Cisco Secure Endpoint Reviews

The primary use case is email filtering.

We are using the latest version.

I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help.

We are a Cisco shop, so it just integrates with everything else that we are doing.

I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails. It would just improve the product further. I think they are working on this, the continuous improvement aspect. 

One to three years.

The stability seems to work well.

The scalability is fine.

The technical support is sufficient. Every time that we have had an issue, we call the tech support, and they are very responsive.

We wanted to get a homogeneous environment where everything works together and is integrated well together. This was a big advantage and big driver for us.

The initial setup was straightforward.

We used Dimension Data for the deployment. The experience was positive.

This solution has helped increase staff productivity, e.g., if you get 1000 emails a day and 95 percent of those are garbage, then the savings that you receive from going through those emails is immense.

We have seen a measurable decrease in the mean time to detect or respond to threats by 90 percent, blocking a vast majority of threats. 

Seriously consider it. It blocks a lot of emails. Look at the market, do your evaluation, and pick the right solution for you.

We are fairly mature in our security program maturity, but there is always room for improvement.

I use the solution for endpoint protection.

The solution’s most valuable feature is malware protection. The solution gives me visibility with XDR about attacks and how to stop them.

Cisco Secure Endpoint is an expensive solution.

I have been using Cisco Secure Endpoint for one and a half years.

The solution is implemented on ten systems.

The solution provides good technical support.

Positive

Cisco's AI tool is better than Sophos's.

We have seen a return on investment with the solution.

I also use Cisco switches, Cisco access points, and Cisco routers. I would recommend the solution to companies with the budget to afford it.

Overall, I rate the solution an eight to nine out of ten.

The most important thing is that they're cloud-based. And Cisco has introduced Cisco Umbrella, which includes AMP, Open DNS, and they integrated certain solutions, and AMP is part of their portfolio. That's why it's adding value. 

When we're talking about anti-malware protection, AMP is a very good solution, but again, the CSO level reports are not generated. There is a dashboard, there is a report, but again, those reports have to be taken to the CSO, because when it comes to security, we always want to have high-level reports. So if we had a system that generated reports from the AMP itself, that would be great for us.

Also, the solution needs more in-depth analytics. Right now they have implemented AMP, so, monitoring is happening, but you need to see what exactly is happening, the updates and then the mode of attacks that have happened and have been prevented. An in-depth report could be generated, and it should be on a CSO level. That's the value should be added to AMP solution.

The solution's stability is perfect. It's the best. All the customers we have sold it to have been super happy. We mostly work with SMEs, small and medium-sized enterprises.

It is scalable. Since it is part of the umbrella family, it is highly scalable, and highly integrated as well.

For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors.

The initial setup was straightforward and user-friendly.

If you talk about the commercial aspect, this solution is not the Gartner one. We have a challenge because there are other solutions which are Gartner solutions, where we have competition. So we have to justify, explain, show the value propositions and then we sell are able to sell.

I would say that if you have a vision or plan for security, and want to have an integrated solution, AMP can be a very integral part of this digitization roadmap. AMP should be considered if you have digitization or a digitalization plan, which most if not all organizations are going for. So I think AMP is good for that, from the security standpoint.

I would give this solution an 8 out of 10. It has all the solutions. 

We use this solution for the malware features, to protect our network and our endpoint users. We deployed this solution for security.

The most valuable feature is signature-based malware detection. They are updating the signatures for malware from time to time.

With every protection malware, there are issues, because it takes time to detect the malware, but Cisco is very fast in detection compared to other products.

The security is awesome and they have very good features.

The GUI needs improvement, it's not good.

There are false positives in emails. At times, the emails are blocked and detected as malware when they are not.

They should work on some of the signatures because of the emails that have been blocked and detected as malware that can never be opened.

I have been using Cisco AMP for Endpoints within the last year.

Cisco AMP for Endpoints is very reliable.

I am not familiar with scalability. I have never tried to scale it.

We have more than 400 users in our organization.

We have plans to increase our usage.

Cisco has the best technical support and marketing.

The initial setup was very complex.

It will take a month to complete the deployment if you want to complete the parameters.

Licensing fees are on a yearly basis and I am happy with the pricing.

If you are looking for deep security and malware for your endpoint users and network then I would recommend Cisco AMP.

I would rate Cisco AMP for Endpoints a ten out of ten.

Endpoint security prevents malware and exploit kits coming into your mobile devices, and when you are outside the corporate network and not protected by the firewall.

Provides enhanced security, lowering IT risks, and IT operational costs by integrating with Cisco NGFW, network security and email security.

Real-time threat prevention using sandboxing, file trajectory, and retrospective security. On the prevention side, AMP has nine engines.

New feature AMP Visibility (beta) is an IR orchestration tool, where the local AMP for Endpoint Intelligence, Talos Intelligence, Threat Grid, AMP global intelligence, Umbrella Investigate, and VirusTotal are correlated. This gives a visual IR tool where you can search by file (SHA256), IP, or domain.

