Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5615
Views
0
Helpful
3
Replies

Endpoint AMP Policy update failed

ymadheka
Level 4
Level 4

‎03-18-2017 10:29 AM - edited ‎02-20-2020 09:03 PM

Hi Team,

One of our customers had a malware attack on the critical servers hence in the process of a endpoint AMP PoV. The connectivity for these servers to Cisco cloud has been provided as per the documentation of FireAMP. But still getting an error of Policy update failed on few systems which are not able to then detect the malware.

Appreciate if someone has seen the same and advise for the same.

Thanks & Regards,

Yogesh Madhekar

1 person had this problem
Labels:
0 Helpful
3 Replies 3

Philip D'Ath
VIP Alumni
VIP Alumni

‎03-18-2017 04:44 PM

When I was doing this, I found the supplied firewall rules insufficient.  I end up monitoring the client trying to do updates via ASDM and then added in rules to allow that traffic.

The rules are based on where you are in the world, so I doubt my rules would work for you.

0 Helpful

David Janulik
Cisco Employee
Cisco Employee

‎04-06-2017 07:54 AM

Hey,

maybe you are behind some proxy?

Can you run: curl.exe -v -k https://mgmt.amp.cisco.com/health -o test_cloud.txt

and send back the results?

Thanks

David

Cyber security escalation engineer
0 Helpful

Rajat_Kamboj
Level 1
Level 1

‎04-07-2021 03:40 AM

Same issue I am facing in the AMP for Endpoints. I have checked the firewall and all required things

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents