Hi Team,

We have been provided a list of features that can be supported by endpoint AMP, can anyone point to a reference link for the supported features. These are as mentioned below:

• Is the product capable of automatically collect and store forensic data locally on client for endpoint incidents
• Does the product provide support for XFF to identify end user behind Proxy servers
• Is the product capable of self healing/recovery for their agents deployed on endpoint.
• Does the product provide health monitoring of endpoint agents and auto re-installation / remediation.
• Does the product provide support for DNS sinkholing to identify end users/systems trying to resolve malicious domains sitting behind internal DNS servers.
• Does the product have ability to identify end user behind IP address by integrating with user repository like AD etc
• Does the product have ability to identify end user & devices by integrating with Wireless Controller (CISCO)
• Does the product have ability to identify end user & devices based on logs by integrating with SYSLOG.
• Does the product have the ability to analyze, detect and block malware in common file formats like executable, JAVA, PDF, MS Office documents, common multimedia contents such as JPEG, QuickTime, MP3 and ZIP/RAR/7ZIP/TNEF archives, chm, com, dll, doc, docx, exe, gif, hip, htm, jar, jpeg, jpg, mov, mps, mp4, pdf, png, ppsx, ppt, pptx, qt, rtf, tiff, url, xls, xlsx, cmd, js, xml, flv, wav, avi, mpg, midi, lnk, csv,ods,odt,odp etc. to prevent advanced Malware and Zero-day attacks.  <Not all are supported as per documentation>
• Specify the file formats which the product is not capable of inspecting.

thanks in advance for help provided.

Thanks & Regards,