Hello, Previously I was using the AMP API and just pulling down all events on a 10 minute interval but it's not a very pretty process since you have to set bookmarks whenever you pull down the data. Therefore I'd like to move to the event stream pr...
Hey everyone. I'm Barry Fisher and part of OpenDNS's product team based in San Francisco. I can help answer any questions about OpenDNS Umbrella as well as how it fits in Cisco's security portfolio and your security stack. I can also help you compare...
Does anyone know what the Threat Grid sample upload limits are for WSA/ESA C690’s and FPR2120 when you purchase AMP licenses please? I know you can buy additional sample packs, but I need to know what the out of the box numbers are. I found a piece o...
Hi, We are having limited licenses for AMP for endpoints, I would like to know if I have to delete the agent and recover the license for re-use how can I do it, do I have to un-install it from user machine or can I do it from the console.
Hi Experts, a quick question on AMP for network, I was going through an online training on AMP, and there was a slide called "Malware and file Policy Order of Processing" the slide had a flow chart, the first block in the charts states "file size >...
Hello, We are brand new customers (coming from an ASA). We just installed our new firewall this weekend, and are trying to tune our email alerts appropriately. One of the things I'd like to do is turn off email alerting for "Network Based Malware" ...
We are having an issue with IP Black/White list. We've developed a containment policy which whitelists several necessary addresses (e.g. AMP addresses and DNS services), and configured the blacklist to the rest of the network's private IP address sp...
AMP for endpoint seems to be not able to block the wannacry which is encrypted with packer tool.Are there any workaround?Repro-steps:1. get a wannacry from ThreatGrid or any other service2. encrypt it with packer tool such as upx3. open AMP console a...
I deployed AMP for endpoint to a test machine following Cisco's Deployment Strategy guide for AMP for endpoint. This guide recomends creating an Audit Only, Protect, Triage, Server and Domain Controller policy and the same for groups. It also recom...
How can check the impact of AMP/FTD lookups on connections? On tests I've done, sometimes the scanning slows connections down. I need to be sure this doesn't cause a timeout. Is there any way to tell if incoming connections are getting dropped/time...
Hi Everyone, Recently we were made aware of a TETRA AV definition update which caused the Windows AMP for Endpoints service to crash. Note: Customers who do NOT have TETRA enabled are not affected by this issue. While we have already remov...
We are rolling out AMP for endpoints, and a lively internal discussion is whether we shoudl rely on AMP's malware protection so that we can provide our end-users with Administrator access. I'd be interested in people's thoughts.
hi all, when i upgrade 6.0.5 or older version to 6.0.7, machines are too slowly and even it does not allow click on desktop. boot safemod with networking and i uninstall agent, pc go on to work normally. what is the problem for 6.0.7 ? manuall...
Hi, According to the release notes of the new AMP for End Points, version 6.0.7.10670 the registry key for the January and February MS updates should have been added automatically upon upgrading\Installing. However, it doesn't add the key, tried it...
Does anyone know?
