Most Helpful Review
Automation saves us time; forensic detailing and memory exfiltration are great for separate analysis
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Its most valuable features are its scalability and advanced threat protection for customers."
"I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help."
"For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."
"The most valuable features of this solution are the IPS and the integration with ISE."
"The simplicity of use is its most valuable feature. You can very clearly see things."
"The stability of the solution is perfect. I believe it's the most stable solution on the market right now."
"I am really satisfied with the technical support."
"It is a very stable program."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Ability to get forensics details and also memory exfiltration."
"It has certainly helped out our audit efforts because we each stay compliant in terms of various security standards."
"Technical support is very responsive. You just have to open a ticket. They respond in a timely manner. Their response is good. I'm satisfied."
"They manage to solve detection quite nicely. There is some rather elaborate detection compared to other providers."
"The most valuable feature is Click-time URL protection."
"All of the solution's features are quite valuable for us. We especially like the threat protection it provides."
"Endpoint to network protects the line."
"The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration."
"We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released."
"I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails."
"The solution needs more in-depth analytics."
"In the next version of this solution, I would like to see the addition of local authentication."
"The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"The reporting and analytics areas of the solution need to be improved."
"I would like more seamless integration."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Detections could be improved."
"An improvement could be made on the reporting because then it would be easier to collect information and submit it for compliance."
"The administration interface needs a lot of improvement. It should be UI based, and simple. They need to improve it. It's pretty much not that friendly compared to what we were using as Bitdefender before. It's okay but is improving, actually."
"It's a strange situation where the infrastructure of the consumer or customer is behind some kind of firewall and they have always used some kind of customized proxy. In this situation, the ATP has a very tough time to pass the information to the cloud and back. To fix, it requires a more elaborate and complex configuration for that particular case."
"There are limits with respect to blocking files by hash value or blocking IP addresses, and these limits should be removed."
"The cloud platform needs to have improvement in terms of the user interface and the different capabilities it has available. It needs to match the other leading next-gen EDR products that are available in the market. That's the reason why we are stepping away from Symantec. Their cloud environment is just generally lacking in comparison to others."
"Not ideal for advanced threat protection."
"Symantec appliances need improvement. The whole appliance environment is a robust system and it needs a massive amount of storage space. If you have to increase or speed up the background storage it's a pretty complicated process. The scalability and sizing is critical, and if you do it wrong you run into issues pretty quickly."
Pricing and Cost Advice
"The costs of 50 licenses of AMP for three years is around $9,360."
"The price is very good."
"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"In our case, it is a straightforward annual payment through our Enterprise Agreement."
"Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection."
"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."
"The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."
Information Not Available
"The pricing of this solution is inexpensive and affordable."
Questions from the Community
Top Answer: The solution's integration capabilities are excellent. It's one of the best features.
Top Answer: Nice to have URL management, password protection of the app, more details of the machine & user running the app.
Top Answer: The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as… more »
Top Answer: The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos'… more »
Top Answer: There are no additional costs.
Top Answer: Endpoint to network protects the line.
Top Answer: In general, improvements can be made but nothing specific. I think SonicWall and McAfee are better solutions. I think… more »
Top Answer: We use the solution for endpoint protection. I'm an infrastructure team leader and we are a customer of Symantec.
Compared 14% of the time.
Compared 11% of the time.
Compared 9% of the time.
Compared 8% of the time.
Compared 7% of the time.
Compared 33% of the time.
Compared 7% of the time.
Compared 7% of the time.
Compared 5% of the time.
Compared 2% of the time.
Compared 26% of the time.
Compared 17% of the time.
Compared 14% of the time.
Compared 8% of the time.
Compared 3% of the time.
Also Known As
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
Advanced attacks can take just minutes, if not seconds, to compromise the endpoints. First-generation endpoint detection and response (EDR) tools simply cannot keep pace. They require manual triage and responses that are not only too slow for fast moving threats but they also generate a huge volume of indicators that burden already overstretched security teams. Further, legacy EDR tools drive up the cost of security operations and can slow processes, negatively impacting business.
FortiEDR delivers advanced, real-time threat protection for endpoints both pre- and post-infection. It proactively reduces the attack surface, prevents malware infection, detects and defuses potential threats in real time, and can automate response and remediation procedures with customizable playbooks. FortiEDR helps organizations stop breaches in real-time automatically and efficiently, without overwhelming security teams with a slew of false alarms or disrupting business operations.
Symantec Advanced Threat Protection is a single unified solution that uncovers, prioritizes, and remediates advanced attacks. The product fuses intelligence from endpoint, network, and email control points, as well as Symantec’s massive global sensor network, to stop threats that evade individual security products. It leverages your existing Symantec Endpoint Protection and Symantec Email Security.cloud investments, so it does not require the deployment of any new agents. You can deploy a new installation of Symantec Advanced Threat Protection and start to discover suspicious activity in under an hour. Using the proven technology in Symantec Insight reputation based detection, Symantec SONAR behavioral analysis with the new Symantec Cynic sandbox and file analysis platform, Symantec Advanced Threat Protection provides better detection and prioritization than other vendors, allowing security analysts to “zero in” on just those specific security events of importance.
Learn more about Cisco AMP for Endpoints
Learn more about Fortinet FortiEDR
Learn more about Symantec Advanced Threat Protection
|Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank||Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ...||ECI|
Comms Service Provider7%
Comms Service Provider29%
Computer Software Company24%
Computer Software Company29%
Comms Service Provider27%
Computer Software Company20%
Comms Service Provider20%
Non Tech Company10%
Computer Software Company31%
Comms Service Provider16%
Financial Services Firm7%
No Data Available
See our list of .