AMP for Endpoints is not a point solution. The AMP architecture also support ISR routers, IPSs, and NGFWs, Email and web security from Cisco is making common cloud threat architecture for all customers checkpoints.

It does not include:

• Encryption
• Decryption of local file shares
• Disks and URL filtering are done by separate product (Umbrella/OpenDNS).

Pricing can be more expensive than similar software that does less functionality, but not recognized by customers.

We're in the banking sector. We use AMP to protect security endpoints.

The ease of implementation is a very valuable aspect of the solution. It's also very user-friendly.

The reporting and analytics areas of the solution need to be improved.

The stability of the solution is perfect. I believe it's the most stable solution on the market right now.

The solution is highly scalable. It's the best part of the solution because we have done the sizing. We have focused on the sizing, which was highly scalable. And it's very clean, clear and very transparent in this area.

We're very satisfied with technical support. It's one of the best.

The initial setup was straightforward. We're well-versed in the solution, so for us, it was easy.

We handle the implementation ourselves.

We use the hybrid deployment model.

I would advise other potential users that if they are looking for a long term security solution, this particular solution is going to add value to their cybersecurity strategy. Cisco AMP is one of the solutions that adds value to your cybersecurity roadmap. It should not be considered as a solution, but rather as a strategy.

I would rate the solution nine out of ten.

The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as well. We use AMP on the endpoints for writing automated policies in order to protect the user when they join the network, for example. 

The solution's integration capabilities are excellent. It's one of the best features.

Most of my ecosystems are Cisco-based, so AMP is an easy deployment for me and an easy sale as well. There is a lot of technical documentation which is readily available. There's a lot of Cisco-based education which is really helpful in terms of various unique situations that we run into.

I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products. 

AMP works very well within the Cisco ecosystem. If it could work along with the third party ecosystem as well, if that integration or even more APIs came into play, I think we could utilize this product a little bit better.

One thing which I would like to see in terms of a major improvement would be AMP supporting the IoT infrastructure, which has been coming up in networks recently. It should also support more factory managed devices, like systems running Linux. Better support is what I'm looking for.

The common endpoints are already covered and we work very well with them. That would be the case if support is extended to new devices as well. I think that would bring real value to the table.

AMP has recently released email security and web security. If there was something like a common dashboard, similar to that of CrowdStrike, it would be useful.

AMP needs to come up with a common dashboard for all of the solutions. That single pane of information would allow us to view everything. 

Instead of installing a plugin, what we need AMP to do is run installs in the background. Then the user doesn't know that AMP is running on the system. That would be a fantastic use case or the recommendation which I would like to make, in they're looking for products and features to develop. Something like that would allow me to have a high-end deployment in place for AMP which would be ideal.

I've been using the solution for two or three years now. I have been using AMP since it was acquired as an independent company. That means I have almost five years of experience in AMP and AMP-based products.

Scalability wise, AMP is a sure shot recommendation. I would recommend it for an endpoint protection solution compared to any other product out there in the market. It's number one.

I work with small and medium-sized organizations as primary clients which I have targeted AMP on. The small users or the smaller segment within our clients are from 10 users to 500 users. And when I'm talking about medium deployment, I'm referring to users ranging from 500 to 5000 users.

The technical support has always been fantastic.

It has never been a disappointing experience to be very frank. Cisco TAC has been very helpful. I worked in the presales team as well, so there is Partner Plus which has always been favored in terms of providing us with solution-based documents as well as presentations to take to our customers.

In a couple of ways, I think we are doing a very good job in terms of the resources which are being provided as well as the support that has been designed around this product.

The initial setup is very straightforward.

I normally work with Cisco systems, as well as most of the routing and switching companies out there, like Juniper, among others.

We're partners with Cisco. I handle consultation with all Cisco products, which includes all of the safe architecture, security logging, and switching. I'm basically working with the system architecture within Compass. I am a unified, tech grade umbrella for the entire product portfolio.

I'd advise, if users are running a Cisco environment, to definitely adopt AMP as an endpoint-based solution, which makes it a lot easier for them to manage your devices.

I'd also advise that AMP works very well if someone is running a non-Cisco set up (and they're looking at an endpoint solution that works independently). However, there's a little bit of complexity in terms of getting the actual business use case, because there's less documentation surrounding that kind of setup.

In terms of rating the solution overall, I'd rate it an eight out of ten. It has covered most of the feature sets we need. The reason I'm not giving it a full ten out of ten is because there is still room to improve the scope of integration. It doesn't support many of the IoT endpoints as well as the other components on the network, which are not yet compatible but under development. Once that happens, I'd probably give it a proper ten out of ten.

We use this solution as part of our organization security.

This solution has allowed us to segment the organization to provide better security.

The most valuable features of this solution are the IPS and the integration with ISE.

In the next version of this solution, I would like to see the addition of local authentication.

Technical support for this solution is good. 

We did the integration ourselves.

We have seen ROI with this solution.

The licensing fees for this solution are paid on a yearly basis.

We chose this product based on research and for its integration with other Cisco security products.

This is a good product but there are always going to be some issues.

I would rate this solution an eight out of ten.