We use this solution to protect our IT environment. We use it to secure our user endpoints.
Engineer at Innovo
A security solution to protect the endpoints with centralized management
Pros and Cons
- "The console feature gives a centralized management of what's going on, and if something happens, it gives you an alert. So, that's the most important feature for me."
- "It is not very stable because we have new versions four times a year, which fixes bugs. We had some problems with some deployments."
What is our primary use case?
How has it helped my organization?
It gives awareness of our users' security posture.
What is most valuable?
The console feature gives a centralized management of what's going on, and if something happens, it gives you an alert. That's the most important feature for me.
What needs improvement?
Compared to other products, Cisco Secure Endpoint has some limitations and issues, it is still catching up with competition. For example, protection for USB is fairly recent and it is still limited to Windows platforms, and there are significant differences in the product packaging and distribution for Windows and MacOS platforms.
Another area of improvement is stability.
Buyer's Guide
Cisco Secure Endpoint
March 2025

Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,690 professionals have used our research since 2012.
For how long have I used the solution?
I have been using Cisco Secure Endpoint for two years.
What do I think about the stability of the solution?
We had a couple of deferred releases this year.
I rate the solution’s stability a seven out of ten.
What do I think about the scalability of the solution?
Our deployment is very small. We only have a few dozen endpoints. So I can't really say if it scales well to a large number of endpoints. However, it seems like it could scale well so, the solution could be easy to scale up as needed.
How are customer service and support?
The customer support team solves the problems, but it takes a while to contact them.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup is straightforward.
What about the implementation team?
What other advice do I have?
Overall, I rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner

Solution Architect / Presales Engineer at a comms service provider with 1,001-5,000 employees
Offers a good scope and a good ability to shut attacks down then go back and see what happened
Pros and Cons
- "The simplicity of use is its most valuable feature. You can very clearly see things."
- "The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."
- "In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
What is our primary use case?
I use the public cloud deployment model. I have installed the license, the software, on my VM and it is being managed by Cisco Cloud.
My primary use case for this solution is to test it against malicious links and for encryption and decryption.
What is most valuable?
The simplicity of use is its most valuable feature. You can very clearly see things. You have the ability to go back in time and get details, where the malware started, what happened and where it went from the minute it got in. It offers a good scope and a good ability to shut it down then go back and see what happened.
What needs improvement?
It should be doing backups. Every stage that this malware is going forward, it should snapshot the situation. Then I could go back to the first stage before it got infected. It doesn't have this option, and I know that other manufacturers have it, like Check Point, for example.
In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened.
For how long have I used the solution?
I have been using AMP for Endpoints for three months.
What do I think about the stability of the solution?
The stability is good.
What do I think about the scalability of the solution?
I haven't needed to scale up yet but from what I see it's supposed to be easy. My organization sells this solution. We provide the service and management of the environment of our clients.
It only requires one staff member for deployment and maintenance.
I'm looking to expand the usage. I offer this solution to almost every endpoint SMB client. I'm looking to establish a faster solution and I meet with clients to discuss their network security.
How are customer service and technical support?
We haven't needed to contact their technical support because we've never had a problem that we couldn't resolve ourselves.
Which solution did I use previously and why did I switch?
We were previously using Check Point Sandblast Agent. We switched because it wasn't as stable as this one. We had some problems with it and we needed to contact their support and it wasn't so good. I would get tough questions from my clients so eventually I told them that we would look into other solutions.
We also work with Fortinet but I prefer AMP.
How was the initial setup?
The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device.
The deployment took around fifteen to twenty minutes.
What about the implementation team?
I deployed it myself. I am the consultant who does the deployments.
What's my experience with pricing, setup cost, and licensing?
The costs of 50 licenses of AMP for three years is around $9,360. There are no additional costs.
What other advice do I have?
Just purchase the license, download it, install it to an active device, the main controller, and send it to everyone. My advice is that you need to delete your existing endpoint security solution because AMP actually contains everything that you need. Those two softwares can attack each other which can be a problem.
