Avatar

Cyberthreats targeting Federal government IT are becoming increasingly evasive and complex. That’s why Federal agencies are rethinking their legacy antivirus solutions. And the best place to start? FedRAMP. Because a FedRAMP Authorized solution means strong, risk-based security that meets stringent Federal standards. And we’re excited to announce that Cisco® Advanced Malware Protection (AMP) for Endpoints has just been designated as FedRAMP Ready.

Traditional solutions for endpoint security are fading as Endpoint Protection Platforms (EPP) and Endpoint Detection and Response (EDR) technologies mature. Why? Because EPPs can deliver next-generation antivirus that stops today’s complex attacks. And EDR offers more advanced capabilities like detecting and investigating security incidents, coupled with the ability to quickly remediate endpoints. But having two options also presents questions, like which should you choose? Or is it possible to benefit from both?

Leveraging EPP and EDR for greater network security

At Cisco, we believe that combining EPP and EDR for advanced malware protection is possible. Doing so can even simplify your security operations. That’s why we’ve brought them together in a single cloud-delivered, FedRAMP Ready solution — Cisco® Advanced Malware Protection (AMP) for Endpoints.

Cisco AMP for Endpoints is relentless as it stops breaches and blocks malware. It rapidly detects, contains, and remediates advanced threats that evade front-line defenses. Plus, AMP is easy to deploy and use by Federal agencies (as well as State and Local governments). It can even leverage your existing security investments to help address threats beyond the endpoint. That’s what we call “relentless breach defense for government.”

How Cisco AMP for Endpoints works

By combining the power of EPP and EDR into a single FedRAMP Ready solution, your agency can benefit from enhanced network security. Cisco AMP for Endpoints does this by enabling you to:

 1. Block threats. Before they compromise you.

How effective you are at protecting your endpoints really depends on the quality of threat intelligence you’re acting on. That’s why Cisco employs machine learning and automation to spot malware activity fast, plus malware attack protection to block ransomware. We also use exploit prevention to stop fileless malware and a variety of other protection engines all fueled by Cisco Talos, the largest non-governmental threat intelligence group on the planet.

endpoint protection FedRAMP AMP malware

Cisco FedRAMP Ready AMP for Endpoints finds more vulnerabilities than other vendors. We push out protection before the bad guys can exploit them. This gives your agency the advantage. And because we’re such a trusted leader in networking, Talos sees more network traffic than anyone else. This reach helps drive our holistic approach to security because it means we see more threats, no matter where they begin (Internet, email, or another network). Our cloud-based global telemetry sees a threat once, anywhere in the world, and blocks it everywhere across our endpoint ecosystem and our entire security platform.

2. Know everything. About every endpoint.

AMP simplifies threat hunting and investigation for government with its newly announced Endpoint Detection and Response capabilities. This make your team’s job easier, thanks to advanced investigative queries across any or all of your endpoints and automated forensics snapshots. Whether you’re doing an investigation as part of incident response, threat hunting, IT operations, or vulnerability and compliance, AMP gets you the answers you need fast.

Cisco AMP for Endpoints also has hundreds of preloaded scripts so you can leverage the expertise of our Talos threat hunters, or even customize your own. These queries are organized in a catalog of common use cases, even aligning with the Mitre ATT&CK.

AMP provides deeper visibility on what happened to any endpoint at any given time by taking a snapshot of its current state. Think of this as taking a picture of a device; right to the moment when something malicious was seen. Plus, we continuously monitor and analyze the behavior of your endpoints. This gives your agency valuable data to investigate and respond to the riskiest threats quickly and confidently. And if a file that appeared clean upon initial inspection ever becomes a problem, AMP also provides a full history of the threat’s activity to help catch, isolate, contain, and remediate at the first sign of malicious behavior.

3. Respond completely. With security that works together.

Cyberthreats against our national government are not one dimensional. Your response to them must reflect that. That’s why we built our endpoint security with out-of-the-box integration with the rest of the Cisco security platform, as well as a wide range of third-party technologies. This empowers your agency to block, detect, investigate, and respond to threats across your entire environment – not just your endpoints.

Cisco’s holistic, platform approach to security means it works together, not piecemeal, to streamline your security operations. This makes a security investigation quicker and easier. You’ll get to the root cause fast and be able to automate actions to stop the threat in its tracks.

AMP lets Federal agencies respond to attacks at the first sign of malicious behavior by using “one-click” isolation of any endpoint, everywhere. An important distinction with AMP is its ability to broaden control beyond just the endpoint. We instrument our endpoint security to leverage threat intelligence from web, email, cloud and network security solutions; and with multi-factor authentication integration for Zero Trust.

This creates a defense that works together for more effective protection and response against your most challenging threats. All with less time, effort, and cost to do so.

AMP up: Become the Threat Hunter you were born to be

Channel your inner threat hunter and become a leader in the Federal government’s quest for relentless breach defense. It’s easy to start – just register for one of our Threat Hunting Workshops where you’ll get hands on experience in threat hunting, investigating and responding to threats.

Then take a deeper dive into our newly released Cisco® Advanced Malware Protection (AMP) for Endpoints, as well as our growing portfolio of FedRAMP Authorized solutions that provide strong, risk-based security that meets stringent Federal standards.

Remember, FedRAMP authorization means that Cisco cloud offerings meet the Federal government’s stringent requirements, as verified by a third party. So you can implement Cisco FedRAMP Authorized solutions with full confidence in their security.

Cisco AMP for Endpoints FedRAMP specialistsGuest Author: Gedeon Hombrebueno, Product Marketing Manager at Cisco

As Product Marketing Manager at Cisco, Gedeon provides expertise in various aspects of our industry-leading end-to-end security solutions. This includes endpoint security, threat intelligence, cloud security and more. His work reaches across physical, virtual and cloud environments. 

Resources

Take a deeper dive into our FedRAMP Authorized solutions https://www.cisco.com/c/en/us/solutions/industries/government/federal-government-solutions/fedramp.html

Did you know Cisco Services make optimization easy?

Make the most of your existing collaboration tools and speed your agency’s upgrades. Get help as you consider, plan, or execute a move to FedRAMP Authorized cloud platforms.

For cloud:        https://www.cisco.com/c/en/us/solutions/cloud/professional-services.html

For collaboration:       https://www.cisco.com/c/en/us/services/optimization.html