Enterprise, Networking

Cisco Launches AMP Endpoint Security: Why?

At first glance, Cisco Systems (CSCO) is getting into the endpoint security market. The logical question: Why -- especially when endpoint security is a "mature" IT market? Actually, the answer involves a whole lot more than endpoint security and traditional anti-virus approaches.

First, the details. Cisco AMP for Endpoints, unveiled yesterday at Cisco Partner Summit 2016, "combines prevention, detection and response to simplify endpoint security, allowing customers to ditch ineffective prevention-only strategies," the company claims. The Cisco endpoint security offering involves a single, SaaS-deployed, cloud-managed solution.

Cisco claims the offering spans:

  • Global threat intelligence from Cisco Talos at its backbone, along with built-in sandboxing technology to quarantine and analyze unknown files.
  • Continuous monitoring and shared analytics to detect stealth attacks. AMP for Endpoints records all file activity to monitor and detect malicious behavior.
  • Visibility and a detailed recorded history of malware's behavior over time – where it came from, where it has been, and what it has been doing.
  • Users can then systemically respond to attacks across PCs, Macs, Linux, and mobile devices, removing malware with just a few clicks.

Still, that's not the whole story. There are three legs to the security: Endpoint, network and cloud. Not by coincidence, the company has launched three security software suites:

  • Threat Defense for Data Center
  • Threat Defense for WAN and Edge
  • Policy and Threat Defense for Access

That list essentially means Cisco wants to own end-to-end security, potentially squeezing point-product rivals in the market.

Enterprise, Midmarket or Small Business?

Generally speaking this feels like an enterprise play, with some midmarket opportunities as well. I don't get the feel that Cisco will promote this in the commercial/small business sector.

Nor do I believe the company will try to integrate with PSA (professional services automation) or RMM (remote monitoring and management) platforms that so many SMB channel partners now leverage.

Still, Cisco OpenDNS (set for a branding evolution soon) already has a strong play in the SMB MSP market.




Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.