I would rate it a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Buyer's Guide
Cisco Secure Endpoint
March 2025

Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,690 professionals have used our research since 2012.
Cyber Security Specialist at a tech services company with 11-50 employees
Multi-layered protection that allows complete visibility and control with significant limitation in speed
Pros and Cons
- "It provides real-time visibility and control over endpoints, allowing its users to promptly respond to any security incidents and remediate any vulnerabilities."
- "Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation."
What is our primary use case?
We use it to deliver the best endpoint protection and control for our clients. We offer them MSSP services for their products, so they are assured that their product is fully visible and protected.
How has it helped my organization?
It offers advanced threat protection by using machine learning to prevent any possible cyber threat, including malware and ransomware. We get complete real-time visibility and control over the system, so it is easy to track any possible data breaches. You can see on the report what kind of tactic was used and at what time. It provides a comprehensive security posture for our company.
What is most valuable?
It provides real-time visibility and control over endpoints, allowing its users to promptly respond to any security incidents and remediate any vulnerabilities.
What needs improvement?
Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation. It can impact the business itself, so I would suggest an improvement in that area.
For how long have I used the solution?
I have used this product for seven months.
What do I think about the stability of the solution?
I am highly satisfied with the stability. I would rate it nine out of ten.
What do I think about the scalability of the solution?
It offers good scalability. I would rate it eight out of ten.
How are customer service and support?
They provide good customer service and support. I would rate it eight out of ten.
How would you rate customer service and support?
Positive
What about the implementation team?
The deployment process is seamless and fast. After the suitable option is selected and downloaded, it only takes a few steps to complete it and deploy it. The efficiency and promptness of the process greatly depend on the performance of the computer.
What's my experience with pricing, setup cost, and licensing?
It is quite cost-effective. I would rate it ten out of ten.
What other advice do I have?
It is a very good product overall, it provides multi-layered protection, but its promptness is challenged, so that is something that should be worked on. I would rate it eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer:
Senior IT System Administrator at ScanPlus GmbH
Great secure threat hunting and threat response with continuous product improvements happening
Pros and Cons
- "The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
- "We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
What is our primary use case?
AMP 4 Endpoints protect our workstation (ca 300), our VDI environment (ca 250), and our servers (ca 50).
The old product was from Trend Micro and was just a simple antivirus solution. It was ok, but it was just an antivirus. We needed something more than just an antivirus that is used by every end-user. We were looking for a tool can we trust, and something that can schedule some things, implement scripts, analyze malware, perform advanced scans, etc. Our company, as an ISP for many customers, has to be protected from vulnerabilities.
How has it helped my organization?
First of all, we performed a PoV (Proof of Value) together with our Cisco partners, and we tested about a few months the efficacy and complexity of this product.
After the evaluation of the cost and security that AMP 4 Endpoints could offer, we decided to replace the old solution with AMP 4 Endpoints. The implementation was performed, with support from Cisco partners, in a few hours. In the following days, AMP 4 Endpoints found many things that the old antivirus solution missed. That was a very huge advantage for us.
What is most valuable?
Since we booked the Premier License, the most valuable features, in my opinion, are
- Secure Threat Hunting to have a specialized team to support in analyzing complex attacks. That could help us to learn about new technics
-
Threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files. Nobody wants to run a dangerous file in his network, for that Threat Grid is important for us.
- Threat Response that offers the possibility of help on logs, IPs, domains, etc. to perform investigations into our and global infrastructure. Sometimes we want to see if a malicious file was run in our network, for that Threat Response take this job to search and save us alot of time.
What needs improvement?
Actually, we don't need others features or improvements of this product. It is a complex product and offers us exactly what we need - security and trust.
We chose Cisco because we wanted security and trust. That is what we needed from Cisco, and what our customers expected from us.
