Hello,I was wondering, if someone has any experience how Elisity use Cisco cat9300 as sensor and policy enforcement "agent" For example, what protocol do they use. For example, do they use restconf? And what kind of API calls are made and what part...
Forum Posts
Hello everyone, Our Secure Endpoint license entitled for 65 connectors and the dashboard showed we already have 50 connectors deployed. However, in the license information, it is showing that we have 17 unused connectors (I think it should be 15)....
It's necessary to organize connector endpoints by their location within the Active Directory organizational unit structure in an automated fashion. Deployment documentation suggests group should be defined at the point of connector deployment. This m...
I believe that there are three ways below that secure clients (formerly X) can control the version. (Correct me if wrong)AnyConnect VPNCloud ManagementSecure Endpoint Can I control the version of Secure Client UI?
For anyone else using XDR.Since the change occurred where all alerts from SE are sent XDR we have had little to zero incidents in XDR with SE observable's. While this may be a benefit and working as designed to only promote what would be considered a...
Hi, when configuring the AMP Enabler profile, can the Mac Installer URL point directly to the SE portal? i.e. using the URL provided under Management > Deployment > Download Connector - selecting required Group, then copying the URL displayed under t...
Hi,I am getting this error while installing v8.2.1.21612. I have completely uninstalled the previous versions and rebooted several times. Many computers in our environment do not have this issue only a few Windows 10 machines. Any help would be great...
Anyone else seeing large numbers of failed retrospectives on the following? We have 350 so far.Disposition: MaliciousFilename: Adobe Genuine Helper.exeDetection SHA-256: abcf2c8bab98cedb1bd973a0cefa747e6fe9d835248e4471f7cf9c26446abe6eAppears to be ge...
Hello all i have created an event stream and configured the queue on siem to collect events. i was able to verify that events are being collected using Ruby tool. Also on my eventcollector i was able to see communication with cisco AMP on tcpdump. ...
Resolved! AMP Connector not appearing in console.
I have installed AMP on several machines in various modes like protect, triage etc. I install on my Mac and it doesn’t appear in the console. I have re-installed several times but it never appears. The only machine i actually want it to work on do...
Hey, I have ISE deployment with 16 nodes 8 in DC and 8 in DR, In DC i have 1 primary PAN, 1 MnT and 6 PSNs. Same goes for DR, I have the licenses on my smart account that has 30k premier licenses and 2 device admin nodes, when i link my smart accou...
Resolved! About Cisco Threatgrid API
Hi team,I want to connect to Cisco Threatgrid API and then pull the user list and delete specific users. I want to pull the user list because I need the user IDs to delete these users. But I couldn't find the appropriate endpoint. There are different...
Resolved! Policy Update Failed, code 3242196993?
Does anyone have a translation for error code 3242196993 in the context of Secure Endpoint, policy update failed events?
We often see in the infrastructure that the user tries to download/move a malicious file from a flash drive to the desktop several times in a row, but the file quarantine does not always occur. That is, for 5 successful quarantines, there may be 1 fa...
Resolved! Downloading an old amp connector
Hello,I have to download an older AMP connector to update on some old OS's.My question is, if I change the connector version in my policy, will that force all the devices in that policy to try to download the newly specified version?Or do I just have...
