Cisco Secure Endpoint Reviews

Emphasizing robust prevention and comprehensive security measures, it offers stable functionality. There are several valuable features including strong prevention and exceptional reporting capabilities.

The pricing policy could be more competitive, similar to Cisco's offerings. Cisco recently introduced the SecureX platform, where all the different platforms are consolidated. This means you need a single account to access all the platforms, simplifying the process. However, it can still be a bit frustrating because the access isn't straightforward. There are different links for logging in, and depending on which link you use, you might encounter issues with admin rights, even if you are an admin. It seems there are some access problems during the transition and migration process, which has affected my system as well.

For instance, we had the Cisco Mail gateway, and I used to have specific links to report and configure guardian and spam checks for emails. Now, all of these have also been moved to the SecureX platform, which doesn't always function smoothly when logging in. Sometimes, I still have to log in using my old links. It's a bit inconvenient, but that's how it is.

I have been using Cisco Secure Endpoint for the past two years. 

I would rate the stability nine out of ten. 

It is a scalable product and I would rate it eight out of ten. 

They have separate support departments for different products, and the experience can vary depending on the product. For instance, Cisco Meraki Support is notably excellent and quick. In contrast, the support for some other Cisco products may be slightly less effective or even more outstanding. They tend to be slow when responding to inquiries. Personally, I have had a good experience with Cisco.

Regarding maintenance, we receive the latest updates automatically. I handle tasks such as installing the updates, assigning licenses, and installing the agent. Additionally, I check for insights on the computers where the agent is installed. These insights provide reports on various aspects, such as the computer's Windows update status and whether the antivirus is on the latest version, among other things.

It is a subscription-based product. 

I would overall rate the product an eight out of ten and recommend it to fellow users.

I implemented the solution in my company to use its managed endpoint protection in my company's use cases. Most of the users of Cisco Secure Endpoint in my company are unaware that they use the product. Our company only uses it to isolate possible malware on the endpoints. Our company uses the solution in collaboration with other software protection tools we have so that it helps us to look into cases where possible malware or attacks can happen.

The most valuable feature of the solution is its technical support. In most cases, it's very difficult or complicated to incorporate Cisco Secure Endpoint in the IT environment, and most of the messages that appear are not very clear. It is a reliable tool. After the setup phase, I realized that it is a reliable tool.

The initial implementation of Cisco Secure Endpoint can be a pain and is an area in the solution that needs improvement. After the initial implementation phase, a person gets support from Cisco, making it a solid tool.

The solution needs to improve in the area of the specific details of the threats it provides to its users.

I have been using Cisco Secure Endpoint for three years.

After the presence and use of the solution in our company for three years, I rate the solution's stability a nine out of ten.

Since we haven't had any expansion in our company's infrastructure, I won't be able to comment on the solution's scalability feature.

All of the employees in the back-end processes of our company are users of the solution since the product is implemented on all the PCs and servers. From an IT perspective, only two people use the solution in the company. One person looks after the maintenance of the solution, while the other person looks at the messaging part of the solution.

My company has chosen an outsourced option to get technical support of the solution since we don't get any technical support internally. 

The initial setup of Cisco Secure Endpoint is complex.

Speaking about the deployment process, during the initial phase of using Cisco Secure Endpoint, we were getting a lot of false positives in our company, making it pretty hard for us initially since we had to cut endpoints until we could stabilize the solution.

My company does make annual payments towards the licensing costs of the solution. Cisco Secure Endpoint is a little bit expensive. The pricing for licenses is pretty expensive for the moment, but it is a good solution.

My company wants to stop using Cisco Secure Endpoint and opt for another solution.

I recommend the solution to those planning to use it.

I rate the overall solution an eight or nine out of ten.

We secure the laptops down, making sure that where we build the policy, every policy is consistent on every laptop.

It has greatly improved my organization from a security standpoint.

The most valuable feature is being able to push a policy. Whenever we update a corporate policy, we update it in one place, push it down, and it updates the policy on every laptop.

Secure Endpoint is good for creating actionable alerts so we can detect and remediate threats. If somebody does get infected, we don't have to wait for them to say, "Oh, I can't use my email." We immediately know about it. We would absolutely know about the problem before the person did. That was our biggest impact.

Secure Endpoint decreased our time to remediation. Where it used to take us a month to find out that something is infected, we now know that same day, as soon it is infected.

