Cisco Advanced Malware Protection (AMP) for Networks delivers the market's only network-based system today that goes beyond point-in-time detection to protect across the entire attack continuum. Designed for Cisco FirePOWER network security appliances, it provides visibility and control to protect against highly sophisticated, targeted, zero-day, and persistent advanced malware threats.
Features and Capabilities
Advanced malware protection must be as pervasive as the malware it is designed to combat. This requires an integrated set of controls and a continuous process to detect, confirm, track, analyze, and remediate these threats – before, during, and after an attack.
- Before: Prevent known malware, policy-violating file types, and communications from entering your network.
- During: Continuously analyze files and network traffic for threats that evade your first lines of defense.
- After: Quickly and efficiently understand, scope, and contain an active attack.
Cisco AMP for Networks delivers protection along the entire attack continuum with the following key features and capabilities:
Identify Stealthy Attacks
Reduce the Amount of Actionable Malware Events
- Continuous analysis tracks files after they've entered the network
- Retrospective security alerts you to take action during and after an attack
- Multi-source indications of compromise correlates discrete events for better detection
Gain an Efficient Workflow for Investigations
- File and application control helps you limit policy-violating files and actions
- Known malware blocking offers real-time file dispositions to help detect and stop attacks
- File trajectory tracks file transmissions across the network
- File capture allows you to store and retrieve files for further analysis
- Automated prioritization of high-risk events assigns threat scores