Cisco Secure Endpoint Reviews

We are delivering Cisco solutions and security services to more than 100 customers. We use AMP, which I believe is currently called Cisco Secure Endpoint. We use Umbrella, we use SecureX, we use Meraki, and we, of course, use firewalls. So, it's a very broad range of Cisco products. 

Cisco Secure solutions have improved our company in the sense that we are now moving towards being a managed service provider, which is doing what Cisco is telling about combining your network, your hosting, and your security together in one company so that you can deliver IT services in a carefree way for your customers. So, Cisco is helping us in creating that goal of carefree use of IT.

I'm very glad that for most customers, we have onboarded Cisco Secure Endpoint because it helps us a lot in solving and detecting ransomware. It's being done automatically, so you don't have to worry. It's removing that. Therefore, it is called an EDR solution. It takes care of detection and response, and it's being done automatically. In the case some handling is needed, we have a connection from Cisco Secure Endpoint towards SecureX and ServiceNow. So, we are bringing that very simply to our support engineers. If any handling is needed there, they automatically get a ticket, and they can act.

It has helped a lot in saving time because when you have an automated flow of tickets, a ticket is immediately handled by the support people. They can immediately act in ServiceNow and see what they have to do if something is detected where a manual action is still needed. There are, however, not many cases because AMP already handles a lot of responses automatically. 

We are saving a lot of money on our operational costs because people don't have to enter tickets anymore in the system. Secondly, a lot of response is being done automatically by AMP. That helps us a lot as well in saving costs because, in the past, somebody had to do it manually.

The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware.

We would like to see the protection from the start of the endpoint till the end. Nowadays, we see that working from home is quite important, so there's a need to protect the whole layer, not only the network of the customer. There is a change towards starting from the process on the endpoint and then protecting that towards the application and the data on the back end. You need to protect that whole layer, which means that you have to have something on your endpoints that can protect. Today, at the Cisco Live event, I heard that there will be an AnyConnect solution from Cisco that will help us in delivering the kinds of security solutions that customers currently want. In some cases, we use AnyConnect, but because SaaS is coming up, many of the solutions or many endpoints are using a browser to make the connection to any place, anytime, and anywhere, so you want to have a secure connection at the start. It should be on every endpoint. I've heard Cisco is developing that right now to have all endpoints, not only laptops, desktops, and tablets, but also mobile devices, connected and secure towards the application and the data at the end. We are using AnyConnect as a VPN solution, but not as a whole set, which is currently being developed by Cisco.

They can combine the platforms and the management tools so that they are a little bit simpler and easy to use.

The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers.

The quality of the product should be on top. For instance, when they are being introduced, some firewalls have some bugs, and they are known bugs. So, going to the latest version of the firewall is not always the smartest thing to do. There could be an improvement to help us go to the most modern version.

Cisco's support for their solutions is very good, but it always depends on people. We have a good account manager or service manager from Cisco, and he is helping us a lot in getting the right people from Cisco to talk to, etc. So, it's good. It's a very good arrangement. 

I'd rate them between eight and nine. I don't think that the support organization has to change, but if the tools that you have to use and the management consoles you have to use are simpler, then the support can also be much simpler, and the support department from Cisco can easily support the partners as well.

Positive

I was involved in the implementation of Cisco AMP. When we did a changeover from the traditional antivirus to AMP, I was highly involved. It was an interesting journey, and in the end, we achieved what we wanted to achieve.

It was easy in a certain way, but if you are a managed service provider, you also need to have multi-tenancy. The multi-tenancy support is within Cisco AMP. If you want to implement it, it's not always easy because you cannot do some of the things, such as specifying the policies you want to use, from the top level. You have to do them separately in every tenant, but I've heard that they are going to change it.

We have indeed seen a return on investment for the Cisco Secure solution we have implemented. We've seen the benefits in terms of earning money, but also in terms of extending our services and turnover in many cases.

The pricing and licensing of the security solutions of Cisco are very good in comparison with the competitors, but sometimes, it's difficult to see all the discounts and other kinds of things. So, you have to be careful, but the pricing is good.

I was a part of the evaluation process to go from a traditional antivirus package to a new solution called endpoint detection and response. Of course, there are only two big players, Cisco and Microsoft, in that area. We had to discuss what to do and how to deal with it. Of course, many customers have Microsoft in their workplace, but we are offering Cisco at least for the endpoint service where we have the hosting center. If they want, we can deploy AMP on the endpoints as well. However, there's something to say about the fact that you have two different kinds of EDRs. On your end-user devices, you have Defender, and on your server, you have Cisco, which makes it even more strong.

