Cisco Secure Endpoint Primary Use Case

MZ
Security Manager at a wholesaler/distributor with 10,001+ employees

I'm working in a wholesale industry company. We are present in around 16 European countries and my company has around 5,000 employees. I have been using Cisco products since 2007, and in this company for around three years now.

I am using Cisco Secure Endpoint for around 6,000 endpoints, and I also use Cisco Secure Email, ESA product. It's a cloud-based solution from Cisco. I'm using Cisco Malware Analytics and Sandbox. I use Cisco SecureX to integrate all of these and monitor all these ecosystems from Cisco Secure.

Our use cases for using Cisco Secure products are to increase defenses, machine learning, to integrate all these solutions from the backend, do single dashboard threat hunting, do few clicks incident response, have visibility across the entire architecture, and more. We are happily using Cisco and have various different use cases.

We have backend integrations, front-end visibility, and then incidence response with a single click.

View full review »
NG
Sr Network Engineer at a real estate/law firm with 1-10 employees

Cisco AMP is an anti-malware and antivirus product. It provides endpoint protection. We use it as our antivirus and anti-malware tool. We put it on all our computers. Our employees have it on their laptops because they leave the network and we can't protect them everywhere. Microsoft Windows comes with a built-in tool but it's not quite as powerful. So we use Cisco AMP and Microsoft System Center Endpoint.

Cisco AMP is our primary solution, but we don't uninstall the free ones that come with Windows.

It runs a little agent on the computer and then you manage it from a website platform. There is an application installed on the computers and they all connect up to the management console, which is hosted in Cisco's cloud.

You can use it for single endpoints. We have 3,000 that we use and then there's the free version of it you can use for home.

View full review »
Ahmed-Dawood - PeerSpot reviewer
CEO at Oriental Weavers

My company uses Cisco Secure Endpoint for its endpoint security and firewall.

View full review »
Buyer's Guide
Cisco Secure Endpoint
March 2024
Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Mark Broughton - PeerSpot reviewer
Level 2 tech at a tech services company with 11-50 employees

It was our primary endpoint protection. 

View full review »
AKSHAYK - PeerSpot reviewer
Consulting & Support Region Senior Executive at Redington (India) Ltd

We recommend the solution to our customers. The solution is used to identify the malicious content in a network. We install an agent. If any malicious content enters the laptop, the agent communicates with the AMP cloud. The AMP cloud validates everything.

View full review »
EI
CISO at a computer software company with 201-500 employees

We are delivering Cisco solutions and security services to more than 100 customers. We use AMP, which I believe is currently called Cisco Secure Endpoint. We use Umbrella, we use SecureX, we use Meraki, and we, of course, use firewalls. So, it's a very broad range of Cisco products. 

View full review »
Christos Papadopoulos - PeerSpot reviewer
Software Engineer at Thessaloniki Port Authority SA

We saw this product with a partner. We installed it and configured it properly along with our antivirus solution. We monitor it almost every day to see what's going on. Up till now, we are very happy with the performance.

We check every day if there are any indicators of compromise, if there are any workstations that need particular attention, or if there are any peculiar or strange events.

View full review »
Sagar Ghumare - PeerSpot reviewer
Sr. Network Engineer at a comms service provider with 201-500 employees

We use Cisco Secure Endpoint as an antivirus on computers. That is one of the important use cases that we have, as an antivirus.

View full review »
Nicola F. - PeerSpot reviewer
Infrastructure Engineer at TeamSystem

We have a complete Cisco environment; we use Cisco Firepower, Cisco ACI, and many of their other products. We have many of their top solutions from the network to the data center server.

View full review »
ES
Chief Commercial Officer at open line

We use a lot of Cisco products to integrate into our services for about 160 customers in healthcare, local government, and social housing.

We are using tons of Cisco products. Besides all types of firewalls, we are using IronPort for email. We are using a lot of networking products as well, in which security is also embedded. We also use the SecureX platform to leverage our security automation.

We have about 160 customers, and each of these customers has its own compliance, set of rules, and governance. So, the use cases might vary, but it's all about keeping them safe on all levels; on a technical level, on a tech framework level, and also on a personal level. We try to prevent our customers from doing things that they didn't intend to do as well. The use cases vary, and we embed them in all our services and also in our security operations center.

View full review »
Brad Wright - PeerSpot reviewer
Principal Architect - Cybersecurity at Logicalis

I'm the Principal Architect of Cybersecurity at Logicalis. I've been working with Cisco for thirty-something years. I started out with the military, and then as an engineer, I worked with a large data center company. We build data centers all around the world, and then I moved to the partner space for about the past ten years and have been architecting and selling Cisco Security solutions.

A good use case for Cisco Secure Endpoint is threat hunting. It's the integration with Cisco SecureX and all the other Cisco technologies to really be able to look for, hunt, find things, see how they move through their network, and find out what actually happened.