We are using many Cisco products, and, with every new product, every new feature, the trust in Cisco security is growing.
We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way.
For how long have I used the solution?
We have been using the AMP 4 Endpoints in the Test Environment since November 2020 and implemented them in the production environment since March 2021.
Which solution did I use previously and why did I switch?
We used Trend Micro and when we tested AMP 4 Endpoints we saw its value immediately.
What's my experience with pricing, setup cost, and licensing?
I'd advise users to book the premier license and to have access to all the features that AMp 4 Endpoints has on offer.
Which other solutions did I evaluate?
There was no other option; we wanted the Cisco solution immediately.
What other advice do I have?
Everything is working fine.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Security Services Owner at Atea AS
Its most valuable features are its scalability and advanced threat protection for customers
Pros and Cons
- "Its most valuable features are its scalability and advanced threat protection for customers."
- "We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released."
What is our primary use case?
We are trying to provide managed security services. This solution would be part of those managed security services.
How has it helped my organization?
We are on proof of concept phase and will see how it works.
I hope it will help decrease mean time to detect and respond, because it provides scalability, and we could make an efficient, effective service providing it for customers.
What is most valuable?
- Scalability
- Ability to integrate with SIEM.
- Advanced threat protection for customers.
What needs improvement?
We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released. We are looking forward to it because it's important for us to integrate the product with a SIEM solution in order to provide our customers a good, robust solution.
It needs major improvement with its ease of integration.
For how long have I used the solution?
Trial/evaluations only.
What do I think about the stability of the solution?
So far, so good.
What do I think about the scalability of the solution?
The scalability is good.
How are customer service and technical support?
We have not had any technical cases.
Which solution did I use previously and why did I switch?
We are providing our customers multiple solutions depending on their needs. So, it's more like what our customer needs. We could go with Cisco or maybe we could with another vendor (we will see). Right now, we are quite satisfied with Cisco.
How was the initial setup?
For what we have already set up, the process has been straightforward.
What was our ROI?
We are estimating 5 to 10 percent staff productivity increases.
What's my experience with pricing, setup cost, and licensing?
Our partner in Norway does the price negotiation.
Which other solutions did I evaluate?
We are looking for cost-effective, efficient solutions for our customers, and Cisco happens to be one of the vendors who fits into that scope.
Microsoft is another vendor who offers a similar licensing model for this type of solution. There is also McAfee and Trend Micro. It depends on the customer's requirements.
What other advice do I have?
We have some mature security services, like anti-malware. We are looking to broaden our service portfolio and are on the first steps to climb further.
You should always assess your customers' needs. Once you get that information, you just look for respective vendors.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
System Engineer at a financial services firm with 1,001-5,000 employees
A stable component of our network infrastructure security
Pros and Cons
- "The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
- "I would like to see integration with Cisco Analytics."
What is our primary use case?
We are system integrators and we use this product for DNS security, which is integrated with the DNS service.
How has it helped my organization?
Cisco AMP is the broadest, most integrated security platform that connects the breadth of Cisco's integrated security portfolio and the customer's infrastructure for a consistent experience. It unifies visibility, enables automation, and strengthens your security across network, endpoints, cloud, and applications--all without replacing your current security infrastructure or layering on new technology.
What is most valuable?
The entirety of our network infrastructure is Cisco and the most valuable feature is the integration.
What needs improvement?
I would like to see integration with Cisco Analytics.
For how long have I used the solution?
We have been using the total Cisco solutions including AMP for Endpoints, Umbrella, and Firepower for three years.
What do I think about the stability of the solution?
This is a stable product.
What do I think about the scalability of the solution?
This solution is scalable.
How are customer service and technical support?
I have contacted them in the past to raise a case and they were able to resolve it.
Which solution did I use previously and why did I switch?
We use the traditional antivirus, its don't able to protects real time protection don't have firewall integration.
How was the initial setup?
The initial setup involves integration with other products such as Talos. The deployment took us about one day.
