2019-07-02T06:57:00Z
it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees
  • 0
  • 160

What is your primary use case for Cisco AMP for Endpoints?

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

22
PeerSpot user
22 Answers
Mark Broughton - PeerSpot reviewer
Level 2 tech at a tech services company with 11-50 employees
Real User
Top 20
2022-08-10T06:09:00Z
Aug 10, 2022

It was our primary endpoint protection.

Search for a product comparison
Nicola F. - PeerSpot reviewer
Infrastructure Engineer at TeamSystem
Real User
Top 10
2022-07-26T13:10:00Z
Jul 26, 2022

We have a complete Cisco environment; we use Cisco Firepower, Cisco ACI, and many of their other products. We have many of their top solutions from the network to the data center server.

RM
Director of I.T. Services at a non-tech company with 201-500 employees
Real User
Top 20
2022-07-06T10:03:00Z
Jul 6, 2022

Our primary use case is general antivirus protection. This product was deployed to a number of Windows machines, and we also have a VMware environment.

Felipe Guimaraes - PeerSpot reviewer
Sales Director at Samsung
Real User
Top 10
2022-06-15T20:41:00Z
Jun 15, 2022

It is used especially to connect with MDM, covering security and monitoring services. It protects user devices, especially for field services. Customers need some infrastructure on the cloud, e.g., Amazon and Google. We also need some testing and stage environments to perform tests.

Gassan Shalabi - PeerSpot reviewer
Manager at UCloud
Real User
Top 10
2022-05-30T15:43:00Z
May 30, 2022

I'm hoping that this is protecting me from all the harmful issues that are happening, because we know exactly what kind of world we are living in on the internet.

ED
System Administrator at a manufacturing company with 201-500 employees
Real User
Top 20
2021-08-17T21:42:00Z
Aug 17, 2021

We rely on it for antivirus. There are probably three levels, and we have the bottom tier, the most basic one. It is on Cisco's cloud. We have the client installed on all workstations, but we don't have a server.

Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
653,757 professionals have used our research since 2012.
Marian Melniciuc - PeerSpot reviewer
Senior IT System Administrator at ScanPlus GmbH
Real User
Top 5
2021-07-16T12:06:00Z
Jul 16, 2021

AMP 4 Endpoints protect our workstation (ca 300), our VDI environment (ca 250), and our servers (ca 50). The old product was from Trend Micro and was just a simple antivirus solution. It was ok, but it was just an antivirus. We needed something more than just an antivirus that is used by every end-user. We were looking for a tool can we trust, and something that can schedule some things, implement scripts, analyze malware, perform advanced scans, etc. Our company, as an ISP for many customers, has to be protected from vulnerabilities.

Pardeep Sharma - PeerSpot reviewer
Network security engineer at a tech services company with 1,001-5,000 employees
Real User
Top 5
2021-05-14T17:19:12Z
May 14, 2021

We use this solution for the malware features, to protect our network and our endpoint users. We deployed this solution for security.

User1#2% - PeerSpot reviewer
Application Manager at Financial Corp
Real User
Top 10
2020-10-20T04:19:00Z
Oct 20, 2020

Being the primary AV/IDS within the enterprise, we have the solution deployed across multiple platforms including workstations, servers and Operating Systems. The solutions conveniently integrates with other existing on-prem and cloud application will relatively minimum to stand up, using APIs and security best practices. Most out-of-the-box features are either being utilized or pipelined to be deployed going forward, including MAP, ETHOS, SPERO, Exploit Prevention, SecureX, and Tetra which serves as an offline definition repository for workstation who are unable to pull definition updates using the default Cisco AMP cloud route.

MD.SIHAB TALUKDAR - PeerSpot reviewer
System Engineer at asa
Real User
Top 5Leaderboard
2020-10-13T07:21:00Z
Oct 13, 2020

We are system integrators and we use this product for DNS security, which is integrated with the DNS service.

Mark Bonnamy - PeerSpot reviewer
Technical Director at Ridgewall Ltd
Reseller
2020-07-12T11:48:00Z
Jul 12, 2020

We needed an endpoint security product and this was the one that we chose. We also use Cisco Umbrella, which fits in neatly with the endpoint as endpoints are moving, more and more, out of the office now. Traditionally, it's slightly harder to manage that, so we use Cisco AMP and Umbrella on those endpoints to secure them. It's almost entirely on-premise. Although there are some small cloud installations where we use it.

