HI All, Do we have a facility to define/correlate the process by rand in endpoint and generate an event.simple Example:i Want to get a custom event throw if below process run with 1 min.1)netuser2)tasklist3) systeminfo
Forum Posts
We are replacing servers with latest Operating system. For Example, we have server called as "ABC-01" with Windows 2012 OS, while building a replacement server we name it as "ABC-02" with Windows 2016 OS. Once replacement server is completed then we ...
We noticed machines are not updating with latest Cisco AMP Tetra definitions as on today. Last definition was updated on 28th dec and version is 79287, we see there is definitions released on 6th dec (79376) and they are not updating on any of the m...
I have Treat Grid and showing below Error while i am going for update, Please help me how to shut the existing update process and start new process or any other reason to this error. Check the attached snaps. 'Unable to lock update directory; a sepa...
What is the relationship in AMP between the "Network Conviction Mode" and "Device Flow Corrrelation" under the advanced network settings? If the "Enable Device Flow Correlation" be enabled must the conviction mode for network active be at least audit...
The overview page on the dashboard. Is 30 days the furthest the data goes?I would love to see all the threats detected for the whole year.
cisco Amp pc3000 not detecting malware using local protect DB in standalone connected mode. --> Verified the protect DB and it shows present.--> Using default audit policy with file audit option-->tested malware by downloading EICAR fileeicar_com.zip...
Hello Has anyone tested the Caldera tool with version 3.0.2 of AMP4E(Private Cloud) ?How's the protected ability on AMP4E?CALDERA is an Adversary Emulation tool.
Hi, We are seeing lot of issues coming from windows devices - 100% CPU utilization by AMP. what are the primary steps we have to take to control the CPU usage. what we doing in this cases are- We are checking the connector versions(if it a old we are...
Hello all,please may somebody advice me regarding ASA licensing?I have 2 ASA with base licenses and firepower module and I want to install licenses for Threat protection, URL Filter, Email Spam Protection, malware protection, botnet prevention. I hav...
Hi Everyone, I have two Physical appliance for AMP Private Cloud.i.e AMP-PC-3000.I recently got to know that AMP Private Cloud does not support HA. So can anyone suggest how i can utilize both the appliances. Since customer bought two appliances i mu...
Hi guys,I m confused whether we can configure 2 Cisco AMP PC 3000 applince in HA. Since there is no document i could find on the internet. Can someone help me in this or any document which claims from cisco.
Hi, For some reason, if I download the app from the Play Store and try to register it using the activation code created from our dashboard does not work. We got the following error: "The code you provided appears to be invalid. Try again or contact s...
Hi, Is there any way to avoid unmanaged endpoints to continue consuming licenses? Kind of blacklisting the device or similar?Former employees' laptops no longer managed by my organization still connecting to the cloud and consuming licenses. Regards.
Does the macOS Connector only operate in an Offline mode? Device Trajectory has very minimal to almost no information compared to a Windows Connector. Also, scans executed by the AMP Console don't seem to actually occur and local scans never appear i...