Cisco Secure Endpoint has helped improve our cybersecurity resilience. We only have about two IT guys. So it just makes them better at what they do. It saves them time, so they can focus on other things.

It saves them time so they can focus on other tasks.

It does a great job for what it is. The user interface face could be slicker. It does not have to be flashy, but the user interface is dull.

I have been using Cisco Secure Endpoint for two years.

The solution is rock solid.

The solution is really easy to scale.

I have engaged with tech support and I think they're great at what they do, two thumbs up. I recommend them.

We were using Avast and Norton. We felt it was time to switch to something Cisco branded that we could trust because we are a Cisco shop. All of them are proactive, but identity services was a big reason we switched to Secure Endpoint. You cannot really hook Norton into a Cisco ICE. We chose it for the integration abilities.

I rate the product a ten out of ten.

It is used especially to connect with MDM, covering security and monitoring services.

It protects user devices, especially for field services.

Customers need some infrastructure on the cloud, e.g., Amazon and Google. We also need some testing and stage environments to perform tests.

We need to follow many countries' laws about data privacy. This is a requirement that is key for users. Cybersecurity resiliency has been important for us because we need to protect against loss.

The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices.

It could be improved in connection with artificial intelligence and IoT.

I have been using this solution for three years.

The stability is good.

It doesn't require much maintenance, just in a few cases.

It is good.

The technical support is fair. I would rate them as nine out of 10.

Positive

We previously used IBM. We switched because customers made decisions to work natively with the Cisco features, especially on infrastructure and security environments.

In many cases, we can deploy it in a week. In other cases, we have to connect and test with more complex architectures. However, this is not related to the security endpoint services. The testing around another product is important, so it can take two to four months.

We use the agile method for our implementation strategy.

We worked with IBM, Amazon, Google, Microsoft, and a few partners.

It takes three to 10 people to do the deployment, including pre-sales and technical guys, testing guys, and some software architecture.

We get more value out of our portfolio. We have pretty much seen ROI. When the endpoint service is well connected devices, it covers many important key features,

The price is very fair to the customer.

We need to be open as an integrator to figure out other situations and features, especially from Microsoft and IBM. Everything is related to the customer's architecture, which is why we have to be open-minded. 

I really recommend to test and connect it with different devices, especially mobile, tablets, notebooks, and servers. Then, the potential customer can understand the value of naturally integrating all these devices together.

When it comes to data security, it is important to protect the data.

I would rate the solution as nine out of 10.

AMP 4 Endpoints protect our workstation (ca 300), our VDI environment (ca 250), and our servers (ca 50).

The old product was from Trend Micro and was just a simple antivirus solution. It was ok, but it was just an antivirus. We needed something more than just an antivirus that is used by every end-user. We were looking for a tool can we trust, and something that can schedule some things, implement scripts, analyze malware, perform advanced scans, etc. Our company, as an ISP for many customers, has to be protected from vulnerabilities.

First of all, we performed a PoV (Proof of Value) together with our Cisco partners, and we tested about a few months the efficacy and complexity of this product.

After the evaluation of the cost and security that AMP 4 Endpoints could offer, we decided to replace the old solution with AMP 4 Endpoints. The implementation was performed, with support from Cisco partners, in a few hours. In the following days, AMP 4 Endpoints found many things that the old antivirus solution missed. That was a very huge advantage for us.

Since we booked the Premier License, the most valuable features, in my opinion, are

• Secure Threat Hunting to have a specialized team to support in analyzing complex attacks. That could help us to learn about new technics
• Threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files. Nobody wants to run a dangerous file in his network, for that Threat Grid is important for us.
  
• Threat Response that offers the possibility of help on logs, IPs, domains, etc. to perform investigations into our and global infrastructure. Sometimes we want to see if a malicious file was run in our network, for that Threat Response take this job to search and save us alot of time.

Actually, we don't need others features or improvements of this product. It is a complex product and offers us exactly what we need - security and trust.

We chose Cisco because we wanted security and trust. That is what we needed from Cisco, and what our customers expected from us.

We are using many Cisco products, and, with every new product, every new feature, the trust in Cisco security is growing.

We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way.

We have been using the AMP 4 Endpoints in the Test Environment since November 2020 and implemented them in the production environment since March 2021.

We used Trend Micro and when we tested AMP 4 Endpoints we saw its value immediately.

