![]() It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP." "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. ![]() It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us." "The entirety of our network infrastructure is Cisco and the most valuable feature is the integration." "The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great." "If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that." "The most valuable feature is signature-based malware detection." "Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. ![]() We're no longer looking at digging into information or wading through hundreds of incidents. We can then choose to take any manual actions, if we want, or start our investigation. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |