Next-Generation Antivirus Cisco AMP for Endpoint

What is Cisco AMP for Endpoint?

Cisco AMP for Endpoint is next-generation endpoint security that enhances the security of endpoint devices. It combines EPP (Endpoint Protection Platform) and EDR (Endpoint Detection & Response), and enables fast execution from endpoint protection to threat intrusion detection/response. Since Cisco AMP for Endpoint is provided by SaaS, it can be centrally managed from the cloud, and it is easy to introduce and operate.
Cyberattacks by attackers are becoming increasingly sophisticated, and security products and solutions to resist those attacks are evolving every day. However, it is difficult to block 100% of threats. Even if only 1% of threats are able to evade defenses, it can have a fatal impact on your business. Therefore, it is important to take countermeasures against unknown threats and threats that are not preventable using EPP. EDR visualizes and detects threats that have invaded the network and supports prompt response.


Solution that combines EPP and EDR
The solution integrates EPP, which protects a wide range of endpoints including servers, computers, and mobile devices, and EDR, which enables threat visualization and detection. This enables Cisco AMP for Endpoint to function as a platform for security analysis and management.

Uses 15 detection/protection engines to block threats
Cisco AMP for Endpoint uses 15 detection/protection engines and cloud-based threat intelligence to block cyberattack threats in real time.

Enables tracing and response after intrusion by unknown threats
By monitoring file activity, even if a threat intrudes into the company, it is possible to obtain information on the source of the threat, the degree of the threat impact, and the extent of the threat impact. All of the information can be grasped through visualization as a log.

Link with various Cisco security products
For example, the user can share a blacklist by registering Cisco Web Security Appliance, Cisco Email Security Appliance, etc., in the Cisco AMP cloud.

Visualization of threats
Linking with various Cisco security products makes it possible to aggregate various threat information sources, and to visualize what kind of threats exist in the corporate network and even the propagation path.

Supports various OS from servers to mobile devices
Cisco AMP for Endpoint supports a wide range of operating systems such as servers, desktop computers, and mobile devices.

Supported OS (as of January 2021)

  • Windows7/8/8.1/10
  • Windows Server 2008R2/2012/2012 R2/2016
  • Red Hat Enterprise Linux
  • CentOS 6.x/7.x
  • Android 2.1(Éclair)~6.0(Marshmallow)
  • iOS 11 or higher
  • OSX 10.11
  • macOS 10.12/10.13

The service will solve problems such as the following.

  • Want to protect our company’s business from cyberattacks which are becoming increasingly sophisticated
  • Worried if our cyberattack countermeasures are sufficient
  • In addition to computers, want to ensure sufficient measures for mobile device security
  • Want to receive support for all of the various security products that we have introduced

Main Functions

Cisco AMP for Endpoints

Uses 15 detection/protection engines
  • File inspection through hash value comparison
  • Even the latest threat information with a time lag at the endpoint can be inspected using real time information
Trajectory and cloud recall
  • Visualizes log for the following information
      ◆ Source of threat
      ◆ Degree of threat impact
      ◆ Extent of threat impact
  • Instant automatic quarantine at the endpoint when malware is discovered
Cisco AMP Unit
  • Link with various security products
      ◆ Cisco Web Security Appliance
      ◆ Cisco Email Security Appliance
      ◆ Cisco Firepower NGFW, etc.
Cisco Threat Response
  • Visualization of threats
      ◆ Visualization of threats in the network
      ◆ Visualization of propagation path