Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
788
Views
0
Helpful
2
Replies

Does Cisco amp supports Antibot

sv7
Level 3
Level 3

‎05-19-2022 05:09 AM

Hi all,

 

Does Cisco AMP Supports Anti bot ? . My Requirement is something like this

it should complements existing endpoint security solutions by monitoring network ports for rogue activity and detecting infected internal endpoints sending command and control traffic back to a host on the Internet.

 

Please help me 

Labels:
0 Helpful
2 Replies 2

sv7
Level 3
Level 3

‎05-19-2022 08:41 PM

Any help pls

0 Helpful

johnosn
Level 1
Level 1

‎05-20-2022 08:29 AM

Hello @sv7 

Are you by change referring to the Check Point Anti-bot software blade?

If so, then there are two items that you would want to investigate. The first is Cisco Secure Endpoint "Device Flow Correlation". The best place to get a quick summary of that is the "Device Flow Correlation Detections" section of Appendix A in the Secure Endpoint User Guide. Device Flow Correlation covers known malicious locations on the Internet.

For unknown malicious Internet locations, you would want to investigate Global Threat Alerts. See Chapter 23 of the Secure Endpoint User Guide for information on that. Global Threat Alerts ingests your web proxy logs and uses machine learning to find probable compromises based on the behavioral models of other malware and potentially unwanted applications. These results are then brought into Cisco Secure Endpoint which correlates the network and host activity together.

I am not familiar with Anti-bot, but that may be what you are looking for.

 

0 Helpful
Customers Also Viewed These Support Documents