Traditionally, Cisco comes from the infrastructure. The difference between Cisco and Microsoft security solutions is that Cisco is coming from the infrastructure part, and Microsoft is coming from the data part. What you see is that Microsoft developed its solution from information, from data, and Cisco is coming from the infrastructure. It is deeper in IT. The solutions are deeper, and therefore, they sometimes might be stronger if you are only looking at the top of what's in IT. That makes it a little bit different. So, it's not about who's better or who's stronger. In some cases, they are an addition to each other.

Cisco Secure was the right solution for us. Of course, that was also because of the cost. Because we were already working together with Cisco, we chose Cisco for our hosting center and for all of our services. If the customer wants to have it on their endpoints and user devices, they could use our Cisco solution as well. If they want to have Defender, we support that as well on the endpoints of the user. 

To those evaluating Cisco Secure solution, I'd advise understanding the roadmap and the architecture of Cisco very well and seeing how it can add things. I have to mention Microsoft solutions because there is an added value on top of the Microsoft solutions, and that's what you have to look for. 

Cisco Secure solutions are currently at the level of a seven out of ten, and that's based on the fact that some management consoles are not working together, and in some of the new products, there are still, for instance, some known bugs. That's an issue that could be improved, and they are working on that.

We use Cisco Secure Endpoint primarily as a security measure for our internal teams. It's used for internal endpoint protection.

With Cisco Secure Endpoint, we now have visibility over what is happening on the endpoint side. We previously did not have any endpoint visibility, however, with this, we have clear insights across our endpoints.

The threat detection visibility and analytics data on the endpoint are very valuable. They allow us to easily drill down and see what has occurred on specific endpoints, which is immensely useful.

Previously, there were options to uninstall the agent without a password if you had admin access, and this could be improved. It may require a password for uninstalling clients, which would be helpful (if it doesn't already).

We have been using Cisco Secure Endpoint for almost two years now.

Cisco Secure Endpoint is a stable product. We haven't encountered any significant issues, and everything seems to be looking good.

The solution is very scalable. It seamlessly allows us to add actions on the dashboard without the need for additional servers.

Whenever we escalate or send an email, Cisco's support team responds promptly and continues to follow up until the issue is resolved.

Positive

We previously did not have any endpoint visibility.

The initial setup was straightforward because it is cloud-delivered. Agent installation can be done in a couple of minutes, although fine-tuning takes more time.

Our internal team handles technical support and maintenance. We don't rely on any third-party help.

Since implementing Cisco Secure Endpoint, we have significantly improved visibility into endpoint activities, which is now very useful.

I am not entirely sure about the exact licensing cost. It ranges from 2,000 to 2,500 INR annually.

We also use other vendors for certain entities.

I would recommend using Cisco Secure Endpoint for its integrated approach, covering endpoint, network security, and even cloud security, making it easier to manage all from a single platform.

I'd rate the solution nine out of ten.

We recommend the solution to our customers. The solution is used to identify the malicious content in a network. We install an agent. If any malicious content enters the laptop, the agent communicates with the AMP cloud. The AMP cloud validates everything.

The product provides sandboxing options like file reputation and file analysis.

We must install an agent on every laptop. We do not know how to do it for the network. We shouldn’t have to install agents individually if it's a corporate network. The product does not provide options like tunnel creation or virtual appliances. If there are 2000 users and only one network administrator, installing the agent on every laptop will be time-consuming.

I have been using the solution for four months.

The tool is stable.

The tool is scalable. I recommend the solution to small and large businesses.

The support is great. Other OEMs take time to provide support for configuration and technical issues. However, Cisco’s support is really fast.

Positive

We also use Cisco Umbrella. Secure Endpoint is for the security at an endpoint level. Umbrella secures the DNS traffic.

The implementation is easy. The deployment can be completed within two hours on average. The time taken for deployment depends on the corporate network.

Pricing is a big issue. Some customers find the price reasonable. Some customers do not agree with the price.

Talos is a major feature. We have STC access. We are pushing our partners and customers to purchase Cisco Umbrella and Cisco Secure Endpoint. Usually, customers are not aware of the product. They tell us that they already have an antivirus solution. We must educate them about the difference between antivirus solutions and Cisco Secure Endpoint. Overall, I rate the product a nine out of ten.

I'm the Principal Architect of Cybersecurity at Logicalis. I've been working with Cisco for thirty-something years. I started out with the military, and then as an engineer, I worked with a large data center company. We build data centers all around the world, and then I moved to the partner space for about the past ten years and have been architecting and selling Cisco Security solutions.

