Endpoint Security

FireAMP connector with Proxy

In our environment, we have an authenticated proxy. We created the exceptions the servers listed on the required server list document. The exception allow access to the websites without authenticating. However, the connectors were not connecting. Loo...

False positive for file event?

Hi all, I received a retrospective file alert: A xls-file on my network seems to be malicious now. Detection name: DOC.739FBB8CD4.MalMacro.tht.Talos However, virustotal marks this file as safe: Detection ratio:0 / 56Analysis date:2016-06-09 08:26:04...

Resolved! Retrospective Alert

Hey everyone, I apologize for the question but I'm still quite new to FirePOWER and am still learning the ropes when it comes to investigations. I received a few emails from FireSIGHT with the subject of "**Auto Generated Email** -- Network Based Ret...

AMP Update IPs

Our client only wants to allow connections to the AMP update server and no other website or network.Could anyone provide the list of IPs it needs to connect to to get updates to signatures and patch updates?

AMP for Endpoint CWS Exceptions

Recently Cisco/SourceFire released a bulletin about a cloud migration for our SourceFire AMP clients and that we would need to update some policies to ensure our clients can talk to Cisco's cloud servers. I deployed the updated policy to one of our t...

ASA 5500-X with FirePower Services

Hi, I would like to clarify if the ASA 5500-X with firepower services AMP feature includes email security, web security and endpoint security? Is it per license for those 3 security feature? Thanks. Adrian

Resolved! Exclude particular sites from ASA Firepower File scanning Policy

Can someone please tell me if it is possible to exclude some sites from the ASA Firepower File Scanning Policy? We have a ASA 5506X and I would like to exclude windows update urls and some other sites from the file scanning policy. I tried a rule us...

Resolved! FireAMP connection / registration

How do you create the FireAMP connection in defense center? I have the license/subscription but don't have a SourceFire login - that is, when I try to create the connection it redirects me to a sourcefire login screen and asks for userid & password....

Configuration "Identity Policy" in Firepower via ASDM

Hi, I need to set "Identity Policy" in Firepower, I found a guide from cisco informing how to configure via FireSight, but I did not find the guide to configure via ASDM. Could you help me?

Resolved! Differences between AMP and Malware protection in the ASA firepower

Hello, Do you know what are the main differences between installing AMP on end devices and activating malware services in the Firesight management Center? Aren't they do the same or is there any big difference? Thanks in advance.

AMP for ESA/WSA reporting to the same site as AMP for Endpoint?

Is there a way to get the AMP installs on my ESAs and WSAs to report to the same place my endpoints are, so tracking/reporting is all visible from one page? Thanks! Ken

How do you actually get it?

Hey guys, Dumb question, but my reseller's being unresponsive today... I got an 500 seat AMP for Endpoint license (SKU is FP-AMP-LIC=) Who do I need to talk to in order to get setup with the cloud console and get the actual software? Ken

Resolved! AMP endpoints/ESA, ThreatGrid

Hi experts,I have a question regarding ThreatGrid and AMP.I know that files could be analyzed in a ThreatGRID sandbox when submitted through the AMP cloud management console. I was told this is a lightweight version of ThreatGRID that is licensed for...

Resolved! AMP (Advance Malware Protection)

Hi All, I have a customer that want to do a poof of concept with these technology (AMP), but the customer wants that i give hem a documentation with the best practices of how to install the product and a success factors, someone have something like t...

Error in firesight defence center virtual

The firesight defence center virtual 5.4 was recently upgraded to 5.4.1.2_38 with a patch. Once rebooted after the patch the defence center tries to connect with mysql many times and keeps showing the error end_request: critical target error, dey sda...

Endpoint Security

Forum Posts

FireAMP connector with Proxy

False positive for file event?

Resolved! Retrospective Alert

AMP Update IPs

AMP for Endpoint CWS Exceptions

ASA 5500-X with FirePower Services

Resolved! Exclude particular sites from ASA Firepower File scanning Policy

Resolved! FireAMP connection / registration

Configuration "Identity Policy" in Firepower via ASDM

Resolved! Differences between AMP and Malware protection in the ASA firepower

AMP for ESA/WSA reporting to the same site as AMP for Endpoint?

How do you actually get it?

Resolved! AMP endpoints/ESA, ThreatGrid

Resolved! AMP (Advance Malware Protection)

Error in firesight defence center virtual

Best Practices: Managing Cisco AMP and Windows Defender on Intune Devi

Orbital Execute Powershell Cmdlet for installed modules from PSGallery

error:x509 certificate signed by unknown authority - Cisco Orbital AMP

AMP Connector installation using Addigy device manager tool on MAC boo

Define Endpoint Purge Rule

Better Understanding

Anyone experiencing blue screens with Cisco Secure Endpoint 8.4.4?

FTD Backups sent to FTP Server is Failing

Secure Endpoint API PATCH methods

FMC Rule to allow HTTPS connectivity to FQDNS