- #SYMANTEC ENDPOINT PROTECTION 14 BETA HOW TO#
- #SYMANTEC ENDPOINT PROTECTION 14 BETA UPGRADE#
- #SYMANTEC ENDPOINT PROTECTION 14 BETA LICENSE#
We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications." "Maybe there is room for improvement in some of the automated remediation. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. That takes one to three days before we can be certain that the new version plays nice with our environment." "The room for improvement would be on event notifications. Therefore, we need to test it before we deploy. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. We cannot just say, "There's a new version. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through." "The technical support is very slow." "We have had some problems with updates not playing nice with our environment. There isn't enough information to help us with what we're looking for and why we are looking for it with this query.
#SYMANTEC ENDPOINT PROTECTION 14 BETA LICENSE#
Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself." "I would like to see integration with Cisco Analytics." "In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms.
#SYMANTEC ENDPOINT PROTECTION 14 BETA UPGRADE#
If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. "The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source." What you would do otherwise would be very risky and tedious." "Among the most valuable features are the exclusions. If you can do that in a secure sandbox environment, that's an invaluable feature. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. It's one of the best features." "The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. This greatly maximizes our security operations." "The entirety of our network infrastructure is Cisco and the most valuable feature is the integration." "It is a very stable program." "The solution's integration capabilities are excellent. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. This is key to our security and maximizing operations. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions.
#SYMANTEC ENDPOINT PROTECTION 14 BETA HOW TO#
This helps you understand and nail down what the threat is and how to fix it." "Integration is a key selling factor for Cisco security products. Therefore, it gives you great detail, a timeline, and continuity of events leading up to whatever the incident is, and then, after. Then, after the event, something else was launched by whatever the threat was.
For example, you have the event, but you see that the event was launched by Google Chrome, which was launched by something else. You can see what other applications were incorporated into the execution of the threat. You can see what happened after the threat. You can get onto the device trajectory to look at a threat, but you can also see what happened prior to the threat. That can shorten the useful life of a device." "The visibility and insight this solution gives you into threats is pretty granular. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That was a big thing for us, especially in the mobile world. It is an agent-based solution, and we see no performance knock on cell phones.