Endpoint Security

Recently installed a new ASA with firepower solution (version 6.1) and they have an existing FireAMP deployment.   I go into defense center and go to AMP->AMP management and tell it to register with the cloud and then get redirected to the fireAMP lo...

In AMP for endpoint dashboard in Detections/Quarantine. I see some items as "Quarantine: Not seen". What does not seen mean over here

Hello Support Team, For the last four years, many large scale companies in Saudi Arabia faced major virus attack on their networks, servers and many user computers. Evidently, small scale companies are very few where they faced these viruses. Howeve...

Any one notice display issues with Analysis > Events only showing 1 event after the Console Upgrade today to v5.3.20160426?

Disable Module 10 ASA Module Malware Protection: Cannot connect to cloud

I'm trying to automate the removal of Fireamp via the command line and its not working.  If I run the command and enter the password it works.  If I run it silently it doesn't.  Any Ideas?  Im using the command line example below for this example Ive...

Is there a way to upload a list or copy and paste a list of IPs and Domains to have them searched in SourceFire? I regularly get alerts from community partners that contain scores of IP addresses and domain names that I need to search through our Clo...

I have quotes from two vendors for a pair of 5508s in HA with AMP.  I'd also like to use the AMP for Endpoints. Obtained quotes from two vendors for a pair of ASA5508s.  I'm looking to add protect 500 Endpoints with AMP. Vendor A provides a quote fo...

Is it possible to bypass inspection for a wildcarded site like *.espn.com?

We are thinking of updating to the newest release of FireAMP (or Cisco Advanced Malware Protection for Endpoints as it's called now) and deploying across more systems than we currently have it on. The team who ran the PoC on this last year isn't arou...

I have some questions about AMP Rules about Malware Cloud Lookup with Firepower Management Center(FMC). Some documents says that with these rules, the FMC will sends the SHA256 hash of a file to the cloud for analysis. How the SHA256 hash is calculat...

Hi, AMP for network can capture and inspect files which are transferred through ASA with firepower service , but when we test it with IDM(download the files with Download manager), AMP does not recognized these kind of Files, so what is cisco approa...

I have been notified from AMP of detecting Auto.A29577.201440.in02 from a file with SHA-254: a2957772fba9827bf5fda166282b557947ebf07ca9beadb76ff63c129ee336ea. I've researched in: https://supportforums.cisco.com/discussion/12702996/amp-blocking-window...

We are currently looking to replace our current anti-virus solution (AVG) with a new product.  I have been looking into the new Advance AV products, actually have CrowdStrike Falcon running on some test devices, but wanted to look into AMP since we a...

We have Cisco Firepower with and AMP Malware licence, we also have a SIEM box from a company called LogRythm, we have discovered that we can have access to the Cisco AMP threat grid directly from the SIEM box as long as we have a current AMP license ...