Right now we use Umbrella for endpoint security and FirePower with AMP for network security. I think this is a good solution since we get the advantage of DNS level protection on all computers, even if they are outside of our network. But we also can use FirePower with AMP to protect against malicious files traversing our network.
It was recommended to us that we buy AMP for Endpoints to better secure our environment. My question to the community is, is this overkill? We already have AMP for Network with FirePower, so would AMP for Endpoints add any more protection?
I understand that AMP for Endpoints will protect devices that are outside of our network (away from FirePower), but that is what we have Umbrella to protect us for. I also understand that AMP for Endpoints will scan files and devices inside of our network and before it traverses the FirePower, but doesn't the malware need to go across our network at some point, thus having FirePower/Umbrella block it?
Does anyone have all three of these products in their environment and can speak to how they work together? Any recommendations from the community if it is worth adding AMP for Endpoints?