Does AMP for Endpoints have any native memory-based malware blocking capability? Not looking for detection, but active protection for memory based malware without the use of CTA? Thanks,
Forum Posts
Resolved! AMP on Citrix environment
Hi all, We have a customer who is interested for AMP for Endpoint deployment. All the clients are on Citrix environment and I don't know specially how citrix works. Do I need one instance of AMP for each console or just one instance on the citrix ser...
Has anyone had any real world experience deploying AMP for Endpoints on Virtual Desktops (VMView to be specific) Our VDI environment uses non-persistent WIndows 7 and WIndows 10 desktops. The official CISCO/Firepower documentation is a bit vague. I ...
I've recently installed FireAMP with TETRA on Windows 7 and 10 and have deinstalled/deactivated any onther security product, including the built-in Windows Defender (which will, annoyingly, automatically turn itself back on after some time). Shouldn'...
I cannot block cmd.exe or wscript in my environment as a whole, but I would like to prevent MSWord and Excel from spawning them. There is no legitimate reason for Office products to kick of these. Can this be done through AMP?
This is my first time posting I hope this is that correct place I'm trying to do a silent install of amp connector using the following command line with switches fireampsetup.exe /R /S /desktopicon 0 /startmenu 1 /contextmenu 1 /D=C:\Program File...
We are beginning the deployment of AMP for endpoints. The current policies were auto-generated 2-3 years ago when the main account was originally created, the product has not been touched until now. In a "training" class the instructor said we may ...
Dear Community and Cisco Support, As part of the uninstallation of an existing antivirus product on over 2000 workstations, I would like to run a PowerShell script that moves the computer from Audit mode into Protect mode. Is there any way to move ...
Hi, folks!I have the questions about IOC scan in AMP.1) What is the purpose of this feature? Is it like a full system scan in any other antivirus/antimalware software like McAfee?2) Does every malware has it's own IOC? Or there is a one big cisco IO...
FMC 750 was running on 6.2.2 version and when we tried to upgrade it to latest version 6.2.3 it failed. The ping was working fine but we are not able to access the FMC GUI. We tried to reboot the device, no luck. Then we tried to restore the image vi...
Resolved! mls as a router and vtp server client
Hi all.Not only the pc's can not each other, they can not even ping their own getway. Moreover, although I have written the command IP ROUTING on the mls, the command doesn't appears in the show running page!!I have posted the gns3 file.
Team, While we instal AMP 1.8.1 ver on RHEL 6.9 the server crashes. I have read the instructions mentioning a reboot to be made mandatory after installation but in my case the server crashes...Once the server comes back it says the AMP installation n...
I got a few files that do not have any file trajectory information. I would like to know why this happens and if there is any workaround to gather that information for deeper file investigation. Thanks, -Dave
Does anybody knows the difference between connectors and installs counters on the dashboard page? Thanks, -Dave
Hello, I'm in the process of upgrading the Cisco AMP connector from 5.x version to 6.1.7 version, in order to patch this process exclusions bug. I'm interesting also in how ca I extend this 100 limitation for 6.x AMP version. I saw in the workaroun...
