Cisco Secure Endpoint Previous Solutions

MZ
Security Manager at a wholesaler/distributor with 10,001+ employees

We evaluated three vendors in each domain We found that Cisco offers enterprise-grade security solutions. Other vendors may be good in specific niche markets, but they do not offer an ecosystem and backend integration with other solutions that allow for a single pane of glass for threat hunting and incident response.

There are a lot of API integrations and evaluations of different threat resources. We were focused on not only switching from the legacy Email Security solutions and the endpoint solutions, the main point was to get an ecosystem of security, where we have end-to-end protection and a single dashboard for visibility, incident response, and threat hunting. Cisco was offering that at an enterprise grade, and the competition was a little lagging behind on enterprise-grade security solutions.

For example, in EDR you can take the top two EDR solutions in the world. They don't have an ecosystem. If you take the top two global leading email security gateways, they also don't have an ecosystem. For firewalls, you can take the visibility from the SecureX side. They are good in their market segment, but when we need an ecosystem, they are not. Any top two domains did not prodive us with the ecosystem.

View full review »
NG
Sr Network Engineer at a real estate/law firm with 1-10 employees

We replaced a Norton product with AMP. Now, we run the default Windows tools that come with it, along with Cisco AMP. The Windows solutions are free but we wanted to buy a more robust one with better ability to search and do forensics. There are similar solutions to Cisco, but it has definitely been an improvement over previous stuff that we've used.

We have a lot of other Cisco products that it integrates with, and that was one of the reasons we chose Cisco AMP. We did a demo and it was good and it answered the questions we had. We wanted to be secure, so we needed to find an antivirus tool that works. It makes it easier for us to monitor all of the computers for viruses.

View full review »
Ahmed-Dawood - PeerSpot reviewer
CEO at Oriental Weavers

We use a different product for DNS. I have previously used Fortinet. I use Cisco for our data center, while I use Fortinet since it provides an SD-WAN solution.

View full review »
Buyer's Guide
Cisco Secure Endpoint
March 2024
Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Mark Broughton - PeerSpot reviewer
Level 2 tech at a tech services company with 11-50 employees

We had previously used another product and then replaced that because we were very Cisco-centric. The idea was that switching to Secure Endpoint would give us better integration and thereby enhance our security posture.

View full review »
AKSHAYK - PeerSpot reviewer
Consulting & Support Region Senior Executive at Redington (India) Ltd

We also use Cisco Umbrella. Secure Endpoint is for the security at an endpoint level. Umbrella secures the DNS traffic.

View full review »
Christos Papadopoulos - PeerSpot reviewer
Software Engineer at Thessaloniki Port Authority SA

It's the first time we are using this kind of product. We didn't use any other product previously. 

View full review »
Sagar Ghumare - PeerSpot reviewer
Sr. Network Engineer at a comms service provider with 201-500 employees

In the beginning, we had previous software. It was like the old way of seeing it, looking for the signatures. By the time we faced a problem and were trying to fix it, it was already too old. We were just not on top of it. It was becoming more of a reactive solution, rather than a proactive approach to fixing the problem. That was the main, driving force for us to find a solution that can be more proactive rather than reactive.

The antivirus software we used previously was facing a lot of issues with the signature downloads. Antivirus is looking for the signatures, to see if [there is] the respective problem, and trying to match those signatures. This is such an old way of doing it, which was [being done] for quite some time. 

Secure Endpoint has become a real game-changer in that field because it's a cloud-based approach, and we are already talking about getting signatures, not only for our organization, [but for] attacks [that have] happened to other organizations. We also get that information and we get protected already, without even having to intervene in the process. That really helps in many ways.

Previously, we were using Sophos antivirus and we replaced it with Cisco Secure Endpoint, which was previously called AMP at the time.

