Do you dream of keeping your data under a lock and key that only you control? Or are you trying to appease regulations, whether corporate or government mandated? Organizations should not fear the auditor more than the attacker.
While many have come to adopt the cloud, there are cases where it might not be for you. That’s why on May 18th we released the latest version of Cisco AMP Private Cloud that features integration with AMP Threat Grid.
AMP Private Cloud lets you have the best of both worlds: 
privacy and security without compromising on the latest technologies that allow you to detect breaches.
Integrated malware analysis
The integration of AMP Threat Grid is a critical milestone for the private cloud virtual appliance as it now allows users to take advantage of Threat Grid’s innovative static and dynamic malware analysis technology in a completely on premises solution.
What is AMP Virtual Private Cloud?
The AMP Private Cloud is an on-premises private cloud deployment of Cisco AMP for Networks and/or Cisco AMP for Endpoints technology. Like our other AMP technologies, it continuously monitors file activity throughout your extended network and will provide retrospective security alerts if something benign suddenly begins to act malicious. The virtual appliance not only satisfies stringent privacy mandates (like those in Germany or at a defense contractor), but also provides network and endpoint protection across the enterprise, comprehensive advanced malware protection without compromising your capabilities, and scalability for even the largest global organizations. The best part? You can install it all on your own hardware.
What is the difference between the Private Cloud and Public Cloud?
There are a couple minor differences between the Private and Public cloud instance of AMP.
- Advanced custom detections: the private cloud only supports Windows, whereas the Public cloud supports Linux, Mac, and other popular operating systems.
- ETHOS: This is one of the many detection engines AMP uses to continuously protect you from malware. ETHOS catches families of malware through use of “fuzzy hashes” as a way to counter malware evasion aided by “bit-twiddling”. It is only available in the public cloud.
How do I get the latest threat intelligence?
Since AMP is not directly connected to the internet, we provide a tool to download and synchronize updates between the private cloud and public cloud, ensuring you have the most current file dispositions and related threat intelligence.
Visibility and control with simplified management
AMP Private Cloud uses the latest Firepower Management Center, the critical nerve center that provides a consolidated view into events across both network and endpoints. In addition to being able to manage AMP, it provides unified management over firewalls, application control, intrusion prevention, and URL filtering, reducing the time needed to investigate and remediate malware outbreaks.
Here are a few additional resources if you want to dive deeper into any of the solutions that work with AMP Private Cloud:
- A 5 minute AMP for Endpoints demo
- AMP for Networks featured on TechWise TV
- A full, In-Depth AMP solution Demo
Sadly, the private cloud option is far too expensive for all medium sized businesses I know. With that, many customers (at least in EU/Germany) are restricted to use only cloud lookups.
Well, that’s already great as I see many blocked threats in my dashboards. But having no way to use dynamic analysis really is a pity.
Threat Grid does offer a standalone appliance should on premises malware analysis be a requirement: http://www.cisco.com/c/en/us/products/security/amp-threat-grid-appliances/index.html