Description
Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco® Advanced Malware Protection (AMP) for Networks delivers network-based advanced malware protection that goes beyond point-in-time detection to protect your organization across the entire attack continuum – before, during, and after an attack. Designed for Cisco FirePOWERâ„¢ network security appliances, it detects, blocks, tracks, and contains malware threats across multiple threat vectors within a single system. It also provides the visibility and control necessary to protect your organization against highly sophisticated, targeted, zero-day, and persistent advanced malware threats.With Cisco AMP for Networks, you can: Trust protection that moves beyond point-in-time: Cisco AMP for Networks goes beyond point-in-time detection to analyze files and traffic continuously. This capability helps enable retrospective security, the ability to look back in time and trace processes, file activities, and communications. You can understand the full extent of an infection, establish root causes, and perform remediation. The result: more effective, efficient, and pervasive protection for your organization. Limit policy-violating files and more: Tracking data that comes through the web, email, or other attack vectors, Cisco AMP for Networks automatically recognizes files and applications. It then performs broad-based filtering of files using the application and file control policies that you set. Detect and block exploit attempts: With an inline deployment, the Cisco solution can detect and block client-side exploit attempts. You’re also protected against vulnerability exploit attempts aimed at Adobe Acrobat, Java, Flash, and other commonly targeted client applications. Identify, block, and analyze malicious files: The system blocks malicious files from their target system and analyzes files with an unknown disposition. If no disposition is returned, the suspect file will automatically be submitted to Threat Grid for further analysis. Go beyond just sandboxing: AMP for Networks includes built-in sandboxing capabilities, but with the integration of Threat Grid, malware analysis and threat intelligence are taken to a whole new level. Threat Grid provides over 350 unique behavioral indicators to analyze the actions of a file, easy to understand threat scores, and billions of malware artifacts at your disposal for unmatched scale and coverage from global threats. Analyze files and traffic continuously: Determining that an observed file is malicious triggers retrospective alerts from the Cisco AMP for Networks system, even if the file traversed the network hours or days in the past, so you can still take action and mitigate damage. Correlate discrete events into coordinated attacks: Cisco AMP for Networks illustrates the risk associated with an ongoing attack. It provides automated and prioritized lists of potentially compromised devices with combined security event data from multiple event sources. Track malware’s spread and communications: With the Cisco AMP for Networks File Trajectory, you can track a file’s transmission across the network. Each file in the file trajectory view has an associated trajectory map with a visual display of the file’s transfers over time as well as additional information about the file. Contain malware to prevent loss and outbreaks: Blocking advanced threats and malware communications with a simple policy update is easy with Cisco AMP for Networks. With custom detection lists, you are empowered to act whenever you want, without waiting for a vendor-supplied update to take action.