A good use case for Cisco Secure Endpoint is threat hunting. It's the integration with Cisco SecureX and all the other Cisco technologies to really be able to look for, hunt, find things, see how they move through their network, and find out what actually happened.

I think a large benefit of using Secure Endpoint is the ability to offload the personnel. We have a crisis in the country where we have too many jobs and there are not enough people, and using something like Secure Endpoint and integrating the Cisco ecosystem allows us to pull in all of this data into a single place and offset those people that we have to have to do the job. It allows us to do some threat hunting and make good decisions with good tools, and it's affordable. 

Secure Endpoint has decreased our time to remediate by providing the tools and the integrations we need so we can quickly look across our entire network, look for those threats, and actually make good decisions. 

Cisco Secure Endpoint provides us the scale to quickly reduce the time to find out about an event by integrating into different platforms and providing threat intelligence specifically from Talos so we could quickly find these things. Where things used to take days, we can now do things in hours. 

Cisco Secure Endpoint does a great job of allowing us to take the individual endpoint assets, do an inventory, and know what the normal state is, so we can have a delta when things change, and we can look for consistencies. And when those things change, we get alerts. We can know what's happening with those boxes. The great part about it is I was able to eliminate lots of other features of doing inventory management and spreadsheets and see what's going on. It's also allowing us to integrate all of the other secure malware antivirus-type platforms that do a single platform. And do threat hunting with that.

Five out of five times, Secure Endpoint helps every customer I talk to improve their cybersecurity resilience. It provides integrations, it provides an affordable and easy-to-implement package where we can quickly talk to customers and work with them to get a solution in place. Logicalis does a great job of taking the package and not just installing it, but doing it in a way that a customer can understand how to use that platform afterward. 

I think the feature I find most valuable at Secure Endpoint is the ability to integrate into other products and to really dig deep into what's actually happening in the network. I know it's an endpoint product, but there are so many integrations. How we can find inventory, how we can see what's going on, and we can do an analysis of that endpoint, and see how things really move through the network.

One of the things that Cisco Secure Endpoint really needs is that it's not just Secure Endpoint, it's a point product, and I think we really need to move into solution-based selling, designing, and architecting. So that we're not worried about putting things on endpoints and selling 'x' amount of endpoints, but to provide a solution that covers all of the remote access and sell them as solutions that cover multiple things.

I've been using Cisco Secure Endpoint for about ten years. I began with the single standalone product and moved into more discovery. I used Cisco SecureX, to really utilize Secure Endpoint technology, Orbital, and all of that package to look for threats and hunt for different malware and things on the network. 

Cisco Secure Endpoint has been around for a long time. I see it only integrating more into Cisco's platform and product line. It'll be a cornerstone of a lot of the threat-hunting stuff that Cisco's working on at Cisco Secure.

We install Cisco Secure Endpoint. Our customers are in healthcare, manufacturing, and large enterprises anywhere from three hundred endpoints all the way up to multiple tens of thousands. I think Cisco SecurePoint does a great job of scalability, and really providing access to enterprises and companies of any size.

Cisco support is world-class in general. They do a great job. I don't think anyone else in the industry really compares in the responsiveness and the ability to help. A lot of companies, if you call them for help with the problem, they're going to tell you it's not their problem. Cisco at least will help. That goes a long way with a lot of people. 

I give Cisco support a ten out of ten. I think they're fabulous, and I've never had an issue.

Positive

Secure Endpoint is a great product. It provides integrations into so many of the Cisco ecosystems. One of the better things that I like about the product is that there is this whole ecosystem. I talk about XDR when I talk to my customers because I like to tell them to do outcome-driven selling or outcome-driven processes, and that outcome is XDR. I want to be able to have the customers that have some toolsets that they can look at their entire security infrastructure, the whole perspective, and get an outcome and know what's going on.

Secure Endpoint provides those integrations. We see things from Microsoft customers like Defender. It's a great product too. I think that it doesn't do as great a job right now integrating with other products, but it's all over the place. So it's one of those things where we have to figure out how it works. Most Windows boxes, even if you have Secure Endpoint on it, it also has Microsoft Defender on it as well. I think SecurePoint plays really well with that type of technology. 

I talked to a lot of customers and a lot of them get a good return on investment with Secure Endpoint. They're limited in the capacity of the manpower that they have in those resources, and Secure Endpoint allows them to do those integrations and not just deal with alert fatigue. It provides valuable information that they can make good actual decisions on.