View full review »
MB
Technical Director at Ridgewall

We needed an endpoint security product and this was the one that we chose. We also use Cisco Umbrella, which fits in neatly with the endpoint as endpoints are moving, more and more, out of the office now. Traditionally, it's slightly harder to manage that, so we use Cisco AMP and Umbrella on those endpoints to secure them.

It's almost entirely on-premise. Although there are some small cloud installations where we use it.

View full review »
TC
IT Manager at van der Meer Consulting

We have it installed on all our workstations and servers. Primarily, we started with it after we were hit with a ransomware attack about five years ago. We looked for something that would give us a bit more visibility as to what was going on the network, where the weak points were, etc. We had an antivirus solution (FireANT) back then, which obviously wasn't good enough on its own. So, we went looking for something that was going to be a little more granular in how it gave us visibility on the network.

We have the Cisco AMP for Endpoints Connector on our workstations, which is all done in the cloud. We have Windows Server, Windows 10 workstation environment, and on-premise servers at the moment with some cloud. I guess we would call ourselves a partly hybrid business, with some stuff in the cloud, and all our access points have Cisco AMP on them. This currently includes work-from-home devices, because we have a lot of people still working from home with the coronavirus thing going on, even home users have Cisco AMP as well.

Our operating systems, whether they be Linux, Windows, Mac, or Google Android, are well-protected.

View full review »
Gassan Shalabi - PeerSpot reviewer
Manager at UCloud

I'm hoping that this is protecting me from all the harmful issues that are happening, because we know exactly what kind of world we are living in on the internet.

View full review »
DT
CIO at Per Mar Security and Research Corporation

We're using it in a handful of ways. We initially bought it to provide endpoint protection against malware and the like on our laptops that were mobile and off our network the entire time. We eventually moved it onto all of our desktops, and we have now integrated with Umbrella, so we have a full protection suite for all of our clients across our enterprise. 

View full review »
RM
Director of I.T. Services at a non-tech company with 201-500 employees

Our primary use case is general antivirus protection.

This product was deployed to a number of Windows machines, and we also have a VMware environment.

View full review »
Eros Huso - PeerSpot reviewer
IT auditor at Tirana Bank Sh.A.

I implemented the solution in my company to use its managed endpoint protection in my company's use cases. Most of the users of Cisco Secure Endpoint in my company are unaware that they use the product. Our company only uses it to isolate possible malware on the endpoints. Our company uses the solution in collaboration with other software protection tools we have so that it helps us to look into cases where possible malware or attacks can happen.

View full review »
JG
Director of Technical Services at a educational organization with 51-200 employees

We secure the laptops down, making sure that where we build the policy, every policy is consistent on every laptop.

View full review »
Felipe Guimaraes - PeerSpot reviewer
Sales Director at Samsung

It is used especially to connect with MDM, covering security and monitoring services.

It protects user devices, especially for field services.

Customers need some infrastructure on the cloud, e.g., Amazon and Google. We also need some testing and stage environments to perform tests.

View full review »
MM
Senior IT System Administrator at ScanPlus GmbH

AMP 4 Endpoints protect our workstation (ca 300), our VDI environment (ca 250), and our servers (ca 50).

The old product was from Trend Micro and was just a simple antivirus solution. It was ok, but it was just an antivirus. We needed something more than just an antivirus that is used by every end-user. We were looking for a tool can we trust, and something that can schedule some things, implement scripts, analyze malware, perform advanced scans, etc. Our company, as an ISP for many customers, has to be protected from vulnerabilities.

View full review »
K.O - PeerSpot reviewer
Application Manager at HNB

Being the primary AV/IDS within the enterprise, we have the solution deployed across multiple platforms including workstations, servers and Operating Systems.

The solutions conveniently integrates with other existing on-prem and cloud application will relatively minimum to stand up, using APIs and security best practices.

Most out-of-the-box features are either being utilized or pipelined to be deployed going forward, including MAP, ETHOS, SPERO, Exploit Prevention, SecureX, and Tetra which serves as an offline definition repository for workstation who are unable to pull definition updates using the default Cisco AMP cloud route.

View full review »
CK
Engineer at Innovo

We use this solution to protect our IT environment. We use it to secure our user endpoints.

View full review »
ED
System Administrator at a manufacturing company with 201-500 employees

We rely on it for antivirus. There are probably three levels, and we have the bottom tier, the most basic one.

It is on Cisco's cloud. We have the client installed on all workstations, but we don't have a server.

View full review »
CT
Systems Architect at a consultancy with 5,001-10,000 employees

AMP was purchased for our organization in response to continued threats that we had from malware and malicious activity on our endpoints. We received AMP for Endpoint and also AMP for Networks as part of our Cisco Security ELA. The solution has made a huge impact on the visibility of what has actually been transpiring at the process level on our servers and workstation endpoints as well as being able to look in detail on those processes to see whose executed those processes and what the trajectory was for those processes.

