Windows server running on 7.5.3 (Scheduled for upgrade to 8.1.3 shortly). There is a threat detected on the server and it was successfully quarantined. When viewing the details of the event in Event Trajectory, it says on the detected file ...
Hello everyone,I have created multiple workflows to alert on different types of events and now I am looking for a possibility to initiate a full scan via SecureX workflow. I have run through API documentation (https://api-docs.amp.cisco.com/api_resou...
Hi there, We recently isolated an Exchange Server using the AMP Dashboard. However, it appears that the Outlook Web Access (OWA) application that is running from it, was still active and accessible from the internet. Please clarify if AMP Isolation m...
We have 1500 AMP for Endpoints licenses - I just watched a video on deploying them - from what I saw I would need each pc to go to https://console.amp.sourcefire.com portal page and download these individually. 1 - How would I get a login for the sou...
Hello,When investigating a threat detected, is there a way to see how the infected file got on the machine? Is secure endpoint able to track it from a website, email, USB, etc?Thanks
Hi everyone,Cisco AMP found different malicious files, I saw 2 different dispositions on Cisco AMP:Disposition: MaliciousDisposition: BlocklistedBoth files quarantined but can someone explain what is the difference between blocklisted and malicious d...
Hi, We are using Cisco for Endpoint (former AMP) on all our windows clients and server and would like to use the feature called "Kenna Risk score" but on all client it says that windows 10 i required, we are using windows 10, win 11, win 2019 server ...
I am currently running a project where we are updating Cisco Secure Endpoint on all over our servers from 7.3.15 to 7.5.5. Since we first deployed what was originally known as Cisco AMP we have experienced 100% CPU issues with a fair amount of our E...
Over the past few weeks, I have been getting quite a few notifications about tmp files getting flagged in Cisco AMP, but the file never gets quarantined. It just says that it failed to quarantine the file because it's already been "deleted, moved, or...
We see a lot of events regarding the solitarie.exe (Solitaire colection) detected as a threat on windows 11.We are able to allow the application un AMP but would like to report this as a false poitive, just to avoid all events. Since i dont have any ...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
| Subject | Author | Posted |
|---|---|---|
| 04-20-2026 08:04 AM | ||
| 04-20-2026 04:37 AM | ||
| 03-26-2026 01:13 AM | ||
| 09-15-2025 11:10 PM | ||
| 08-07-2025 11:30 PM |