View full review »
Nicola F. - PeerSpot reviewer
Infrastructure Engineer at TeamSystem

We tried Microsoft ATP and previously used Trend Micro Apex One. We used Trend Micro Deep Security in our VMware environment, which is a hypervisor-level anti-malware. Still, we removed it because it blocked our VM migrations, which significantly impacted our production ecosystem. We had to use DRS to migrate our VMs, and when they don't migrate, that results in an overloaded hypervisor server using all the CPU and RAM. That has a knock-on effect on the other systems and applications, degrading their functions, which is not what we want from an anti-malware solution. Thus, we moved to Cisco Secure Endpoint; we already had a strong connection with Cisco because we use many of their products. It is an affordable offering compared to the competitors, such as Windows Defender ATP.

View full review »
ES
Chief Commercial Officer at open line

We were using different products before, but we made a strategic choice to use the endpoint protection part. We're very happy with this part because it works on all types of devices and all types of endpoints—not only the user endpoint but also the networking endpoint and a lot of server platform endpoints as well. That was a primary reason, and obviously, the cost or OPEX was a part of the strategic choice to do so, but the most important part was that it had the behavior analytics part in there, so we could be more prepared for zero-day attacks.

View full review »
Brad Wright - PeerSpot reviewer
Principal Architect - Cybersecurity at Logicalis

Secure Endpoint is a great product. It provides integrations into so many of the Cisco ecosystems. One of the better things that I like about the product is that there is this whole ecosystem. I talk about XDR when I talk to my customers because I like to tell them to do outcome-driven selling or outcome-driven processes, and that outcome is XDR. I want to be able to have the customers that have some toolsets that they can look at their entire security infrastructure, the whole perspective, and get an outcome and know what's going on.

Secure Endpoint provides those integrations. We see things from Microsoft customers like Defender. It's a great product too. I think that it doesn't do as great a job right now integrating with other products, but it's all over the place. So it's one of those things where we have to figure out how it works. Most Windows boxes, even if you have Secure Endpoint on it, it also has Microsoft Defender on it as well. I think SecurePoint plays really well with that type of technology. 

View full review »
MB
Technical Director at Ridgewall

We used Sophos in the past. We're replacing it, so when the renewals come up we replace Sophos with AMP, wherever possible.

View full review »
TC
IT Manager at van der Meer Consulting

Fortunately, our ransomware attack was way back in the very early days when no one really knew anything about it. However, I had done a bit of reading on it and knew the first thing to do when you see one of those things is to disconnect the machine from the network that is causing the issue. I knew which one it was straightaway, so I managed to disconnect it from the network. Then, the proliferation stopped straightaway. We were able to get stuff from the backup fairly quickly because we have good backup regimes in place, but it was purely by chance that I came across the ransomware as a threat. Although I didn't understand to what extent it went, we were able to mitigate it.

The ransomware attack took probably a good two days of my time fixing and getting things back to normal. It impacted some people in the business world because of where the ransomware got into the network. That was the wake up call, to say, "Hang on. We need something that's going to flag these issues and give us visibility." Our antivirus software was completely benign to it at that time. It had no idea and didn't pick anything up. That's what made us go looking for something. We came up with FireAMP (Cisco AMP). We decided to trial it for a few months and got an idea of exactly what was going on in the network. We did an audit on the network (to start with) and realized that we had some issues. While all stuff was mostly benign and just sitting around the place, it gave us the ability to quickly see what was going on. That was when we decided to go down the path of getting something that would give us that visibility.

The firewalls did their job to some extent. Since then, we have changed our Internet providers and now have a managed firewall. This takes a bit of pressure off me, but we've left AMP in place since we assume that the firewall will let through various things. So, we take the position that we use both Cisco products to protect us from anything that gets through. It is not a matter of just relaxing a bit because we have a managed firewall in place with a lot more security than we probably had five years ago. We still take the view that we need to protect inside the network, assuming something gets through the door, because there are always ways around these things. That's how these things start: They get ahead of a security software before the security software can catch up.

View full review »
Gassan Shalabi - PeerSpot reviewer
Manager at UCloud

I did not have a previous solution.