I'd advise users to book the premier license and to have access to all the features that AMp 4 Endpoints has on offer.

There was no other option; we wanted the Cisco solution immediately.

Everything is working fine.

Being the primary AV/IDS within the enterprise, we have the solution deployed across multiple platforms including workstations, servers and Operating Systems.

The solutions conveniently integrates with other existing on-prem and cloud application will relatively minimum to stand up, using APIs and security best practices.

Most out-of-the-box features are either being utilized or pipelined to be deployed going forward, including MAP, ETHOS, SPERO, Exploit Prevention, SecureX, and Tetra which serves as an offline definition repository for workstation who are unable to pull definition updates using the default Cisco AMP cloud route.

It has been effective as the primary AV tool.

The visibility, dashboard and the navigations gives pretty decent insights into threats, IOCs and endpoint events to help with proactive monitoring. Deployment and connector upgrades are straightforward with available technical documentation for most scenarios.

AMP simplifies endpoint protection, detection, and response workflows, like security investigation, threat hunting, and incident response. By using the solution, we've been able to divert attention towards of the tasks, saving us significant time and effort. It has also served as a one stop shop for endpoint anomaly detection and proactive protection, thwarting the need to gathering inputs from various applications and having to compile that data into one relevant result. It has obviously minimized security risks to the entire business, most importantly, endpoints, servers and other crown-jewel assets. 

Recently, we have engaged the vendor regarding optimization, bug detections and extended features. Identity persistence, a feature request that was recently granted for instance gives virtual and physical devices deployed using gold image the ability specify an Identity Synchronization option. This persistence feature can apply by MAC address across business, by MAC address across policy or by host name across business.  

Speaking of scalability, integrating with other Cisco products, secure email, network, SIEM, API, open source and a number of selected proprietary applications have been encouraging.

Of all valuable features, these are worth mentioning:

- CI/CD pipelining and feature prioritization by actioning on user requests/ identified bugs, releasing connector upgrades, and deploying console upgrades for better usability

- Subscription functionality where console administrators able to Subscribe to receive immediate alerts(digest) on specific or group of monitored workstations

- Identity and access management capability within the console that allow administrators the ability to drill down user visibility on a Role based access control, limiting access to policies, groups, exclusions, and other controls

In terms of operating system compatibility, the coverage is almost in its entirety. Integration and deployment to Windows workstations, Windows servers, Mac, Linux and mobile is seamless

Being a unified AV engine, AMP conveniently delivers both Intrusion detection systems (IDS) and Intrusion Prevention Systems (IPS) capabilities with a specialty in cloud-delivered protection, next-generation antivirus, endpoint protection platform (EPP), and advanced endpoint detection and response (EDR)

Like any other security tool, there's always rooms for improvement. Some of the ways the product can be improved are:

- Vendor needs to understand a one-size-fits-all approach will not work with addressing TAC cases and service requests. For "once in a blue moon" cases, most approach still sound like the engineers are acting off of a runbook. In this case the recommended solutions will not totally align with the scenario

- Since customers do not have the ability to allow or decline console updates, there have been a number of instances where the console GUI appear buggy and functionalities do not work correctly after an upgrade. This can be improved by informing customers prior to the upgrades.

Other additional features that should be improved in next releases include:

- The dashboard is great for quick visibility prior to deeper dive, however, making the dashboard more customization will improve interaction, grant the ability to filter out irrelevant outputs and encourage personalized drill-downs based on daily requirements

- Integration with enterprise monitoring applications and ticketing systems that differentiates noise, forwards events, generates tickets and have them automatically assigned to application owning group.

I have been using Cisco AMP for Endpoints for about three years, this is inclusive of my prior assignments before being the SME for the application within the firm.

Stability is below average. There have been several issues with frequency of release, feature release and wait time for overhanging time-bombs. 

From a customer stand-point, these released are aimed at fixing known bugs from last release and introducing new features either in beta or live versions. However, this means that an enterprise  running 50K+ endpoints need to go through the rigors of setting up test/dev/qa/pilot then production for iteration, so as to limit the blast radius. 

This can be tasking if as the frequency increases.

