cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Security ATXs FAQ: Secure Endpoint (formerly AMP for Endpoints)

907
Views
10
Helpful
0
Comments
Here are some commonly asked questions and answers to help with your adoption of Cisco Secure Endpoint. Subscribe (how-toto this post to stay up-to-date with the latest Q&A and recommended Ask the Experts (ATXs) sessions to attend.
 
Q. How does Orbital query impact the endpoints?
Orbital is a lightweight application, the installation will not impact endpoint workload too much. It provides instant query and snapshot generation. Instant query is a specific information query, which will not consume too much system resources. Snapshot generation is a more comprehensive collection of system information, and it is recommended to perform during non-peak hours.

Q. How could I apply for a trial of AMP for Endpoints?
Please reference the following link: Get your Secure Endpoint 30-day free trial.

Q. Is TETRA considered a full antivirus service or only Anti-malware? Is it advisable to disable TETRA if we have another antivirus?
A. TETRA is a full antivirus service and it should not be enable with another antivirus, it is advisable to disable TETRA if you are using another AV.

Q. What does Secure-X Threat hunting mean? Is it a service or is it a training?
A. It refers to the capability to identify threats found within the environment delivered through highly automated human-driven hunts based on playbooks producing high-fidelity alerts. For additional information: 
https://www.cisco.com/c/dam/en/us/products/collateral/security/securex-threat-hunting-faq.pdf

Q. By installing a AMP Update Server, will that make a difference, specific for the non-persistent VDI environment?
A. The AMP Update Server will help you conserve Internet bandwidth but will not affect system performance.

Q. Does AMP support file monitoring? Not just for malicious files but integrity check for any change in any file system executables and all. If yes, please share the resources.
A. AMP for Endpoints will keep monitoring all the files status, while there's file copy, move, delete, AMP for Endpoints will keep track that and you can use Device trajectory to check the file's history trajectory in the endpoint.
But please do note that even that it does look for malicious changes, AMP is not a replacement for FIM (File Integrity Monitoring).

Q. What is the best practice recommendation for exclusion for protected processes and applications?
A. Here is the exclusion best practice that you can refer to: https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/213681-best-practices-for-amp-for-endpoint-excl.html
 

Looking for more resources? Go to Cisco Endpoint Security ATXs Resources for the latest guides, recordings and more. 
 

Want to learn more and get real-time Cisco expert advice? Register for the upcoming Ask the Experts (ATXs) sessions. 

Simply click on the preferred session time to reserve your spot today! Through live Q&A and solution demos, Ask the Experts (ATXs) real-time sessions help you tackle deployment hurdles and learn advanced tips to maximize your use of Cisco technology.

Level (Lifecycle Pit Stop)

Session Name

Date

PT

GMT

SGT

Fundamental (Onboard)

Getting Started: SecureX

Jan 11

9:30 AM

9:30 AM

9:30 AM

Feb 8

9:30 AM

9:30 AM

9:30 AM

Use Case Overview and Planning: Endpoint Protection

Jan 13

9:30 AM

9:30 AM

9:30 AM

Feb 3

9:30 AM

9:30 AM

9:30 AM

Architecture Transformation Planning: Planning for Endpoint Protection

Jan 20

9:30 AM

9:30 AM

9:30 AM

Feb 10

9:30 AM

9:30 AM

9:30 AM

Getting Started: Secure Endpoint

Jan 27

9:30 AM

9:30 AM

9:30 AM

Fundamental (Implement)

Deployment Best Practices: SecureX (new)

Jan 18

9:30 AM

9:30 AM

9:30 AM

Feb 15

9:30 AM

9:30 AM

9:30 AM

Intermediate (Use)

Feature Overview: Email Security Core Features (new)

Jan 26

9:30 AM

9:30 AM

9:30 AM

Monitoring Best Practices: Secure Endpoint Device and File Trajectory​

Feb 17

9:30 AM

9:30 AM

9:30 AM

Feature Overview: Email Security Core Features

Feb 22

9:30 AM

9:30 AM

9:30 AM


Don’t want to miss any ATXs? Bookmark the Security ATXs calendar and register for new sessions as they're added, so you can discover more best practices and important tips for your technology.

Create
Recognize Your Peers
Content for Community-Ad