AMP for Endpoints is Software as a Service. It's a subscription service. You do download a connector onto the endpoint. Then, there is the option to run it to an air gap mode where you connect to a local server that does back out to the AMP Cloud. However, that's not the deployment we have in our case, we have it connecting back directly to Cisco Cloud Security.

View full review »
Berkhan Yaman - PeerSpot reviewer
Cyber ​​Security Specialist at a tech services company with 11-50 employees

We use it to deliver the best endpoint protection and control for our clients. We offer them MSSP services for their products, so they are assured that their product is fully visible and protected.

View full review »
ZS
Solution Architect / Presales Engineer at a comms service provider with 1,001-5,000 employees

I use the public cloud deployment model. I have installed the license, the software, on my VM and it is being managed by Cisco Cloud.

My primary use case for this solution is to test it against malicious links and for encryption and decryption. 

View full review »
MM
Technical Engineer at a healthcare company with 5,001-10,000 employees

We are using it for remote users, and that's our main reason for using it. We have a lot of colleagues who work outside the organization, and they need to connect to the local, on-prem resources for file sharing and other things that we have in our data center. That's it.

View full review »
HB
Security Officer at a healthcare company with 51-200 employees

AMP for Endpoints has Endpoint Connectors, which are agents on the endpoints, providing security against malware and intrusion detection. It also provides intrusion prevention. We install the Connector on all the endpoints before they're deployed and also on our virtual desktop images. They provide constant monitoring and alerting on any events or potential threats to let us know when there is something going on that we can further investigate.

AMP intersects with a bunch of other Cisco tools, such as Threat Grid, Threat Response, and Talos Intelligence to identify threats, then automatically quarantine or remove them. It also gives you the ability to isolate endpoints to prevent further spread of any sort of malware, like a virus that might infect other machines.

View full review »
EL
IT Security Services Owner at Atea AS

We are trying to provide managed security services. This solution would be part of those managed security services.

View full review »
JA
Technical Advisor at a government with 10,001+ employees

We're using it for endpoint security for users and to make sure that no vulnerabilities exist.

View full review »
WH
Technical Team Lead Network & Security at Missing Piece BV

We were looking for a security product, which would not only block known viruses, but give more visibility and control over anti-malware. We offer Desktop as a Service (DAAS) for small and medium businesses, so we have hundreds of laptops, desktops, and virtual machines. Because users click on everything, you need to have a solution in place which will detect if something happens and log it, if there's anything malicious, then it will be blocked and reported.

The main reason for going with Cisco AMP is its integration with other Cisco solutions. It can integrate our firewalling, DNS protection, and email security appliance, so if there's a malicious file, and I see it on one of those devices. I can say, "Hey, I want to have this blocked," and it will immediately stop it being emailed in or out our environment. It also can no longer be downloaded from the Internet. Thus, with one click, we have multiple points protected.

AMP is a bit of a time machine for our environment. We can see any action being executed, connection being made, or file being written, whether it's malicious or not. Everything is been logged. I can basically go back in time and see, "This user opened this website," or, "This process created this file." If at any point in time, we do get something where, "There has been malicious activity there," we can completely follow it back:

  • How did it get there? 
  • Did it change other files? 
  • Did it leave a scheduled task somewhere? 
  • Did it connect to other machines? 
  • Did it drop software on another place even before it was know to be malicious? 

All activity has been logged. If something turns out to be malicious, or if it's a user doing something they shouldn't be doing without using any malicious software but just using system tools, you can still see every command being run from the console.

The management console is cloud-based and the deployment goes to the endpoints, which are either in our data center or on the laptops and desktops that users have in their offices.

View full review »
PS
Network security engineer at a tech services company with 1,001-5,000 employees

We use this solution for the malware features, to protect our network and our endpoint users. We deployed this solution for security.

View full review »
ST
System Engineer at asa

We are system integrators and we use this product for DNS security, which is integrated with the DNS service.

View full review »
MohamedEladawy - PeerSpot reviewer
Service Security Lead at Salam Technology

We mainly use this program for our business operations.

View full review »
RZ
Chief Information Officer at Sacramento County

The primary use case is email filtering.

We are using the latest version.

View full review »
it_user807534 - PeerSpot reviewer
Solution Sales Specialist at a tech services company with 5,001-10,000 employees

Endpoint security prevents malware and exploit kits coming into your mobile devices, and when you are outside the corporate network and not protected by the firewall.

View full review »
MS
Deputy GM at Oregon Systems

We're in the banking sector. We use AMP to protect security endpoints.

View full review »
SN
System Architect at COMPASS IT Solutions & Services Pvt.Ltd.

The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as well. We use AMP on the endpoints for writing automated policies in order to protect the user when they join the network, for example. 

View full review »
SV
CISO & COO at a tech services company with 1-10 employees

We use this solution as part of our organization security.

View full review »
Buyer's Guide
Cisco Secure Endpoint
March 2024
Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.