Secure Endpoint has a great price model. It's easily available, there are different levels that can quickly be consumed. I think that being able to bundle it into the EA, and including those bundles will really enhance those cells and provide a lot more outcome.

I give Cisco your endpoint, a ten out of ten. It's a fabulous product. It is really to me one of the cornerstones of the Cisco Security Platform. When we talk about the six pillars of security, having a solid endpoint solution is one of those every single time.

Our primary use case is general antivirus protection.

This product was deployed to a number of Windows machines, and we also have a VMware environment.

The product gives greater visibility of malware being downloaded by my clientele. In a more general fashion, Cisco Secure Endpoint has helped to prioritize threats. It has allowed us to make more effective use of our security team members.

Another advantage is that it has improved the effectiveness of our security options. We now have better response times when dealing with outbreaks.

We have decreased our time to detection, although it is difficult to say by how much because we weren't detecting all of the malware in the past.

It is reasonably easy to remediate issues using Cisco Secure Endpoint. In part, this is because I don't have to visit the physical machines to remediate them. As such, the time it takes for remediation has been decreased. 

This solution accelerates threat hunting by automatically promoting endpoint incidents to the Cisco SecureX platform, which is something that is fairly important to us.

Our systems are monitored by this product, and if threats are detected then the systems are shut down before problems arise. This is something that is fairly important to our organization.

This product has issues with the number of false positives that it reports. Especially when updates are released for Chrome, many detections report a virus when it really wasn't.

Another problem that I notice is that Outlook 2016 creates cache files of attachments, and when this product detects them as malware, it can't delete them. I assume this is because Outlook still has the file open. This means that I get notices about the issue but I can't do anything about it until later, after Outlook has closed them. This may not be Cisco's fault as much as it is Microsoft's fault.

I have been working with Cisco Secure Endpoint for less than a year.

In my experience, this product is very stable.

This is a fairly scalable solution.

We deployed it to all of our Windows devices. A team consisting of fewer than 10 people receives alerts from the product when there is an issue. The team will follow up on the incidents and any remediation.

At this point, we have no plans to increase our usage.

I have not needed to use Cisco technical support for this product. I am usually happy with their support, so I'm assuming that for this product it will be roughly the same.

Prior to using this product, I did not have other agents in place to handle the same job. We had implemented Microsoft Defender for Endpoint but that doesn't really have any reporting tools.

We switched away from Defender because we needed better visibility. There really wasn't any.

The initial setup was fairly straightforward. It might have been complex for somebody that hasn't been doing this type of thing for as long as I have. For example, not a lot of people understand deploying things via group policies. In my case, however, I have a lot of experience and it wasn't complicated.

The deployment was done in-house, by me. I did not use any external help for the implementation.

We purchased the product through a reseller, CDW, and our experience with them was straightforward. There were fairly easy to deal with.

It does not require regular maintenance or monitoring. I receive alerts when they happen but I don't actively monitor it. When an alert happens, an email is sent to a small team of fewer than 10 people.

The pricing and licensing fees are okay. As a school, we do not have quite as much funding as a private business might. I wish that there were more of a discount available for educational uses.

Before choosing Cisco Secure Endpoint, we didn't thoroughly investigate or evaluate other options. We are a Cisco shop and we generally lean toward using Cisco products.

My advice for anybody who is considering this solution is that all of their security products should come from the same vendor. This way, your dashboard can be set up to monitor all of them. In my case, because we're a Cisco shop, this product makes sense for us.

The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected.

I would rate this solution an eight out of ten.

I use the solution in my company to protect our Windows and Mac devices.

The most valuable features of the solution are its ease of use, simple management of dashboards, and constant updates.

It cannot currently block URLs over websites. From an improvement perspective, I want the tools to have the ability to block URLs over websites from a threat prevention point of view so that everything stays protected.

The product needs to offer better integration capabilities.

I have been using Cisco Secure Endpoint for two and a half years.

It is a totally stable solution. Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a ten out of ten.

Around 20 to 30 people use the product in my company.

The product is used extensively in my company.

The plan to increase the solution usage depends on the company's decision.

The product's initial setup phase was very simple.

The solution is deployed on the cloud model.

In terms of the time needed for the deployment process, my company requires one or two hours to upgrade the tool on our twenty machines.

One or two people who are engineers are required to deploy and maintain the solution.

The return on investment is fine. My company only looks at how the product can offer security.

You must make monthly payments towards the licensing charges attached to the product. There are no extra charges apart from the standard licensing fees associated with the product.