View full review »
DT
CIO at Per Mar Security and Research Corporation

We've been an AMP customer for a very long time. We've always had antivirus on the desktops; that's what everybody needed to do. Then, I went to a security conference and Cisco was talking about AMP and about how ineffective antivirus really was and that you needed something more. This was when they were bringing AMP to market. I seized on it immediately and said, "That is well-priced, well-positioned, and exactly the gap that we need to fill."

It definitely helps us minimize security risks. We were probably aware of those risks, but may have just been limited in the tool sets available to us. AMP came to market when there weren't a lot of tool sets out there. Before AMP, we made our best efforts in educating and the like, in the hope that nobody would click on bad things. But then we were able to plug AMP into the environment and know that we had a piece of software so that if somebody did click on something bad, we had tools in place to prevent it from doing anything totally out of bounds, and business-shattering.

Malwarebytes was probably about the closest that we had to a solution that was comparable to AMP, but they are definitely not direct competitors. That was a tool that we used on a one-off basis if we thought a computer was infected with malware. Once we deployed AMP, we no longer had a need for that tool.

View full review »
RM
Director of I.T. Services at a non-tech company with 201-500 employees

Prior to using this product, I did not have other agents in place to handle the same job. We had implemented Microsoft Defender for Endpoint but that doesn't really have any reporting tools.

We switched away from Defender because we needed better visibility. There really wasn't any.

View full review »
JG
Director of Technical Services at a educational organization with 51-200 employees

We were using Avast and Norton. We felt it was time to switch to something Cisco branded that we could trust because we are a Cisco shop. All of them are proactive, but identity services was a big reason we switched to Secure Endpoint. You cannot really hook Norton into a Cisco ICE. We chose it for the integration abilities.

View full review »
Felipe Guimaraes - PeerSpot reviewer
Sales Director at Samsung

We previously used IBM. We switched because customers made decisions to work natively with the Cisco features, especially on infrastructure and security environments.

View full review »
MM
Senior IT System Administrator at ScanPlus GmbH

We used Trend Micro and when we tested AMP 4 Endpoints we saw its value immediately.

View full review »
LC
Manager information security at a consumer goods company with 1,001-5,000 employees

We were looking to replace Microsoft Defender, which really just wasn't cutting it. Before Defender, we used Kaspersky. We needed to go to an EDR solution and we were already a Cisco-centric company, so it made sense to go into a unified environment.

View full review »
ED
System Administrator at a manufacturing company with 201-500 employees

I've only been with the company for a year. They had it when I got there, and we haven't changed anything since then.

I've used McAfee and Norton, and it does much better than them.

View full review »
CT
Systems Architect at a consultancy with 5,001-10,000 employees

Threat Response is integrated with AMP and all the other Cisco security products. That has really helped to decrease the troubleshooting time. Back in the legacy days of AV and Endpoint Protection, the typical workflow would be, "Okay, I have a machine over here that has been infected. I have to figure out all the files which touched it." It was almost impossible retroactively to go back and see what everything it touched and where it all went.

You had to witness the malware in the wild (in real-time) to figure out what it was doing. With Threat Response, you are able to see its executables and trajectory across your network, then where it tried to reach the outside world. All of this helps to mitigate our threat response from days or hours to just a few minutes.

Prior to Cisco AMP, we used Sophos Intercept X, which we still do use, and we also used Carbon Black.

View full review »
Ahmed-Dawood - PeerSpot reviewer
CEO at Oriental Weavers

I also use Trend Micro. I use both programs, because they have different security layers. Both programs are very good.

View full review »
ZS
Solution Architect / Presales Engineer at a comms service provider with 1,001-5,000 employees

We were previously using Check Point Sandblast Agent. We switched because it wasn't as stable as this one. We had some problems with it and we needed to contact their support and it wasn't so good. I would get tough questions from my clients so eventually I told them that we would look into other solutions.

We also work with Fortinet but I prefer AMP. 

View full review »
MM
Technical Engineer at a healthcare company with 5,001-10,000 employees

We were using another solution before. We switched because we have Cisco everywhere, and the best way is to go for Cisco for everything. That's our strategic plan.

View full review »
HB
Security Officer at a healthcare company with 51-200 employees

We still do use System Center Endpoint Protection (SCEP). I am in the security group, and there's an infrastructure group who deploys the desktop. As part of their deployment, not only do they include AMP, they also include the Microsoft tools of various types.

Mostly, AMP affords us utility and visibility. Whereas, we had very little control and visibility into other tools because they weren't ours. we didn't have such great access. For endpoints, it's really been great for us as far as having that level of visibility and ability to control what's going on. To not only have the responsibility for security, but the ability to provide security has been the big deal for us. We didn't have such great access. 

When we only had the SCEP solution, we would get alerts but that would be it. We wouldn't have access to the tool to get more information from it. This left us sort of trying to troubleshoot the device in a vacuum without understanding what was going on.

View full review »
EL
IT Security Services Owner at Atea AS

We are providing our customers multiple solutions depending on their needs. So, it's more like what our customer needs. We could go with Cisco or maybe we could with another vendor (we will see). Right now, we are quite satisfied with Cisco.

View full review »
JA
Technical Advisor at a government with 10,001+ employees

We used McAfee. We switched because we're more Cisco-reliant, and the product suits us better.

View full review »
WH
Technical Team Lead Network & Security at Missing Piece BV

We previously used Microsoft System Center Endpoint Protection. We switched away from it for two reasons:

  1. System Center Endpoint Protection is a classic antivirus product, which will block no malware and only work on Windows. There is nothing advanced about it. It does not have login or the cloud console. It will only give you alerts if the machine is connected to the domain. It was a legacy product looking at the malware and the threat landscape. There was no ransomware protection. There was no sandboxing any threats if there was an unknown file. Now, it will be sent over to Cisco Threat Grids and go right on the VM, then there will be a verdict passed saying, "Good file, bad file, suspicious file." Previous solution didn't have that. 
  2. Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection.

We had ransomware before we had Cisco AMP. Basically, the user calls you to say, "Hey, there are some files I cannot access well." You log into the machine and look at the processes, then you see there is a process encrypting all the files. You kill the process, get the files (which have been touched), and then start to restore. However, how can I be certain that the process which was started by the user did not leave a scheduled task saying, "In five hours, we have to start another thing," or did it upload any user data to a different machine? How can I know if was there was data loss involved in this incident?

With our previous solution, you had no way to be sure that you were not missing something, if there were not any files left, passwords/data stolen, connections made to different machines, booby traps or scheduled tasks left, etc. With Cisco AMP, if it manages to execute, I can say, "How did we get this file?" With one click, I can block it from being downloaded from the Internet and being emailed in/out of our environment. I can also see if there were any files created or connections being made. Then, I can be 100 percent sure if there was a data exfiltration, anything left behind, or if we missed anything. AMP is very thorough.

With our previous solution, if it was known malware, we would get an alert. If it was an unknown malware or ransomware, our users were our detectors. Then, it might take hours before they could say, "Hey, something's not working for me." Cisco AMP will get you that same alert within minutes of an incident occurring.

Before we had the Orbital tool and Threat Response, we were just feeling around in the dark if we were doing an investigation. We were never sure, "Did we get everything?" We did positively identify malicious malware, but, "Did we miss anything? Has anything else happened? Is this also happening on different machines?" There were these questions we were not able to get 100 percent satisfying answers on. With Cisco AMP, Threat Response, and Orbital, we are 100 percent certain that we got every trace of malicious software. We're also certain that no other machines have been compromised or will be compromised in the same way.

View full review »
ST
System Engineer at asa

We use the traditional antivirus, its don't able to protects real time protection don't have firewall integration.

View full review »
MohamedEladawy - PeerSpot reviewer
Service Security Lead at Salam Technology

We also use Micro, so we use two programs simultaneously. 

View full review »
RZ
Chief Information Officer at Sacramento County

We wanted to get a homogeneous environment where everything works together and is integrated well together. This was a big advantage and big driver for us.

View full review »
Buyer's Guide
Cisco Secure Endpoint
March 2024
Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.