Hi All, Is it possible to restrict or block any urls using amp ?. Like client wants to restrict windows update using amp install in user machine. Please advise.
Forum Posts
Hello DearsWe are planning to impelment Cisco ISE with 802.1x and we have the following quiestions :1-is it possible to connect ISE with Microsoft AD so the login user for 802.1x is done with AD username/password?2-is 802.1x is working without issue ...
My ultimate goal is to have some form of CMD line logs sent into Splunk. Due to reasons, Sysmon or any other tool is not possible. We only have AMP logs being sent to Splunk. Currently we only get what CMD line arguments were used if there is a cloud...
Resolved! AMP integration with Secure X
HelloI am trying to integrate cisco secure X with AMP for end point and we have private clould for AMP, is this integration possible ? I only can see its available for AMP in public cloud.
We've had a handful of machines get flagged for the AMSI provider being deleted from the registry, and haven't been able to put a finger on the cause. The registry key being deleted looks like it's the one for Windows' built-in AV ( {2781761E-28E0-41...
Trying to update StealthWatch to 7.4.2 the update fails because of the changes pending.I have rebooted the flow server but it still has the same message.Got this message on the server too"The Flow Collector is unable to communicate with the Manager.I...
Dear all, I use FSLogix in my envirenment so that FSlogix maps a VHDX file as a local drive, which is located on a network path. This local drive has no drive letter and I have to perform an exclusion for this VHDX file in CISCO AMP. I'll really apre...
I was wondering how those in in the Amp for Endpoints Community deal with Generic IOC and Cloud IOC events. The vast majority of events I get are a result of RMM tools (Kaseya, N-Able, Connectwise, etc.) used by MSPs to manage the workstations. The...
We are installing cisco universal client can anyone please guide for cisco AMP enabler module what would be the file format ?The File Format will be XML or JASON ?Where the file will be stored or in which folder file will be saved ?
I deployed Cisco Secure Endpoint Windows Connector 8.1.7. Deploying it to our end users locked up Office, some browsers, and some shortcuts became unresponsive. After removal of 8.1.7 the issue went away. Reverting back 8.1.5Anyone else having an iss...
HelloCan I have some guidance and assistance please. Our organisation currently has Microsoft MDE running alongside Microsoft Edge and we have recently subscribed to Umbrella SIG. Recently we have been getting notifications from MDE of websites/URLs ...
Hello,I follow the progress of the installation of Cisco connectors for my collaborators.My goal is to identify laggards who haven't installed the antivirus yet. From the console, I can't find the usernames, I only see the hostname of the computers. ...
Talos reputation ticket created... And resolved before I finished this post... Detection: W32.1C27878DDF.RET.SBX.TGFile: mpavdlta.vdmFile path: \\?\C:\Windows\Temp\D3A7A9B3-EF42-4962-BED8-953AD7FE65811330.1d96d3272ec45c5\mpavdlta.vdmDetection SHA...
This morning I started seeing retrospective quarantine failures for Newtonsoft.Json.dll. I see conflicting results when searching for this .dll. The SHA is SHA256: c5c83bbc1741be6ff4c490c0aee34c162945423ec577c646538b2d21ce13199e
Hi all there, I need your help, I tried to connect in cortex Cisco AMP, but need to have "AMP for Endpoints Simple Custom Detection GUID". Can anyone help me how can I get. I created simple and assigned it to my police, but GUID for this group nowher...
