The main competitor was Palo Alto with Network Traps. The difference was that Traps would detect viruses but it would not delete them or clean them, whereas AMP did, right out-of-the-box. AMP also worked with multiple operating systems, as I mentioned and the Traps solution did not offer that at the time I looked at it.

I chose Cisco Secure Endpoint from a security standard and integration perspective. I believe Cisco is the business leader and is a highly scalable solution.

When I got there, we did look at one or two others, but they had pretty much made the decision to go with Cisco by the time I arrived.

I was a part of the evaluation process to go from a traditional antivirus package to a new solution called endpoint detection and response. Of course, there are only two big players, Cisco and Microsoft, in that area. We had to discuss what to do and how to deal with it. Of course, many customers have Microsoft in their workplace, but we are offering Cisco at least for the endpoint service where we have the hosting center. If they want, we can deploy AMP on the endpoints as well. However, there's something to say about the fact that you have two different kinds of EDRs. On your end-user devices, you have Defender, and on your server, you have Cisco, which makes it even more strong.

Traditionally, Cisco comes from the infrastructure. The difference between Cisco and Microsoft security solutions is that Cisco is coming from the infrastructure part, and Microsoft is coming from the data part. What you see is that Microsoft developed its solution from information, from data, and Cisco is coming from the infrastructure. It is deeper in IT. The solutions are deeper, and therefore, they sometimes might be stronger if you are only looking at the top of what's in IT. That makes it a little bit different. So, it's not about who's better or who's stronger. In some cases, they are an addition to each other.

Cisco Secure was the right solution for us. Of course, that was also because of the cost. Because we were already working together with Cisco, we chose Cisco for our hosting center and for all of our services. If the customer wants to have it on their endpoints and user devices, they could use our Cisco solution as well. If they want to have Defender, we support that as well on the endpoints of the user. 

We didn't evaluate other products. We had seen this product before. We discussed it with our partners, and we just went for it. Our main thought was to go with a product and brand that we can trust. All our core network is Cisco, so this was the product that came straight into our head.

We looked into McAfee back in the day, and Windows Defender, and all different [kinds of] antivirus software, but we end up landing on AMP because of that connectivity with the cloud and instant connection to other resources. That really helped as the driving force to select this as our tool.

We only had one real runner-up, and it was Microsoft Defender, which is also a good solution, but it's less integrated with our Cisco infrastructure.

We looked at a number of different solutions: Carbon Black, Cylance, Sophos Intercept X and we liked the Cisco AMP solution over those products because it fit in neatly with the rest of the Cisco portfolio. We believe that the management of the various security products fit better with one manufacturer, rather than picking various manufacturers to try and manage a security solution.

The integration of Cisco Threat Response with Cisco Umbrella is getting a lot better. What we like, across the board, is that the solutions are backed by Talos, and Talos is the largest, independent, security-research and threat-hunting organization in the world. We like the fact that the protection is spread across the Cisco environment. That's where this set of products wins when compared to other vendors. It's not that other vendors, like Carbon Black and Cylance, aren't delivering good products. They're just not doing the whole suite. They're not providing the firewall, they're not providing the CASB solution like CloudLock. I'm not sure if they're doing DNS filtering yet; a lot of vendors are catching up on that. But effectively, when you get a known issue, Cisco have the ability to roll it out across a suite of products and therefore you get protection very quickly. So if you discover a problem in Cisco Umbrella, they can update that threat, where need be, in AMP. That's quite a unique selling point for Cisco.

We did look at another solution. At the time, there wasn't a lot of software for small to medium-businesses.

I was looking for something with a business name reputation behind it that would give us a good level of security. That's why we went with the Cisco solution. We initially went with Cisco based on its name in the industry, and we have been very happy with it.

Cisco AMP comes with an in-built antivirus, but we have another antivirus that we use. Though AMP works whether you use their antivirus or not, it doesn't matter, we thought, "If we use a separate branded antivirus, they may have some extra sort of pickups that the AMP antivirus may not," to spread the risk a little. We have some other systems in place internally in terms of how we protect file installations and macros running on the network. Therefore, we do add extra layers of security that we feel that we need. However, we are confident that this will pick up most of this stuff along the way.

I looked into SentinelOne two months ago. The question is, is the system protecting me enough or not? Sometimes I ask myself, should I put more security on the servers? Doing so is going to make the system work more slowly. I checked SentinelOne because some of my colleagues who have Cisco AMP had an attack that Cisco AMP did not see.

Before choosing Cisco Secure Endpoint, we didn't thoroughly investigate or evaluate other options. We are a Cisco shop and we generally lean toward using Cisco products.

My company wants to stop using Cisco Secure Endpoint and opt for another solution.

We need to be open as an integrator to figure out other situations and features, especially from Microsoft and IBM. Everything is related to the customer's architecture, which is why we have to be open-minded. 

There was no other option; we wanted the Cisco solution immediately.

We looked at CrowdStrike and Carbon Black. All the solutions had great value, but we went with Cisco because we were with Cisco for networking quite a bit. Also, our overall direction was to look at SASE, and with some of the other things, they all just started coming together. It made a lot of sense to stay in one environment for functionality.

We evaluated Carbon Black before going with Cisco AMP. The reasoning behind going with AMP over Carbon Black was we already had other Cisco security products in our organization. Therefore, AMP was a native integration versus something like Carbon Black where you're looking at a third-party integration. Also, Carbon Black was a bit more cumbersome when it came to performing a lot of the tasks that AMP performs. Carbon Black was first to market with things like endpoint isolation. However, after speaking with our Cisco account reps, we did realize that, "Okay, Endpoint Isolation is coming to AMP. It's just not there yet." That did come to fruition, so there wasn't an advantage to using Carbon Black over AMP. Plus, there were several advantages to using AMP over Carbon Black. That's what led to our decision.

We looked at a bunch of different things. We looked at Carbon Black along with two or three other of our tools that we didn't really have any control over. 

Cisco AMP came as part of the Enterprise Agreement with Cisco, so it was included. This made it much easier to spin up and use.

We are looking for cost-effective, efficient solutions for our customers, and Cisco happens to be one of the vendors who fits into that scope.

Microsoft is another vendor who offers a similar licensing model for this type of solution. There is also McAfee and Trend Micro. It depends on the customer's requirements.

We did do a product selection, but we did only the proof of value with Cisco AMP. We looked at Trend Micro and a VMware product on paper. However, looking at our integration possibilities, since we were already using Email Security and firewalling from Cisco, there was no other product that offered the same level of integration.

Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world.These teams are supported by unrivaled telemetry and sophisticated systems to create accurate, rapid and actionable threat intelligence for Cisco customers, products and services.

We chose this product based on research and for its integration with other Cisco security products.