Which other solutions did I evaluate?
Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world.These teams are supported by unrivaled telemetry and sophisticated systems to create accurate, rapid and actionable threat intelligence for Cisco customers, products and services.
What other advice do I have?
I began with implementing Cisco AMP for Endpoints and then integrated Umbrella and the other products after that.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Service Security Lead at Salam Technology
Good sandboxing features but the technical support could be better
Pros and Cons
- "It is a very stable program."
- "The technical support is very slow."
What is our primary use case?
We mainly use this program for our business operations.
What is most valuable?
The feature I find most valuable is the sandboxing.
What needs improvement?
I think there should be better support and I would also like to see an easier implementation of the solution. The support should be cheaper and more available during the implementation stage. It would be great if they could have support teams that involve an AMP team because there's a specific team for AMP.
For how long have I used the solution?
I have been using Cisco AMP for Endpoints for around three years now.
What do I think about the stability of the solution?
Cisco AMP for Endpoints has been very stable so far.
What do I think about the scalability of the solution?
I believe the solution is scalable. We have around 200 end users working on this program, and then we have a team of 15 that is responsible for technical and maintenance issues.
How are customer service and technical support?
I will rate the technical support a six out of ten because their response time was very slow. Not as fast as they used to be.
Which solution did I use previously and why did I switch?
We also use Micro, so we use two programs simultaneously.
How was the initial setup?
I did the initial setup myself and it was really easy and straightforward.
What other advice do I have?
I will recommend this solution to others. I would, however, like to see better features and implementation to cover some points. It would be nice if they could add more protocols to support encrypted files, and be able to inspect an encrypted file, or at least be able to support that. Better and faster technical support is also necessary.
On a scale from one to 10, I rate this solution a seven.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Chief Information Officer at Sacramento County
The sheer volume of the number of emails that it blocks has increased staff productivity
Pros and Cons
- "I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help."
- "I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails."
What is our primary use case?
The primary use case is email filtering.
We are using the latest version.
How has it helped my organization?
I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help.
What is most valuable?
We are a Cisco shop, so it just integrates with everything else that we are doing.
What needs improvement?
I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails. It would just improve the product further. I think they are working on this, the continuous improvement aspect.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
The stability seems to work well.
What do I think about the scalability of the solution?
The scalability is fine.
How are customer service and technical support?
The technical support is sufficient. Every time that we have had an issue, we call the tech support, and they are very responsive.
Which solution did I use previously and why did I switch?
We wanted to get a homogeneous environment where everything works together and is integrated well together. This was a big advantage and big driver for us.
How was the initial setup?
The initial setup was straightforward.
What about the implementation team?
We used Dimension Data for the deployment. The experience was positive.
What was our ROI?
This solution has helped increase staff productivity, e.g., if you get 1000 emails a day and 95 percent of those are garbage, then the savings that you receive from going through those emails is immense.
We have seen a measurable decrease in the mean time to detect or respond to threats by 90 percent, blocking a vast majority of threats.
What other advice do I have?
Seriously consider it. It blocks a lot of emails. Look at the market, do your evaluation, and pick the right solution for you.
We are fairly mature in our security program maturity, but there is always room for improvement.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Cisco Secure Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
Endpoint Protection Platform (EPP) Endpoint Detection and Response (EDR) Cisco Security PortfolioPopular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
SentinelOne Singularity Complete
Cortex XDR by Palo Alto Networks
Fortinet FortiClient
Symantec Endpoint Security
Trend Vision One Endpoint Security
Trellix Endpoint Security
Intercept X Endpoint
Kaspersky Endpoint Security for Business
HP Wolf Security
ESET Endpoint Protection Platform
Check Point Harmony Endpoint
Buyer's Guide
Download our free Cisco Secure Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What's the best way to trial endpoint protection solutions?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Which ransomware is the biggest threat in 2020?
- Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?
- What is the best solution for ransomware attack?