In the past, I have used ESET and Symantec in my company. The protection offered by Cisco is much better than that offered by ESET and Symantec.

I never used the tool's threat-hunting capability to see its impact on our company's security posture.

I have integrated Cisco Secure Endpoint with other security tools from Cisco, and I see that it has been great.

I recommend the product to those who plan to use it.

The product is reliable and stable. It also provides up-to-date security based on ongoing trends.

The benefits from the use of the product revolves around the fact that it helps our company to be secured, especially in a scenario where constant attacks happen on other companies.

If I consider the current trends in the cybersecurity world, I can say that the product offers main features that provide functionalities of an anti-virus solution.

I rate the overall tool a nine out of ten.

Cisco Secure Endpoint has improved our speed of response and the level of confidence we have that we are in good shape or are not in good shape.

Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts.

I've been using Cisco Secure Endpoint for three years.

It's very stable.

We haven't had any issues at all with the scalability. We're a global enterprise with between 1,500 and 1,700 users and we use it on servers, Macs, and PCs.

The technical support is good.

We've already got SHI and Cisco reps on top of us, and that's a lot of the reason why everything is so good.

Positive

We were looking to replace Microsoft Defender, which really just wasn't cutting it. Before Defender, we used Kaspersky. We needed to go to an EDR solution and we were already a Cisco-centric company, so it made sense to go into a unified environment.

It was straightforward. We just rolled out the agent to all the endpoints. It took just a couple of people, one security person and one person for the tool that pushed it out to Windows devices.

If I didn't have someone else taking care of the licensing, I would say that the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out.

There are a lot of pieces that roll into the pricing issue. For Cisco Secure Endpoint, with our Cisco EA, the pricing seems reasonable compared to the others. But when we get to solutions like Duo and we think that with our Microsoft agreement their MFA is "free," it's not exactly free. But without our EA, Duo would cost so much more. It feels a little bit like nickel and dime sometimes, but I get it.

We looked at CrowdStrike and Carbon Black. All the solutions had great value, but we went with Cisco because we were with Cisco for networking quite a bit. Also, our overall direction was to look at SASE, and with some of the other things, they all just started coming together. It made a lot of sense to stay in one environment for functionality.

Traditionally you'll see the industry reviews talk about Cisco Secure Endpoint as typically in Cisco environments, but I'd tell the CrowdStrike users and other folks to take a look. It's an interesting solution and it provides a lot of value.

Cyber security resilience has been extremely important for our organization. Cisco Secure Endpoint has stopped a few things. I don't know whether other avenues of defense in depth would have caught them or not, but the resilience of depth and the ability to keep moving, even after an event, keep the rest of our business productive.

The Cisco environment has been perfect. When there is an event in the news that I know my leaders are going to be reading about, in 10 minutes I can check my environment to see if I have any indicators of compromise, and I'm done.

We saw this product with a partner. We installed it and configured it properly along with our antivirus solution. We monitor it almost every day to see what's going on. Up till now, we are very happy with the performance.

We check every day if there are any indicators of compromise, if there are any workstations that need particular attention, or if there are any peculiar or strange events.

The main benefit is that we have visibility on the network. With the combination of Cisco Secure Endpoint and our antivirus, we feel a little bit more secure. We have better monitoring of and overview of what's going on in the network.

It's reliable. It's doing most of the jobs for us, so we don't have to worry. We check it for just 15 minutes per day to be sure that everything is fine.

It doesn't save time, but we feel more confident that everything is okay on the network. It improves our security posture.

It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted.

It's able to detect and help remediate threats. So far, my experience is very good. I trust this product. It's quite simple, fast, and reliable. The dashboard and reporting are also quite good.

In terms of features, I don't have any areas for improvement. It has a good interface. Its reporting is also good, and the updates are very frequent. Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing.

We have been using this solution for more than a year and a half.

It's reliable. We haven't had any problems so far.

It's easy to scale.

It has been excellent so far. We don't have any problems. I'd rate them a nine out of ten.

Positive

It's the first time we are using this kind of product. We didn't use any other product previously. 

It was quite easy for us. It probably took us three days.

We have a lot of partners, but Netbull is our partner in Greece for Cisco Secure Endpoint.

Its price is fair for us.

We didn't evaluate other products. We had seen this product before. We discussed it with our partners, and we just went for it. Our main thought was to go with a product and brand that we can trust. All our core network is Cisco, so this was the product that came straight into our head.

I'd rate Cisco Secure Endpoint a nine out of ten. It's excellent.