cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1145
Views
5
Helpful
1
Replies

malicious activity protection in AMP for endpoints

We have enabled Malicious activity protection feature in cisco AMP, how do we validate it in policy.xml. What is the key word to search and check if it has enabled or not.

 

Can someone help in this regard.

1 REPLY 1
Matthew Franks
Cisco Employee

You could look at the serial number to ensure it matches the serial number in the console for that policy or look for this in the policy.xml:

<heurtistic>
  <enable>1</enable>

 

Thanks,

Matt

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: ISE- Guest and Posture Troubleshooting (40%)

Content for Community-Ad