Endpoint Security

Windows Server 2012 R2, fully updated, physical server. Installed AMP connector version 6.2.5.10848 last night. Since then the server has crashed/rebooted twice. Seeing several event ID 36887 Schannel errors since the install - "A fatal alert was rec...

Team, got the email of a bug for amp. Anyone got the BugID, details, or severity? Thx, RickCisco AMP for Endpoints Announcement - AMP for Endpoints Connector downloads --- A bug has been identified in the installer of AMP for Endpoints Connector for ...

Can some kind dev fix the issue where when a file is fully downloaded AMP triggers on a signature on the file.crdownload or whatever your browser du jour decides to temp name downloads, but before AMP can act the browser renames it to the correct fil...

Hi I am working on some case where the customer asked me about the no. VM (for sandboxing) running on the Threat Grid firewall. I neither find it in the Admin guide nor in datasheet and any other portal. Could someone help me on this please?  Regards...

Hi Sir:     My environment is below: 1.AMP Endpoint for MAC and windows 2. Private Cloud on Intranet When I find one suspect file (I think it's malware file.)but AMP endpoint can't analyze it. It think it's normally. What can I do for this file ? Can...

Hi,   I am currently evaluating Rapid Threat Containment with Firepower Threat Defense and ISE. Does anyone if it's possible to add AMP for endpoints to this solution and have AMP to automatically scan a client that has been quarantined by Firepowe/I...

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND Hi  I have AMP version - AMP for Endpoints Connector v1.9.1.603  Redhat release 7.4   And i have AMP processes being among top memory consumers. Are there any suggestions around...

Can a network share or a file on a network share be added to exclusions?  If so, what is the syntax?I have an .exe on a share that I have whitelisted, but it still gets caught by AMP from time to time. (by Tetra per tech support)  They said it is a b...

We are seeing several endpoints not checking in or receiving definition updates after being updated to connector version 6.2.3.10814. There is nothing unique about these machines in our environment. The last 3 events for these machines are as follows...

Hi! What is the best practice for file policy's on ASA's? Im curently running a file policy with 2 rules. rule 1: File types: Category Dynamic Analysis Capable Action: Block Malware Spero, Dynamic Analysis and Reset connection Store files Malware Ru...

Hello, We use Cisco AMP (cloud) and we have about 4000 endpoints. When we started the endpoints update, a lot endpoints started to update at the same times and our bandwidht was painfully impacted. Can you please share with me an recommended update p...

I'm currently trialling AMP for Endpoints and have found there's no consistency with the status of the connectors I've installed on machines. Some show that the definitions are up to date. Some show as 'outdated definitions'. There isn't anything ref...