"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"The solution's integration capabilities are excellent. It's one of the best features."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"The most valuable feature is signature-based malware detection."
"The beauty of McAfee is that they are not looking at encryption from one single standpoint. It is a broader solution."
"The interface is user-friendly and it provides a large number of options."
"The most valuable feature is security."
"The solution is excellent for protecting users from data being exploited. It's also great for preventing data leakage."
"The server software console is exquisitely designed and organized for handy access and manipulation by the administrator."
"With respect to data loss prevention, I think it is helpful to the customer."
"The console allows us to manage not only endpoint protection, but DLP, and also integration with MVISION Cloud."
"With proper policies and configuration, it prevents sending corporate data to both cloud storage or to flash drives and data extraction."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"We are looking for more granular control over the policies."
"The drive side encryption can be confusing to use and needs better documentation."
"There are some features that do not work with Mac."
"The solution needs more advanced features."
"In terms of where the solution could improve, it could integrate with network solutions for ADTs, email web gateways and discovery."
"There was an option for SQL setup in the older versions of this product and it has been removed, but we would like to see it made available as an add-on."
"There are compatibility issues with the Chrome browser."
"The price is a little high and could be better."
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
Sensitive data is constantly at risk of loss, theft, and exposure. Many times, the data simply walks right out the front door on a laptop or USB device. Companies that suffer such a data loss risk serious consequences, including regulatory penalties, public disclosure, brand damage, customer distrust, and financial losses. According to a Ponemon Institute report, 7% of all corporate laptops will be lost or stolen sometime during their useful life. The rapid proliferation of mobile devices with large storage capacities and often internet access is opening up even more channels for data loss or theft, so protecting sensitive, proprietary, and personally identifiable information must be a top priority. McAfee Complete Data Protection Suites address all of these concerns and many more.
Cisco Secure Endpoint is ranked 4th in Endpoint Protection for Business (EPP) with 13 reviews while McAfee Complete Data Protection is ranked 4th in Endpoint Encryption with 9 reviews. Cisco Secure Endpoint is rated 9.0, while McAfee Complete Data Protection is rated 8.2. The top reviewer of Cisco Secure Endpoint writes "We have gained more visibility into what's going on because it detects a lot of threats". On the other hand, the top reviewer of McAfee Complete Data Protection writes "An excellent solution for protecting from data exposure, device protection, and shadow IT". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne, Carbon Black CB Defense and Bitdefender GravityZone Ultra, whereas McAfee Complete Data Protection is most compared with Microsoft BitLocker, Symantec Endpoint Encryption, Sophos SafeGuard, Trend Micro Endpoint Encryption and McAfee Total Protection for Data Loss Prevention.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.