AMP for endpoints

Similar Questions

• AMP for endpoint - File Types that are scanned by connector FireAMP

  Hello

  I have question for amp for endpoint,

  I am referring to the documentation "File Types that are scanned by FireAMP Connector»

  http://www.Cisco.com/c/en/us/support/docs/Security/Advanced-malware-prot...

  Windows and Mac connectors

  Support for the Types of files watched upward against the cloud

  Trajectory of the device and the file path display these file types:

  • MSEXE
    
  • PDF
  • MSCAB
  • MSOLE2
  • ZIP
  • ELF
  • MACHO
  • MACHO_UNIBIN
  • SWF
  • JAVA

  No file type supported

  • Mac connector is able to scan all except SWF.
  • Windows connector currently does not analyze Elf, Java, xar (pkg), macho or macho_unibin.

  The Android connector

  • Connector Android reviews the APK files.

  May I know from the documentation:

  1. is this means only these file types are supported to be analyzed by FireAMP connector?

  2 and I refer to the firepower 6.0 configuration guide and the following phrase AMP endpoints to support all types of files:

  http://www.Cisco.com/c/en/us/TD/docs/security/firepower/60/configuration...

  Table 2 vs network-based endpoint Protection strategies against advanced malware

  Feature	Fire power AMP	AMP for endpoints
  file type detection and blocking (control file) method	in network traffic, using control strategies and file access	not supported
  malicious code detection and blocking method	in network traffic, using control strategies and file access	on the individual endpoints, with a connector that communicates with the cloud of the WAP
  inspected traffic network	traffic passing through a managed device	None; inspect the connectors installed directly on the endpoints of the files
  robustness of Malware detection	limited file types	all types of files

  3 and I can't find what is the file referring to the MACHO and MACHO_UNBIN, could help you please advise what the file type are in these categories?

  Thanks again for the help.

  Thank you

  Kind regards

  Kelvin

  Kelvin,

  The types of files that you listed are those which is supported to display path of the device and the file path.  Other types of files are always scanned and checked against the cloud, they will simply not display on the device and the file path.

  For more information on the files of MACHO, please refer to this article.

  Thank you

  Matthew Franks

  ENGINEER, CUSTOMER SUPPORT

  FireAMP TAC

• How to uninstall Symantec protection for endpoint without password.

  Original title:

  Installation of Windows 10

  How to uninstall Symantec protection for endpoint without password. This computer was given to me and I do not know the password. I have uninstall setup windows 10 please help

  Hello

  I am Chetan Savade of the Symantec Technical Support team.

  To erase MS completely without password, you must Cleanwipe tool.

  Cleanwipe tool is available for download at Flexnetoperations.com, or support can also provide.

  Symantec Endpoint Protection (SEP) adds support for Windows 10 with 12.1.6 MP1. For Symantec Endpoint Protection 12.1, a maintenance patch was published on July 29, 2015.

  You can upgrade to Windows 10 with versions of Symantec Endpoint Protection 12.1.6 MP1 and MP1a 12.1.6 installed or you must before uninstall Symantec Endpoint Protection. The upgrade of the operating system stops if it detects a previous version of Symantec Endpoint Protection.

  For more details, see the following article:

  http://www.Symantec.com/docs/INFO2746

  See the article linked thus: upgrade to Windows 10 invites you to uninstall Endpoint Protection after an upgrade to 12.1.6 MP1

  http://www.Symantec.com/docs/TECH231349

• AMP for Muse sites

  I've heard accelerated Mobile Pages. How to incorporate cela in my Muse files, and is it important?

  Hello GrahamBedbrook,

  Please go through this post - page Adobe Muse export as HTML AMP for more information about this query.

  Kind regards

  Ankush

• What is the best amp for subwoofers buy?

  original title: Subwoofes and amp

  I have 2 subwoofers 10 inches that are 800 watts max/400 RMS and 4 ohm room. I was wondering what would be the best amp to buy?

  Hello

  Thanks for posting the request in the Microsoft community!
  You can post the question in the forum of the subwoofer manufacturer support and specifications of hardware for better assistance.

  If you have additional questions, please let us know. We will be happy to help you.

