Cisco Advanced Malware Protection (AMP)

Cisco’s Advanced Malware Protection (AMP) solutions from specialist cyber security provider Nettitude offer an adaptive threat-focused next-generation firewall, with AMP in a single device combined with Cisco ASA FirePOWER services. Delivering integrated threat defense across the entire attack range.

Talk to a qualified Cisco expert now

0345-52-000-85 (UK) or 212-335-2238 (US) or email cisco@nettitude.com

Understand the best solution to fit your business requirements and budgets.

Product Highlights

Fully managed IPS/IDS

Widely deployed enterprise-class firewall

Highly effective threat prevention

Advanced Malware Protection (AMP)

URL filtering for comprehensive alerts

How does AMP work?

Cisco offers an Advanced Malware Protection (AMP) system that covers the entire attack continuum — before, during, and after an attack. AMP works by using multiple detection capabilities combined with continuous analysis and advanced analytics that support Cisco’s retrospective security and enable managers to review previous and current threats in their system.

This combination provides detection capabilities that go beyond traditional point-in-time detection, allowing AMP for endpoints to also retrospectively detect files that become malicious after the initial point of entry.

Cisco uses tools such as retrospection, attack-chain correlation, behavioural Indications of Compromise (IoCs), trajectory, and breach hunting.

With these retrospective security tools, you can establish scope, visibility, and control in the event of a breach. This helps to quickly and effectively remediate all the threats in your environment before it is too late.

Cisco’s AMP systems evaluate more than 400 characteristics associated with each file to analyse and block advanced malware.

Cisco AMP Key Features

Provides continuous analysis and subsequent retrospective alerting:

AMP informs users of infected files in the malware determination changes after initial analysis. The solution captures, analyses, and correlates activity to provide security personnel with automated analysis and risk privatisation.

Provides analysis and remediation after an attack:

Retrospective security provides retrospection, IoCs, breach detection, tracking, analysis, and surgical remediation after an attack where advanced malware has slipped past other defences. Retrospective alerts inform any change in disposition, including who on the network may have been infected and when they were infected. Dashboards show exactly where the threat has been, what it did, and what its root causes are so it can be quickly contained and remediated.

Protects before and during an attack:

Web reputation and zero-day threat intelligence from Cisco Security Intelligence Operations (SIO) stops threats before they enter the network. File reputation and sandboxing identifies threats during an attack to determine file threat level and zero day exploits.

Ease of use and flexible deployment options:

It can also be deployed in line as a dedicated network appliance or activated within Cisco Next Generation ASA Firewalls with FirePower services.

The table below shows the features of Cisco AMP for Networks, AMP for Endpoint, and AMP for content.

Find out more information about Nettitude’s network operations services.