Long story short, Cisco AMP is scalable. Having used the product as a 'demanding' customer, I can attest to the availability of proper technical documentation and seamless integration with existing application, infrastructure and appliances 

- Vendor needs to understand a one-size-fits-all approach will not work with addressing TAC cases and service requests. For "once in a blue moon" cases, most approach still sound like the engineers are acting off of a runbook. In this case the recommended solutions will not totally align with the scenario. Also escalations can be more flexible, for instance, certain case priorities (P2, P1) require phoning in, which can be fuel to an already burning bush. 

Neutral

From my understanding, initial setup was tasking with various gray areas. For a new customer trying to set up AMP, there is room for improvement. 

The initial deployment happened prior to me joining the organization, based on my interactions with the application deployment team, the effort took months.

Customers can get better during product's initial setup if vendor provides documentation that suggest important objectives like naming convention, default config and collection of product's best practices

In-house

AMP is worth the money. In recent years, we have spent less time/money and require lesser  human resources for task completion. On the higher level, this has saved the firm the need to hire more security engineers to manage the application, reducing overhead cost.

A discrepancy with  the number of assets per license should be reviewed to apply based on preference or number of endpoints versus ranges.

Compared to other competitors, there's a significant price difference, although different applications tend to focus more on different cybersecurity functionality

It's been really interesting working with the application, going from 5.X.X connector versions up until 7.X.X. As previously highlighted, there are numerous ways to improve the products. Working with the engineers in previous cases, there is the zeal to improve and an attitude that embraces change

We use this solution to protect our IT environment. We use it to secure our user endpoints.

It gives awareness of our users' security posture.

The console feature gives a centralized management of what's going on, and if something happens, it gives you an alert. That's the most important feature for me.

Compared to other products, Cisco Secure Endpoint has some limitations and issues, it is still catching up with competition. For example, protection for USB is fairly recent and it is still limited to Windows platforms, and there are significant differences in the product packaging and distribution for Windows and MacOS platforms.

Another area of improvement is stability.

I have been using Cisco Secure Endpoint for two years.

We had a couple of deferred releases this year.

I rate the solution’s stability a seven out of ten.

Our deployment is very small. We only have a few dozen endpoints. So I can't really say if it scales well to a large number of endpoints. However, it seems like it could scale well so, the solution could be easy to scale up as needed.

The customer support team solves the problems, but it takes a while to contact them. 

Neutral

The initial setup is straightforward.

Overall, I rate the solution an eight out of ten.

Cisco Secure Endpoint has improved our speed of response and the level of confidence we have that we are in good shape or are not in good shape.

Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts.

I've been using Cisco Secure Endpoint for three years.

It's very stable.

We haven't had any issues at all with the scalability. We're a global enterprise with between 1,500 and 1,700 users and we use it on servers, Macs, and PCs.

The technical support is good.

We've already got SHI and Cisco reps on top of us, and that's a lot of the reason why everything is so good.

Positive

We were looking to replace Microsoft Defender, which really just wasn't cutting it. Before Defender, we used Kaspersky. We needed to go to an EDR solution and we were already a Cisco-centric company, so it made sense to go into a unified environment.

It was straightforward. We just rolled out the agent to all the endpoints. It took just a couple of people, one security person and one person for the tool that pushed it out to Windows devices.

If I didn't have someone else taking care of the licensing, I would say that the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out.

There are a lot of pieces that roll into the pricing issue. For Cisco Secure Endpoint, with our Cisco EA, the pricing seems reasonable compared to the others. But when we get to solutions like Duo and we think that with our Microsoft agreement their MFA is "free," it's not exactly free. But without our EA, Duo would cost so much more. It feels a little bit like nickel and dime sometimes, but I get it.

We looked at CrowdStrike and Carbon Black. All the solutions had great value, but we went with Cisco because we were with Cisco for networking quite a bit. Also, our overall direction was to look at SASE, and with some of the other things, they all just started coming together. It made a lot of sense to stay in one environment for functionality.

Traditionally you'll see the industry reviews talk about Cisco Secure Endpoint as typically in Cisco environments, but I'd tell the CrowdStrike users and other folks to take a look. It's an interesting solution and it provides a lot of value.

Cyber security resilience has been extremely important for our organization. Cisco Secure Endpoint has stopped a few things. I don't know whether other avenues of defense in depth would have caught them or not, but the resilience of depth and the ability to keep moving, even after an event, keep the rest of our business productive.

The Cisco environment has been perfect. When there is an event in the news that I know my leaders are going to be reading about, in 10 minutes I can check my environment to see if I have any indicators of compromise, and I'm done.