Cisco Secure Endpoint Room for Improvement

Mark Broughton - PeerSpot reviewer
Level 2 tech at a tech services company with 11-50 employees

We were using a third-party help desk. One of the ways that they were fixing problems was to delete the client and then add the client back if there was an issue where the client had stopped communicating. Any improvement in the client communicating back to the server would be good, particularly for machines that are offline for a couple of weeks. A lot of our guys were working on a rotation where the machine might be offline for that long. They were also terrible about rebooting their machines, so those network connections didn't necessarily get refreshed. So, anything that could improve that communication would be good.

Also, an easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful. If you could say, "Okay, we've got these two machines. This one says it's not reporting and this one says it's been reporting. Obviously, somebody did a reinstall," it would help. That way you could get a more accurate device count, so you're not having an inflated number. Not that Cisco was going to come down on you and say, "Oh, you're using too many licenses," right away. But to have a much more accurate license usage count by being able to better dedupe the records would be good.

I also sent over a couple of other ideas to our technical rep. A lot of that had to do with the reporting options. It would be really nice to be able to do a lot more in the reporting. You can't really drill down into the reports that are there. The reporting and the need for the documentation to be updated and current would be my two biggest areas of complaint.

Also, there was one section when I was playing with the automation where it was asking for the endpoint type rather than the machine name. If I could have just put in the machine name, that would have been great. So there are some opportunities, when it comes to searching, to have more options. If I wanted to search, for example, by a Mac address because, for some reason, I thought there was a duplication and I didn't have the machine name, how could I pull it up with the Mac address?

When you're getting to that level, you're really starting to get into the ticky tacky. I would definitely put the reporting and documentation way ahead of that.

View full review »
EI
CISO at a computer software company with 201-500 employees

We would like to see the protection from the start of the endpoint till the end. Nowadays, we see that working from home is quite important, so there's a need to protect the whole layer, not only the network of the customer. There is a change towards starting from the process on the endpoint and then protecting that towards the application and the data on the back end. You need to protect that whole layer, which means that you have to have something on your endpoints that can protect. Today, at the Cisco Live event, I heard that there will be an AnyConnect solution from Cisco that will help us in delivering the kinds of security solutions that customers currently want. In some cases, we use AnyConnect, but because SaaS is coming up, many of the solutions or many endpoints are using a browser to make the connection to any place, anytime, and anywhere, so you want to have a secure connection at the start. It should be on every endpoint. I've heard Cisco is developing that right now to have all endpoints, not only laptops, desktops, and tablets, but also mobile devices, connected and secure towards the application and the data at the end. We are using AnyConnect as a VPN solution, but not as a whole set, which is currently being developed by Cisco.

They can combine the platforms and the management tools so that they are a little bit simpler and easy to use.

The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers.

The quality of the product should be on top. For instance, when they are being introduced, some firewalls have some bugs, and they are known bugs. So, going to the latest version of the firewall is not always the smartest thing to do. There could be an improvement to help us go to the most modern version.

View full review »
Nicola F. - PeerSpot reviewer
Infrastructure Engineer at TeamSystem

When we first installed the solution, we faced significant issues, as the server needs to be rebooted when the agent upgrades. This isn't easy in a production environment, and we relayed our concerns about this problem to Cisco.

The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product.

However, Cisco has improved its product, and version 7.1 ended the need to reboot machines for updates. It's also more stable than before, though I still think they have a lot of work to make this a genuinely stable product. Cisco Secure Endpoint is a developing solution, but they need to do more. It doesn't match up to the offerings from CrowdStrike, FireEye, and perhaps Carbon Black.

View full review »
Buyer's Guide
Cisco Secure Endpoint
March 2024
Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
763,955 professionals have used our research since 2012.
Sagar Ghumare - PeerSpot reviewer
Sr. Network Engineer at a comms service provider with 201-500 employees

Because the software is doing such a good job, we barely have any recommendations in terms of what can be changed. [However], at this moment, in terms of integration with other software, that could be helpful. 

And in terms of the user experience, if the UX design could be much simpler [that would improve things]. Because I'm an engineer, I understand what I'm looking at and [for me it's] intuitive in terms of what is there and what is not. But [if] another engineer or someone at the management level or C-level is looking at the portal of the webpage, if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something. If they could improve [on that], that would be great.

View full review »
MZ
Security Manager at a wholesaler/distributor with 10,001+ employees

Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems. Today, Cisco is more than enough to protect us from the threats, or the evolving threats, using threat hunt, threat intelligence, and machine learning. We feel that in a couple of years, Cisco will lag behind if Cisco does not improve in artificial intelligence.

All these tools I am mentioning from Cisco need to be improved with AI so that it can reduce man-hours so that fewer resources need to monitor and respond. But AI is self-learning, taking self-defense, reducing the response time a lot, and also detecting not only threats and machine learning-based but abnormality-based. 

It's a little different than behavior-based protection, which currently Cisco has. AI models should keep learning and then attacking internet response immediately on top of that. We feel that Cisco needs to work a lot on the AI side, rather than sitting on threat intelligence teams, or machine learning. It is enough for today, but it will not be enough tomorrow.

View full review »
ES
Chief Commercial Officer at open line

On the firewall level, they were lagging a little bit behind, but they are running up again. I have full trust in the new 3000 series of firewalls where we would also be able to look more into the traffic that we're monitoring and get more security layers in our services. That would definitely be a big step.