Tim Crosweller - PeerSpot reviewer
IT Manager at van der Meer Consulting
Real User
2020-07-09T06:27:00Z
Jul 9, 2020

We have it installed on all our workstations and servers. Primarily, we started with it after we were hit with a ransomware attack about five years ago. We looked for something that would give us a bit more visibility as to what was going on the network, where the weak points were, etc. We had an antivirus solution (FireANT) back then, which obviously wasn't good enough on its own. So, we went looking for something that was going to be a little more granular in how it gave us visibility on the network. We have the Cisco AMP for Endpoints Connector on our workstations, which is all done in the cloud. We have Windows Server, Windows 10 workstation environment, and on-premise servers at the moment with some cloud. I guess we would call ourselves a partly hybrid business, with some stuff in the cloud, and all our access points have Cisco AMP on them. This currently includes work-from-home devices, because we have a lot of people still working from home with the coronavirus thing going on, even home users have Cisco AMP as well. Our operating systems, whether they be Linux, Windows, Mac, or Google Android, are well-protected.

HB
Security Officer at a healthcare company with 51-200 employees
Real User
2020-07-08T09:01:00Z
Jul 8, 2020

AMP for Endpoints has Endpoint Connectors, which are agents on the endpoints, providing security against malware and intrusion detection. It also provides intrusion prevention. We install the Connector on all the endpoints before they're deployed and also on our virtual desktop images. They provide constant monitoring and alerting on any events or potential threats to let us know when there is something going on that we can further investigate. AMP intersects with a bunch of other Cisco tools, such as Threat Grid, Threat Response, and Talos Intelligence to identify threats, then automatically quarantine or remove them. It also gives you the ability to isolate endpoints to prevent further spread of any sort of malware, like a virus that might infect other machines.

Neal Gravatt - PeerSpot reviewer
Sr Network Engineer at a real estate/law firm with 1-10 employees
Real User
2020-07-08T09:01:00Z
Jul 8, 2020

Cisco AMP is an anti-malware and antivirus product. It provides endpoint protection. We use it as our antivirus and anti-malware tool. We put it on all our computers. Our employees have it on their laptops because they leave the network and we can't protect them everywhere. Microsoft Windows comes with a built-in tool but it's not quite as powerful. So we use Cisco AMP and Microsoft System Center Endpoint. Cisco AMP is our primary solution, but we don't uninstall the free ones that come with Windows. It runs a little agent on the computer and then you manage it from a website platform. There is an application installed on the computers and they all connect up to the management console, which is hosted in Cisco's cloud. You can use it for single endpoints. We have 3,000 that we use and then there's the free version of it you can use for home.

Cole Two-Bears - PeerSpot reviewer
Systems Architect at a consultancy with 5,001-10,000 employees
Real User
2020-06-10T08:01:00Z
Jun 10, 2020

AMP was purchased for our organization in response to continued threats that we had from malware and malicious activity on our endpoints. We received AMP for Endpoint and also AMP for Networks as part of our Cisco Security ELA. The solution has made a huge impact on the visibility of what has actually been transpiring at the process level on our servers and workstation endpoints as well as being able to look in detail on those processes to see whose executed those processes and what the trajectory was for those processes. AMP for Endpoints is Software as a Service. It's a subscription service. You do download a connector onto the endpoint. Then, there is the option to run it to an air gap mode where you connect to a local server that does back out to the AMP Cloud. However, that's not the deployment we have in our case, we have it connecting back directly to Cisco Cloud Security.

Wouter Hindriks - PeerSpot reviewer
Technical Team Lead Network & Security at Missing Piece BV
Real User
Top 5
2020-06-09T07:46:00Z
Jun 9, 2020

