Re: Best for endpoint protection?

simbokarl · ‎10-22-2021

My shop utilizes cisco firepower and umbrella. We have to make a decision on an endpoint protection product. Since we’re using the other cisco products would it be best to go with Cisco AMP? The current endpoint product is from another vendor, but with the subscription ending in a few months we can make the switch to AMP if we want to go all cisco.

10.0.0.0.1 192.168.1.254

balaji.bandi · ‎10-22-2021

If this is Cisco House, then AMP is good choice.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Marvin Rhoads · ‎10-22-2021

Like @balaji.bandi said, AMP (now know as Cisco Secure Endpoint) would be an excellent choice. You also get the advantage of integration via SecureX at no additional cost.

keithcclark71 · ‎10-27-2021

What is the endpoint? Is it an agent based piece of software that is installed upon internal systems inside the firewall?

Troja007 · ‎10-27-2021

Hello @keithcclark71 ,
right, you have to install a piece of software in your Windows/Linux/macOS endpoint.
Greetings,
Thorsten

Troja007 · ‎10-25-2021

Hello @simbokarl,
if you have already Cisco Security Products in place, Secure Endpoint is the best choice for an integrated EDR/XDR solution. SecureX includes new free features like Security Orchestration and Device Insights (upcoming feature). See the attached screenshot to see an overview what is possible with Cisco Secure Endpoint.
Please note: USB control is in the backlog and not available today. For the live forensic tool Orbital, the right license is needed. You may ping your Cisco representative for a demo or POV. There are many Cisco and 3rd Party integrations available for SecureX today.

Greetings,
Thorsten

rinovmrn · ‎10-28-2021

i'm about to learn and adopted this resources about AMP, thanks for showing that great architechture @Troja007

Network Infrastructure & Cybersecurity Enthusiast

Jim2k · ‎10-27-2021

If you want an honest answer. you need to provide more information i.e. what the vendor of your product is? what you do not like about it. also what you like about it.

Amp for Endpoints/ Secure Endpoints is not the end all be all solution. I have been working with it since 2015 and also played around with it when it was owned by Sourcefire as FireAmp. I will say it has evolved and has some niche capabilities. It is better paired with another AV product. that way there is over lapping protection

brmcmaho · ‎10-27-2021

Well, I’m obviously a biased source of information, since I work on the Secure Endpoint (new name for AMP for Endpoints) team myself, but we usually do pretty well in things like the AV-Comparatives tests.

Since you also use Firepower and Umbrella, the integration power that you get with SecureX is a factor worth considering, too. Things like being able to block a domain in your Umbrella policy, right from the Endpoint console, can be real time-savers.

paul driver · ‎10-28-2021

Hello

I am a bit bias towards cisco and even more so meraki amp and threat grid knowing you are sat behind such security is good.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul