The most important thing is that they're cloud-based. And Cisco has introduced Cisco Umbrella, which includes AMP, Open DNS, and they integrated certain solutions, and AMP is part of their portfolio. That's why it's adding value.
Deputy General Manager (GM) at Oregon Systems
Cloud-based, highly scalable and highly integrated
Pros and Cons
- "For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."
- "The solution needs more in-depth analytics."
What is most valuable?
What needs improvement?
When we're talking about anti-malware protection, AMP is a very good solution, but again, the CSO level reports are not generated. There is a dashboard, there is a report, but again, those reports have to be taken to the CSO, because when it comes to security, we always want to have high-level reports. So if we had a system that generated reports from the AMP itself, that would be great for us.
Also, the solution needs more in-depth analytics. Right now they have implemented AMP, so, monitoring is happening, but you need to see what exactly is happening, the updates and then the mode of attacks that have happened and have been prevented. An in-depth report could be generated, and it should be on a CSO level. That's the value should be added to AMP solution.
For how long have I used the solution?
I've been using the solution for 4 years.
What do I think about the stability of the solution?
The solution's stability is perfect. It's the best. All the customers we have sold it to have been super happy. We mostly work with SMEs, small and medium-sized enterprises.
Buyer's Guide
Cisco Secure Endpoint
April 2025

Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,475 professionals have used our research since 2012.
What do I think about the scalability of the solution?
It is scalable. Since it is part of the umbrella family, it is highly scalable, and highly integrated as well.
How are customer service and support?
For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors.
How was the initial setup?
The initial setup was straightforward and user-friendly.
What's my experience with pricing, setup cost, and licensing?
If you talk about the commercial aspect, this solution is not the Gartner one. We have a challenge because there are other solutions which are Gartner solutions, where we have competition. So we have to justify, explain, show the value propositions and then we sell are able to sell.
What other advice do I have?
I would say that if you have a vision or plan for security, and want to have an integrated solution, AMP can be a very integral part of this digitization roadmap. AMP should be considered if you have digitization or a digitalization plan, which most if not all organizations are going for. So I think AMP is good for that, from the security standpoint.
I would give this solution an 8 out of 10. It has all the solutions.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.

System Engineer at a financial services firm with 1,001-5,000 employees
A stable component of our network infrastructure security
Pros and Cons
- "The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
- "I would like to see integration with Cisco Analytics."
What is our primary use case?
We are system integrators and we use this product for DNS security, which is integrated with the DNS service.
How has it helped my organization?
Cisco AMP is the broadest, most integrated security platform that connects the breadth of Cisco's integrated security portfolio and the customer's infrastructure for a consistent experience. It unifies visibility, enables automation, and strengthens your security across network, endpoints, cloud, and applications--all without replacing your current security infrastructure or layering on new technology.
What is most valuable?
The entirety of our network infrastructure is Cisco and the most valuable feature is the integration.
What needs improvement?
I would like to see integration with Cisco Analytics.
For how long have I used the solution?
We have been using the total Cisco solutions including AMP for Endpoints, Umbrella, and Firepower for three years.
What do I think about the stability of the solution?
This is a stable product.
What do I think about the scalability of the solution?
This solution is scalable.
How are customer service and technical support?
I have contacted them in the past to raise a case and they were able to resolve it.
Which solution did I use previously and why did I switch?
We use the traditional antivirus, its don't able to protects real time protection don't have firewall integration.
How was the initial setup?
The initial setup involves integration with other products such as Talos. The deployment took us about one day.
Which other solutions did I evaluate?
Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world.These teams are supported by unrivaled telemetry and sophisticated systems to create accurate, rapid and actionable threat intelligence for Cisco customers, products and services.
What other advice do I have?
I began with implementing Cisco AMP for Endpoints and then integrated Umbrella and the other products after that.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Cisco Secure Endpoint
April 2025

Learn what your peers think about Cisco Secure Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,475 professionals have used our research since 2012.
Technical Advisor at a government with 10,001+ employees
Great support, reliable, and makes our network more secure
Pros and Cons
- "The product itself is pretty reliable. The security features that it has make it reliable."
- "It's pretty good as it is, but its cost could be improved."
What is our primary use case?
We're using it for endpoint security for users and to make sure that no vulnerabilities exist.
How has it helped my organization?
Cisco Secure Endpoint has improved our security boundary. It makes our network more secure.
Cisco Secure Endpoint has decreased our time to remediate and time to detect, but I don't have the metrics.
Cisco Secure Endpoint has improved our cybersecurity resilience.
What is most valuable?
The product itself is pretty reliable. The security features that it has make it reliable.
What needs improvement?
It's pretty good as it is, but its cost could be improved.
For how long have I used the solution?
We have been using Cisco Secure Endpoint for three to four years.
What do I think about the stability of the solution?
It's pretty reliable.
What do I think about the scalability of the solution?
I haven't had to scale it at all, but I would hope it's scalable.
How are customer service and support?
It's great. I never had any problems getting through or contacting tech support. I'd rate them an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We used McAfee. We switched because we're more Cisco-reliant, and the product suits us better.
How was the initial setup?
I wasn't involved in its setup.
What was our ROI?
I personally have not seen an ROI.
What other advice do I have?
I would definitely weigh it with its competitors. The best bang for the buck in the technology is Cisco Secure Endpoint.
I would rate Cisco Secure Endpoint an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sales Engineer at Phoenyx Commtech Pvt. Ltd.
Used for endpoint protection and malware protection
Pros and Cons
- "The solution’s most valuable feature is malware protection."
- "Cisco Secure Endpoint is an expensive solution."
What is our primary use case?
I use the solution for endpoint protection.
What is most valuable?
The solution’s most valuable feature is malware protection. The solution gives me visibility with XDR about attacks and how to stop them.
What needs improvement?
Cisco Secure Endpoint is an expensive solution.
For how long have I used the solution?
I have been using Cisco Secure Endpoint for one and a half years.
What do I think about the scalability of the solution?
The solution is implemented on ten systems.
How are customer service and support?
The solution provides good technical support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Cisco's AI tool is better than Sophos's.
What was our ROI?
We have seen a return on investment with the solution.
What other advice do I have?
I also use Cisco switches, Cisco access points, and Cisco routers. I would recommend the solution to companies with the budget to afford it.
Overall, I rate the solution an eight to nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network security engineer at a tech services company with 1,001-5,000 employees
Secure, feature-rich reliable protection, and offers the best technical support
Pros and Cons
- "The most valuable feature is signature-based malware detection."
- "The GUI needs improvement, it's not good."
What is our primary use case?
We use this solution for the malware features, to protect our network and our endpoint users. We deployed this solution for security.
What is most valuable?
The most valuable feature is signature-based malware detection. They are updating the signatures for malware from time to time.
With every protection malware, there are issues, because it takes time to detect the malware, but Cisco is very fast in detection compared to other products.
The security is awesome and they have very good features.
What needs improvement?
The GUI needs improvement, it's not good.
There are false positives in emails. At times, the emails are blocked and detected as malware when they are not.
They should work on some of the signatures because of the emails that have been blocked and detected as malware that can never be opened.
For how long have I used the solution?
I have been using Cisco AMP for Endpoints within the last year.
What do I think about the stability of the solution?
Cisco AMP for Endpoints is very reliable.
What do I think about the scalability of the solution?
I am not familiar with scalability. I have never tried to scale it.
We have more than 400 users in our organization.
We have plans to increase our usage.
How are customer service and technical support?
Cisco has the best technical support and marketing.
How was the initial setup?
The initial setup was very complex.
It will take a month to complete the deployment if you want to complete the parameters.
What's my experience with pricing, setup cost, and licensing?
Licensing fees are on a yearly basis and I am happy with the pricing.
What other advice do I have?
If you are looking for deep security and malware for your endpoint users and network then I would recommend Cisco AMP.
I would rate Cisco AMP for Endpoints a ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Solution Sales Specialist at a tech services company with 5,001-10,000 employees
Real-time threat prevention using sandboxing, file trajectory, and retrospective security
Pros and Cons
- "Real-time threat prevention using sandboxing, file trajectory, and retrospective security."
- "It does not include encryption and decryption of local file shares."
What is our primary use case?
Endpoint security prevents malware and exploit kits coming into your mobile devices, and when you are outside the corporate network and not protected by the firewall.
How has it helped my organization?
Provides enhanced security, lowering IT risks, and IT operational costs by integrating with Cisco NGFW, network security and email security.
What is most valuable?
Real-time threat prevention using sandboxing, file trajectory, and retrospective security. On the prevention side, AMP has nine engines.
New feature AMP Visibility (beta) is an IR orchestration tool, where the local AMP for Endpoint Intelligence, Talos Intelligence, Threat Grid, AMP global intelligence, Umbrella Investigate, and VirusTotal are correlated. This gives a visual IR tool where you can search by file (SHA256), IP, or domain.
AMP for Endpoints is not a point solution. The AMP architecture also support ISR routers, IPSs, and NGFWs, Email and web security from Cisco is making common cloud threat architecture for all customers checkpoints.
What needs improvement?
It does not include:
- Encryption
- Decryption of local file shares
- Disks and URL filtering are done by separate product (Umbrella/OpenDNS).
For how long have I used the solution?
Less than one year.
What's my experience with pricing, setup cost, and licensing?
Pricing can be more expensive than similar software that does less functionality, but not recognized by customers.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Excellent scalability with good integration capabilities and easy to deploy in Cisco ecosystems
Pros and Cons
- "The solution's integration capabilities are excellent. It's one of the best features."
- "I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
What is our primary use case?
The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as well. We use AMP on the endpoints for writing automated policies in order to protect the user when they join the network, for example.
What is most valuable?
The solution's integration capabilities are excellent. It's one of the best features.
Most of my ecosystems are Cisco-based, so AMP is an easy deployment for me and an easy sale as well. There is a lot of technical documentation which is readily available. There's a lot of Cisco-based education which is really helpful in terms of various unique situations that we run into.
What needs improvement?
I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products.
AMP works very well within the Cisco ecosystem. If it could work along with the third party ecosystem as well, if that integration or even more APIs came into play, I think we could utilize this product a little bit better.
One thing which I would like to see in terms of a major improvement would be AMP supporting the IoT infrastructure, which has been coming up in networks recently. It should also support more factory managed devices, like systems running Linux. Better support is what I'm looking for.
The common endpoints are already covered and we work very well with them. That would be the case if support is extended to new devices as well. I think that would bring real value to the table.
AMP has recently released email security and web security. If there was something like a common dashboard, similar to that of CrowdStrike, it would be useful.
AMP needs to come up with a common dashboard for all of the solutions. That single pane of information would allow us to view everything.
Instead of installing a plugin, what we need AMP to do is run installs in the background. Then the user doesn't know that AMP is running on the system. That would be a fantastic use case or the recommendation which I would like to make, in they're looking for products and features to develop. Something like that would allow me to have a high-end deployment in place for AMP which would be ideal.
For how long have I used the solution?
I've been using the solution for two or three years now. I have been using AMP since it was acquired as an independent company. That means I have almost five years of experience in AMP and AMP-based products.
What do I think about the scalability of the solution?
Scalability wise, AMP is a sure shot recommendation. I would recommend it for an endpoint protection solution compared to any other product out there in the market. It's number one.
I work with small and medium-sized organizations as primary clients which I have targeted AMP on. The small users or the smaller segment within our clients are from 10 users to 500 users. And when I'm talking about medium deployment, I'm referring to users ranging from 500 to 5000 users.
How are customer service and technical support?
The technical support has always been fantastic.
It has never been a disappointing experience to be very frank. Cisco TAC has been very helpful. I worked in the presales team as well, so there is Partner Plus which has always been favored in terms of providing us with solution-based documents as well as presentations to take to our customers.
In a couple of ways, I think we are doing a very good job in terms of the resources which are being provided as well as the support that has been designed around this product.
How was the initial setup?
The initial setup is very straightforward.
What other advice do I have?
I normally work with Cisco systems, as well as most of the routing and switching companies out there, like Juniper, among others.
We're partners with Cisco. I handle consultation with all Cisco products, which includes all of the safe architecture, security logging, and switching. I'm basically working with the system architecture within Compass. I am a unified, tech grade umbrella for the entire product portfolio.
I'd advise, if users are running a Cisco environment, to definitely adopt AMP as an endpoint-based solution, which makes it a lot easier for them to manage your devices.
I'd also advise that AMP works very well if someone is running a non-Cisco set up (and they're looking at an endpoint solution that works independently). However, there's a little bit of complexity in terms of getting the actual business use case, because there's less documentation surrounding that kind of setup.
In terms of rating the solution overall, I'd rate it an eight out of ten. It has covered most of the feature sets we need. The reason I'm not giving it a full ten out of ten is because there is still room to improve the scope of integration. It doesn't support many of the IoT endpoints as well as the other components on the network, which are not yet compatible but under development. Once that happens, I'd probably give it a proper ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Deputy General Manager (GM) at Oregon Systems
A solution that's easy to implement, is highly scalable and is extremely user-friendly
Pros and Cons
- "The stability of the solution is perfect. I believe it's the most stable solution on the market right now."
- "The reporting and analytics areas of the solution need to be improved."
What is our primary use case?
We're in the banking sector. We use AMP to protect security endpoints.
What is most valuable?
The ease of implementation is a very valuable aspect of the solution. It's also very user-friendly.
What needs improvement?
The reporting and analytics areas of the solution need to be improved.
For how long have I used the solution?
I've been using the solution for four years.
What do I think about the stability of the solution?
The stability of the solution is perfect. I believe it's the most stable solution on the market right now.
What do I think about the scalability of the solution?
The solution is highly scalable. It's the best part of the solution because we have done the sizing. We have focused on the sizing, which was highly scalable. And it's very clean, clear and very transparent in this area.
How are customer service and technical support?
We're very satisfied with technical support. It's one of the best.
How was the initial setup?
The initial setup was straightforward. We're well-versed in the solution, so for us, it was easy.
What about the implementation team?
We handle the implementation ourselves.
What other advice do I have?
We use the hybrid deployment model.
I would advise other potential users that if they are looking for a long term security solution, this particular solution is going to add value to their cybersecurity strategy. Cisco AMP is one of the solutions that adds value to your cybersecurity roadmap. It should not be considered as a solution, but rather as a strategy.
I would rate the solution nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Cisco Secure Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2025
Product Categories
Endpoint Protection Platform (EPP) Endpoint Detection and Response (EDR) Cisco Security PortfolioPopular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
SentinelOne Singularity Complete
Cortex XDR by Palo Alto Networks
Fortinet FortiClient
Symantec Endpoint Security
HP Wolf Security
Trend Vision One Endpoint Security
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
Intercept X Endpoint
ESET Endpoint Protection Platform
Check Point Harmony Endpoint
Buyer's Guide
Download our free Cisco Secure Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What's the best way to trial endpoint protection solutions?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Which ransomware is the biggest threat in 2020?
- Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?
- What is the best solution for ransomware attack?