What is the source that Cisco is referring to block the IP address under "Network" tab, Where can we find the source for this so that we can customize if required.
Forum Posts
Is a reboot necessary when updating AMP from 7.1.5.11523 to 7.2.7.11687? I asked a similar question to cisco a long time ago and was told that if the 1st or 2nd number in the version number changes, then a reboot is necessary. So when I deployed ...
Hi Cisco Community,I've received detections on PCs where AMP states the user involved is a user that has never logged into the computer in question. I'm assuming this has to do with the origination of the file detected, but I'm not sure. Does anyone ...
I have an executable file, I used sha256deep to generate a hash. I confirmed that hash with an upload to VirusTotal as well as generating a hash through 7zip. I added the sha256 hash to my blocklist. Updated the policy on my endpoint. I was still abl...
My main question: is there a way to automatically remove inactive computers from the console (to free up the licenses)? For instance, if a client has not connected to the service for 90 days, then remove it. I've noticed a large number of duplicat...
Hi Team , Struggling to get straight answer on this one... Not sure best practice for the AMP Policy to cover our Terminal Servers, We run 90% of our clients in Terminal server Farms. They are no VDI environment. Trying to determine best policy to en...
Hello Team, We are seeing Cisco AMP Tetra update definitions not updating to Endpoint protection. We have allowed tetra-defs.amp.cisco.com in the firewall but still, we are seeing definitions failed in the Endpoints. Please guide me on how to resolve...
It appears there is no capability for Isolation on macOS, same with IOC Scans? Is this true, and if it is, are those features being worked on? Thanks.
Does Cisco Endpoint fully integrate directly to FMC (Firepower)?Or does FMC only get intelligence from endpoint sent to Threat Grid and then down to FMC(Firepower)?Want to know how much intelligence the endpoint can feed into the FMC.
According to the following documentation: https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/security__internet_access__and_communication_ports.pdf The port 32137 is a legacy port for cloud communic...
Hi everyone,We have a lot of Mac ipad/iPhone users. Does Cisco AnyConnect supports Safari URLs triggered VPN? That is, when their Safari browser opens a specific URL, it could trigger the VPN. But if it goes to another URL, it doesn't trigger VPN.I...
In previous versions of ISE, we were able to go to context visibility/end points and enter the mac address and see the location history, even if the device was disconnected from our network a year ago. Now with ISE 2.6 I'm not seeing that info. Is ...
Hello Team, I Am Seeing An Error Of Orbital Update Fail Ure For AMP Endpoints. Please Guide Me On How To Solve The Issue.
Hi all, Can I create a new exclusion list by copy, import or upload a complete list or have I to create every single exclusion new?
Resolved! Event
Hi,Quarantine failed events were triggered for the user. 3240099848 Error Code : 3240099848Description: File not found Can anyone please explain the meaning of the error?
