Cisco Cisco AMP 7150 Getting Started Guide
At-a-Glance
Breach Prevention, Detection, and Response for
the Real World
Organizations are under attack, and security breaches are happening
every day. Hackers are creating advanced malware that can evade
even the best point-in-time detection tools, like firewalls and intrusion
prevention systems. These tools inspect traffic at the point of entry into
the network, but they will never be 100 percent effective at detecting
all threats trying to infiltrate the organization. Furthermore, they provide
little visibility into the activity of threats after they evade first-line
defenses. This leaves IT security teams blind to the scope of a potential
compromise and unable to quickly detect and contain malware before it
causes damage.
every day. Hackers are creating advanced malware that can evade
even the best point-in-time detection tools, like firewalls and intrusion
prevention systems. These tools inspect traffic at the point of entry into
the network, but they will never be 100 percent effective at detecting
all threats trying to infiltrate the organization. Furthermore, they provide
little visibility into the activity of threats after they evade first-line
defenses. This leaves IT security teams blind to the scope of a potential
compromise and unable to quickly detect and contain malware before it
causes damage.
Cisco Advanced Malware Protection (AMP) for Networks goes beyond
point-in-time capabilities to protect organizations before, during, and
after an attack.
point-in-time capabilities to protect organizations before, during, and
after an attack.
• Before an attack, AMP uses the best global threat intelligence to
strengthen network defenses.
• During an attack, AMP uses that intelligence, known file signatures,
and dynamic file analysis technology to block malware trying to
infiltrate the network.
infiltrate the network.
• After an attack, or after a file traverses the network, AMP
continuously monitors and analyzes all file activity and traffic. If a file
exhibits malicious behavior, AMP will provide deep visibility into the
activity of the threat and the control to rapidly respond and contain it.
exhibits malicious behavior, AMP will provide deep visibility into the
activity of the threat and the control to rapidly respond and contain it.
AMP for Networks not only provides breach prevention capabilities, but
in the case of an undetected intrusion, provides rapid breach detection,
response, and containment capabilities - all cost-effectively and without
impacting operational efficiency.
in the case of an undetected intrusion, provides rapid breach detection,
response, and containment capabilities - all cost-effectively and without
impacting operational efficiency.
Threat Intelligence and Malware Analysis
AMP for Networks is built on the largest collection of real-time threat
intelligence and malware analytics supplied by Cisco Collective Security
Intelligence, the Talos Security Intelligence and Research Group, and AMP
Threat Grid intelligence feeds. Organizations benefit from:
intelligence and malware analytics supplied by Cisco Collective Security
Intelligence, the Talos Security Intelligence and Research Group, and AMP
Threat Grid intelligence feeds. Organizations benefit from:
• 1.1 million incoming malware
samples per day
• 1.6 million global sensors
• 100 terabytes of data per day
• 100 terabytes of data per day
• 13 billion web requests
• Team of engineers, technicians,
• Team of engineers, technicians,
and researchers
• 24-hour operations
Cisco Advanced Malware
Protection for Networks
© 2015 Cisco and/or its affiliates. All rights reserved.
Benefits
•
Detect and block exploit
attempts, malicious files, and
policy-violating files
•
Continuously analyze and
record file activity to track
malware’s spread and scope
a compromise
•
Correlate discrete events into
coordinated attacks
•
Gain deep visibility and
control to quickly detect,
analyze, and contain breaches
•
Access unmatched global
threat intelligence to
strengthen network defenses
•
Manage the solution through
AMP’s easy-to-use web
browser-based console,
FireSIGHT Management
Center