Cisco Secure Endpoint review

2 weeks ago 45

For the past 40 years Cisco has been wowing consumers with its dazzling scope of exertion and bundle products. 

In the company's ain words, Cisco Secure Endpoint (formerly 'AMP for Endpoints') is 'built for resilience'. Cisco adjacent makes the bold assertion that the level blocks much threats than immoderate different information provider.

Despite Cisco's world-famous reputation, it takes much than awesome words to make a reliable and almighty endpoint information platform. Is this truly 1 of the best endpoint information software solutions and different jewel successful Cisco's crown? 

 Plans and pricing

(Image credit: Cisco)

Cisco Secure Endpoint: Plans and pricing

When it comes to brass tacks, we were incapable find immoderate circumstantial pricing connected Cisco's website, which asks funny parties to interaction 1 of their income representatives.

Cisco's License Comparison page, however, is overmuch much forthcoming, detailing the 3 main tiers of the endpoint information platform.

The first, 'Secure Endpoint Essentials' includes entree to Cisco's SecureX EDR (Endpoint Deployment and Response) platform. In brief, this allows managers to amended negociate and adjacent automate responses to threats.

Subscribers besides payment from precocious endpoint extortion utilizing behavioral monitoring engines, arsenic good arsenic extortion against fileless attacks and ransomware. Cisco besides claims that each endpoints are continuously monitored for vulnerabilities.

The 'Essentials' tier besides incorporates 'Dymanic Analysis' - successful different words, the level supports sandboxing of fishy files, arsenic good arsenic speedy recognition of bundle vulnerabilities. Managers tin besides isolate an endpoint with a azygous rodent click.

The adjacent level tier 'Secure Endpoint Advantage' includes each of the above, positive 'Orbital Advanced Search'. Cisco claims this speeds up menace hunting, done utilizing implicit 200 predefined menace hunting queries. Subscribers to the 'Advantage' tier tin besides entree the 'Malware Analytics Cloud'. In the company's ain words, this uses,  'advanced sandboxing techniques to execute in-depth dynamic record investigation and heavy malware menace intelligence.'

The highest tier is Cisco Secure Endpoint Premier, which is besides the ground of this review. It includes each the perks successful the supra 2 tiers, arsenic good arsenic 'Threat Hunting by Cisco'. Subscribers seemingly payment from 'integrated continuous hunting by elite Cisco menace hunters'. 

As this is the lone payment beyond the 'Advantage' tier, we would person preferred to spot a pricing table, truthful organizations tin determine if having Cisco assistance successful menace hunting is worthy paying for. 

Interested users tin petition a escaped 30-day proceedings of the level without providing immoderate outgo information. The proceedings licence supports up to 50 devices.


(Image credit: Cisco)

Cisco Secure Endpoint: Features

Unlike galore endpoint information solutions we've reviewed, Cisco Secure Endpoint is genuinely cross-platform, supporting Windows, macOS, Linux, iOS and Android devices.

The institution website includes an extensive datasheet connected the main perks of the platform. Aside from being instrumentality agnostic, this includes an integrated 'file reputation' score. In simplest presumption the level maintains a database of each record it's scanned, allowing it to automatically artifact 'good' oregon 'bad' ones without intensive scanning.

Naturally this lone applies to known threats, but Cisco Secure Endpoint besides supports detection of polymorphic malware to halt atrocious actors from making tiny changes to viruses to debar signature detection.

The level besides employs instrumentality learning investigation to place malicious files based connected their behavior. 

Once threats are detected, arsenic readers volition learn, the level is besides susceptible of performing sandboxing and/or precocious forensics.

There's nary dedicated firewall for endpoints but fixed the level allows managers to acceptable immoderate fig of web and exertion policies, it's apt that these tin supply overmuch the aforesaid protection. 


(Image credit: Cisco)

Cisco Secure Endpoint: Setup

As we mentioned, users tin petition a escaped proceedings of the platform. Upon registration, we were impressed to spot that we had a prime of information halfway for trying retired the unreality console: Americas, Europe and Asia Pacific. This is simply a archetypal for the endpoint information platforms we've reviewed.

The website adjacent requires users to motion successful with oregon registry a Cisco Security account. Clearly the institution takes this earnestly arsenic upon providing our email address, we were asked to acceptable up multi-factor authentication. We did this by installing Duo connected our iPhone 14 Pro Max but did spot that different apps similar Google Authenticator are supported.

On archetypal login to the Secure Endpoint unreality console, we were instantly taken to the dashboard. 

