Cisco Cisco AMP 7150 Hoja De Datos
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 10
Data Sheet
Cisco Advanced Malware Protection for Networks
Product Overview
Fighting malware effectively today requires new approaches, strategies, and
technologies. Cisco
®
Advanced Malware Protection (AMP) for Networks delivers
network-based advanced malware protection that goes beyond point-in-time
detection to protect your organization across the entire attack continuum - before,
during, and after an attack. Designed for Cisco FirePOWER
™
network security
appliances, it detects, blocks, tracks, and contains malware threats across multiple
threat vectors within a single system. It also provides the visibility and control
necessary to protect your organization against highly sophisticated, targeted,
zero-day, and persistent advanced malware threats.
With Cisco AMP for Networks, you can:
●
Trust protection that moves beyond point-in-time: Cisco AMP for Networks goes beyond point-in-time
detection to analyze files and traffic continuously. This capability helps enable retrospective security, the
ability to look back in time and trace processes, file activities, and communications. You can understand the
full extent of an infection, establish root causes, and perform remediation. The result: more effective,
efficient, and pervasive protection for your organization.
●
Limit policy-violating files and more: Tracking data that comes through the web, email, or other attack
vectors, Cisco AMP for Networks automatically recognizes files and applications. It then performs broad-
based filtering of files using the application and file control policies that you set.
●
Detect and block exploit attempts: With an inline deployment, the Cisco solution can detect and block
client-
side exploit attempts. You’re also protected against vulnerability exploit attempts aimed at Adobe
Acrobat, Java, Flash, and other commonly targeted client applications.
●
Identify, block, and analyze malicious files: The system blocks malicious files from their target system
and analyzes files with an unknown disposition. If no disposition is returned, the suspect file will
automatically be submitted to Threat Grid for further analysis.
●
Go beyond just sandboxing: AMP for Networks includes built-in sandboxing capabilities, but with the
integration of Threat Grid, malware analysis and threat intelligence are taken to a whole new level. Threat
Grid provides over 350 unique behavioral indicators to analyze the actions of a file, easy to understand
threat scores, and billions of malware artifacts at your disposal for unmatched scale and coverage from
global threats.
●
Analyze files and traffic continuously: Determining that an observed file is malicious triggers
retrospective alerts from the Cisco AMP for Networks system, even if the file traversed the network hours or
days in the past, so you can still take action and mitigate damage.
●
Correlate discrete events into coordinated attacks: Cisco AMP for Networks illustrates the risk
associated with an ongoing attack. It provides automated and prioritized lists of potentially compromised
devices with combined security event data from multiple event sources.