We were looking for a security product, which would not only block known viruses, but give more visibility and control over anti-malware. We offer Desktop as a Service (DAAS) for small and medium businesses, so we have hundreds of laptops, desktops, and virtual machines. Because users click on everything, you need to have a solution in place which will detect if something happens and log it, if there's anything malicious, then it will be blocked and reported. The main reason for going with Cisco AMP is its integration with other Cisco solutions. It can integrate our firewalling, DNS protection, and email security appliance, so if there's a malicious file, and I see it on one of those devices. I can say, "Hey, I want to have this blocked," and it will immediately stop it being emailed in or out our environment. It also can no longer be downloaded from the Internet. Thus, with one click, we have multiple points protected. AMP is a bit of a time machine for our environment. We can see any action being executed, connection being made, or file being written, whether it's malicious or not. Everything is been logged. I can basically go back in time and see, "This user opened this website," or, "This process created this file." If at any point in time, we do get something where, "There has been malicious activity there," we can completely follow it back: * How did it get there? * Did it change other files? * Did it leave a scheduled task somewhere? * Did it connect to other machines? * Did it drop software on another place even before it was know to be malicious? All activity has been logged. If something turns out to be malicious, or if it's a user doing something they shouldn't be doing without using any malicious software but just using system tools, you can still see every command being run from the console. The management console is cloud-based and the deployment goes to the endpoints, which are either in our data center or on the laptops and desktops that users have in their offices.

DanTurner - PeerSpot reviewer
CIO at Per Mar Security Services
Real User
2020-06-03T06:54:00Z
Jun 3, 2020

We're using it in a handful of ways. We initially bought it to provide endpoint protection against malware and the like on our laptops that were mobile and off our network the entire time. We eventually moved it onto all of our desktops, and we have now integrated with Umbrella, so we have a full protection suite for all of our clients across our enterprise.

SunnyNair - PeerSpot reviewer
System Architect at COMPASS IT Solutions & Services Pvt.Ltd.
Real User
2020-01-29T08:35:00Z
Jan 29, 2020

The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as well. We use AMP on the endpoints for writing automated policies in order to protect the user when they join the network, for example.

MohamedEladawy - PeerSpot reviewer
Service Security Lead at Salam Technology
Real User
Top 5Leaderboard
2020-01-12T12:03:00Z
Jan 12, 2020

We mainly use this program for our business operations.

Mohammad Siraj - PeerSpot reviewer
Deputy GM at Oregon Systems
Real User
2019-09-27T04:38:00Z
Sep 27, 2019

We're in the banking sector. We use AMP to protect security endpoints.

ZS
Solution Architect / Presales Engineer at a comms service provider with 1,001-5,000 employees
Real User
2019-09-24T05:43:00Z
Sep 24, 2019

I use the public cloud deployment model. I have installed the license, the software, on my VM and it is being managed by Cisco Cloud. My primary use case for this solution is to test it against malicious links and for encryption and decryption.

SV
CISO & COO at a tech services company with 1-10 employees
Real User
2019-07-02T06:57:00Z
Jul 2, 2019

We use this solution as part of our organization security.

Related Questions
it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees
Aug 10, 2022
Please share with the community what you think needs improvement with Cisco AMP for Endpoints. What are its weaknesses? What would you like to see changed in a future version?
2 out of 24 answers
Mohammad Siraj - PeerSpot reviewer
Deputy GM at Oregon Systems
Jun 26, 2019
When we're talking about anti-malware protection, AMP is a very good solution, but again, the CSO level reports are not generated. There is a dashboard, there is a report, but again, those reports have to be taken to the CSO, because when it comes to security, we always want to have high-level reports. So if we had a system that generated reports from the AMP itself, that would be great for us. Also, the solution needs more in-depth analytics. Right now they have implemented AMP, so, monitoring is happening, but you need to see what exactly is happening, the updates and then the mode of attacks that have happened and have been prevented. An in-depth report could be generated, and it should be on a CSO level. That's the value should be added to AMP solution.
SV
CISO & COO at a tech services company with 1-10 employees
Jul 2, 2019
In the next version of this solution, I would like to see the addition of local authentication.
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
Aug 10, 2022
Hi Everyone, What do you like most about Cisco AMP for Endpoints? Thanks for sharing your thoughts with the community!
2 out of 25 answers
Mohammad Siraj - PeerSpot reviewer
Deputy GM at Oregon Systems
Jun 26, 2019
For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors.
SV
CISO & COO at a tech services company with 1-10 employees
Jul 2, 2019
The most valuable features of this solution are the IPS and the integration with ISE.
Download Free Report
Download our free Cisco Secure Endpoint Report and get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
DOWNLOAD NOW
653,757 professionals have used our research since 2012.