At this stage, we should accent that users person 2 options. If you simply privation to get a consciousness for however the level operates successful a existent environment, you tin take to 'Enable Demo Data'. This fills your console with existent information from existent malware infections, truthful is an fantabulous mode to summation an overview of however it each fits together. 

There are besides a fig of 'demo computers' which supply a harmless mode to research however the level has responded to existent satellite attacks successful assorted ways, specified arsenic 'Command Line Capture', which shows however Cisco Secure Endpoint monitors and intercepts bid enactment arguments arsenic necessary. 

If, similar the squad astatine TechRadar, you similar to tally your ain tests past you tin besides download a 'connector' (agent) from the main Dashboard for Windows, macOS oregon Linux. 

If you take this, the console displays a adjuvant wizard which allows you to configure the connector to enactment with different information software. From here, you tin besides specify a proxy server if indispensable earlier downloading the cause itself. 

The download and instal of the 'Cisco Secure Client' took little than 60 seconds connected our trial machine. The cause instantly launched and prompted to tally a 'Quick Scan'. When we examined the cause settings, we saw menace definitions were not current, truthful clicked to update them manually. 


(Image credit: Cisco)

Cisco Secure Endpoint: Interface

We've already touched connected the main dashboard successful the Cisco Secure Endpoint console, which provides an fantabulous overview of compromises, quarantined infections and compromised devices implicit with adjuvant infographics.

Significant compromises are besides listed beneath the main overview and tin beryllium clicked into, to supply much elaborate information.

While we're talking overviews, determination is really a abstracted conception of the console with that name. It besides provides a wide brushwood summary of threats detected, quarantines, compromises etc. successful fig format, arsenic good arsenic adjuvant pastry charts breaking down the threats by type.

It's not wide to america wherefore determination needs to beryllium 2 sections listing overmuch the aforesaid accusation successful somewhat antithetic ways, but the interface itself is wide and colorful, truthful we aren't knocking disconnected points.

The near manus pane contains different sections, with expandable menus. For lawsuit the 'Analysis' conception tin beryllium clicked to database options similar 'Reports' and 'File Analysis'. This makes the console precise elemental to navigate and the main categories are logically arranged.

The cause (or 'Cisco Secure Client' arsenic they telephone it) has a much basal interface but tin show important statistic similar the policies successful spot and detection engine, arsenic good arsenic update status. We were peculiarly impressed by the tiny scan model which nestles snugly into the bottommost close of the desktop. 


(Image credit: Cisco)

Cisco Secure Endpoint: Performance

When investigating endpoint information platforms, our archetypal trial is ever to effort to download a fake computer virus, provided by the bully radical of EICAR. We fired up our trial instrumentality moving Windows 11 and tried to sojourn the EICAR website utilizing Microsoft Edge. Edge tried to artifact the download of the microorganism successful compressed (ZIP) format but erstwhile we insisted and told it to 'keep' the record the Cisco Secure Client stepped successful to artifact it from downloading.

We adjacent manually copied the record (again successful ZIP) format onto the trial machine's hard drive, lone for it to beryllium instantly detected and quarantined by the cause software.

Our adjacent trial was to effort to transcript a new, existent machine microorganism that we'd caught successful the chaotic into the machine's 'Downloads' folder. We bash this to marque definite that an endpoint information level tin observe threats based connected a file's behavior, not conscionable by comparing its signature against a database of known threats. Once again, Cisco Secure Endpoint didn't fto america down - the record was instantly detected.

The Cisco Secure Client didn't amusement immoderate benignant of notification erstwhile detecting and quarantining files. However, erstwhile we logged into the 'Dashboard' oregon 'Overview' sections of the unreality console, we saw a elaborate database of the quarantined files, with further accusation connected the strategy resources they'd tried to compromise. 

Cisco Secure Endpoint: Final verdict

It's not often that we cannot find immoderate responsibility with a merchandise we review. True, it was thing of a nuisance mounting up a caller authenticator app connected an iPhone conscionable to log successful but this reflects connected however earnestly Cisco takes security. 

While the level passed our tests with flying colors, we besides cognize that Cisco Secure Endpoint is susceptible of overmuch more, particularly erstwhile combined with XSecure EDR. The sandboxing and precocious menace investigation features besides mean this level offers adjacent level security.

Our lone flimsy gripe (for which we're deducting fractional a star) is that Cisco hasn't provided a clearer pricing exemplary for Secure Endpoint. Although this is communal for endpoint information solutions, adjacent a basal minimum terms would assistance organizations instrumentality if this merchandise is for them. 

We've listed the champion unreality firewall.

Read Entire Article