View full review »
Brad Wright - PeerSpot reviewer
Principal Architect - Cybersecurity at Logicalis

One of the things that Cisco Secure Endpoint really needs is that it's not just Secure Endpoint, it's a point product, and I think we really need to move into solution-based selling, designing, and architecting. So that we're not worried about putting things on endpoints and selling 'x' amount of endpoints, but to provide a solution that covers all of the remote access and sell them as solutions that cover multiple things.

View full review »
K.O - PeerSpot reviewer
Application Manager at HNB

Like any other security tool, there's always rooms for improvement. Some of the ways the product can be improved are:

- Vendor needs to understand a one-size-fits-all approach will not work with addressing TAC cases and service requests. For "once in a blue moon" cases, most approach still sound like the engineers are acting off of a runbook. In this case the recommended solutions will not totally align with the scenario

- Since customers do not have the ability to allow or decline console updates, there have been a number of instances where the console GUI appear buggy and functionalities do not work correctly after an upgrade. This can be improved by informing customers prior to the upgrades.

Other additional features that should be improved in next releases include:

- The dashboard is great for quick visibility prior to deeper dive, however, making the dashboard more customization will improve interaction, grant the ability to filter out irrelevant outputs and encourage personalized drill-downs based on daily requirements

- Integration with enterprise monitoring applications and ticketing systems that differentiates noise, forwards events, generates tickets and have them automatically assigned to application owning group.


View full review »
RM
Director of I.T. Services at a non-tech company with 201-500 employees

This product has issues with the number of false positives that it reports. Especially when updates are released for Chrome, many detections report a virus when it really wasn't.

Another problem that I notice is that Outlook 2016 creates cache files of attachments, and when this product detects them as malware, it can't delete them. I assume this is because Outlook still has the file open. This means that I get notices about the issue but I can't do anything about it until later, after Outlook has closed them. This may not be Cisco's fault as much as it is Microsoft's fault.

View full review »
Gassan Shalabi - PeerSpot reviewer
Manager at UCloud

They could simplify the solution and make it a little bit easier to understand how things are happening or if something serious has happened. They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need.

I would also like it to update itself so that I don't need to click to make that happen. Of course, having to click is not a hard thing to do, but I would like to see things done automatically as much as possible.

View full review »
Ahmed-Dawood - PeerSpot reviewer
CEO at Oriental Weavers

Integration and dashboard are areas with certain shortcomings in Cisco Secure Endpoint.

I would like Cisco Secure Endpoint to have a better dashboard and integration with different software solutions in future releases.

View full review »
Christos Papadopoulos - PeerSpot reviewer
Software Engineer at Thessaloniki Port Authority SA

In terms of features, I don't have any areas for improvement. It has a good interface. Its reporting is also good, and the updates are very frequent. Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing.

View full review »
MM
Technical Engineer at a healthcare company with 5,001-10,000 employees

Logging could be better in terms of sending more logs to Cisco Firepower or Cisco ASA. That's an area where it could be made better.

View full review »
Eros Huso - PeerSpot reviewer
IT auditor at Tirana Bank Sh.A.

The initial implementation of Cisco Secure Endpoint can be a pain and is an area in the solution that needs improvement. After the initial implementation phase, a person gets support from Cisco, making it a solid tool.

The solution needs to improve in the area of the specific details of the threats it provides to its users.

View full review »
Felipe Guimaraes - PeerSpot reviewer
Sales Director at Samsung

It could be improved in connection with artificial intelligence and IoT.

View full review »
Kostas Karidas - PeerSpot reviewer
System Administrator at bluegr Hotels & Resorts

The pricing policy could be more competitive, similar to Cisco's offerings. Cisco recently introduced the SecureX platform, where all the different platforms are consolidated. This means you need a single account to access all the platforms, simplifying the process. However, it can still be a bit frustrating because the access isn't straightforward. There are different links for logging in, and depending on which link you use, you might encounter issues with admin rights, even if you are an admin. It seems there are some access problems during the transition and migration process, which has affected my system as well.

For instance, we had the Cisco Mail gateway, and I used to have specific links to report and configure guardian and spam checks for emails. Now, all of these have also been moved to the SecureX platform, which doesn't always function smoothly when logging in. Sometimes, I still have to log in using my old links. It's a bit inconvenient, but that's how it is.

View full review »
JG
Director of Technical Services at a educational organization with 51-200 employees

It does a great job for what it is. The user interface face could be slicker. It does not have to be flashy, but the user interface is dull.

View full review »
Berkhan Yaman - PeerSpot reviewer
Cyber ​​Security Specialist at a tech services company with 11-50 employees

Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation. It can impact the business itself, so I would suggest an improvement in that area.

View full review »
AKSHAYK - PeerSpot reviewer
Consulting & Support Region Senior Executive at Redington (India) Ltd

We must install an agent on every laptop. We do not know how to do it for the network. We shouldn’t have to install agents individually if it's a corporate network. The product does not provide options like tunnel creation or virtual appliances. If there are 2000 users and only one network administrator, installing the agent on every laptop will be time-consuming.

View full review »
CK
Engineer at Innovo

Compared to other products, Cisco Secure Endpoint has some limitations and issues, it is still catching up with competition. For example, protection for USB is fairly recent and it is still limited to Windows platforms, and there are significant differences in the product packaging and distribution for Windows and MacOS platforms.

Another area of improvement is stability.

View full review »
JA
Technical Advisor at a government with 10,001+ employees

It's pretty good as it is, but its cost could be improved.

View full review »
Buyer's Guide
Cisco Secure Endpoint
March 2024
Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
763,955 professionals have used our research since 2012.