• TMS 14.3 - PIN is not required for endpoints imersive

  Hi people,

  I am facing a strange with TMS 14.3 + driver problem XC2.2 + TP Server 3.1. This is what happens:

  Schedule us a conference in TMS conductor like MCU, click an alias that points to the server TP conference bridge. The Conference has a self-generated PIN 6-digit. We use the type of conference "No connection", where all participants must manually dial into the Conference and insert the PIN.

  Well, when at the request of conference starts, all participants can join the Conference successfully using ID number and then insert the PIN code. However, for the endpoints imersive telepresence (CTS 3000), when the user dials the ID number, it is connected to the conference without having to insert the PIN, TP Server don't ask the user to insert the PIN, endpoint imersive is automatically connected to the Conference after dialing the digital ID.

  I have no idea why this is happening, and I confirm that this happens only for CTS 3000, the same problem does not occur for 500 CTS, for example, which is registered to the same CUCM with the same version of firmware. Extra points that I realized:

  • This problem seems to be related to MSDS. Because, if I create an alias Chief conductor associated with a model of the Conference which has applied the PIN, so the problem does not occur. All the endpoints are required to insert the PIN, 3,000 CTS. But when planning through TMS, the problem occurs.
  • The problem happen if the CTS 3000 is selected in the list of participants when planning or not. In addition, no matter if the CTS 3000 is the first, second or last member to join the Conference, the problem always happen in any time.
  • No matter if I use Conference alias set of a driver to be "imersive" in configuration of TMS or alias of the common, the problem still occurs.
  • In the web page of the server TP, I can see the Conference he indicated "PIN protected" information

  Everyone here knows about a problem like this before?

  I'd appreciate any suggestions really.

  Concerning

  Paulo Souza

  My answer was helpful? Please note the useful answers and do not forget to mark questions resolved as "responded."

  CDETS ID is: CSCum29993.

  VR

  Patrick

• Control point for endpoint connect is compatible with Windows 8.1?

  Original title: CheckPoint endpoint connect

  Hello

  I'll do the upgrade of Windows 8 Pro for Windows Pro 8.1.

  By choosing the upgrade path that allows me to keep all the files, settings and applications, it shows that the only application that I have to uninstall will be Checkpoint Endpoint Connect (which currently runs under Windows 8 Pro).

  At all known installation CheckPoint EndPoint Connect on Windows Pro 8.1 and installed successfully?

  Thanks for the reply.

  I've went ahead with the installation of Windows RTM 8.1 and took the risk that Checkpoint would not be compatible.

  I was able to uninstall Checkpoint, as part of the upgrade of Windows 8.1 window and subsequently install Checkpoint endpoint connect successfully.

  Therefore, I am happy to say that for our Organization and our version of the control point, it is looking like it is fully compatible with Windows 8.1.

• Voltage and amps for HP Photosmart 7350 printer.

  + Hey Folks, I learned to understand what a/c power supply I need for printer to my daughter. Moving, she has misplaced the power supply. I will call during the Thanksgiving holiday and will attempt to get his printer hooked up. Is anyone know requirements for this printer? (Printer HP Photosmart 7350)

  Hello

  Please try:

  http://www.Amazon.com/HQRP-replacement-adapter-Photosmart-DeskJet/DP/B001CASW6G

  I hope this helps.

  Kind regards.

• How can I limit the bandwidth for endpoint on the router from 1921 to mitigate impacts traffic bittorrent reviews?

  We have implemented an independent network for our wireless comments. It's an ADSL modem, enter a 1921 Cisco. I setup NAT and DHCP on the router and it is only accessible through the wireless connection. We have a connection 50Mbps and about 250 devices connected to it. Some of them use bittorrent and other file-sharing software to quickly eat bandwidth.

  Since the torrent software is adjustable to any port and cannot be blocked like this, I was wondering if there is a way to limit the bandwidth available to each device connection mitigate this.

  I put this in the Group WAN because it seemed appropriate as it performs the external connection. I know that the argument could be made for LAN, because it connects only within the corporate building and not to one of our service centers.

  Any help would be appreciated.

  Hi John,.

  I don't see anything wrong to apply a basic qos strategy, rank traffic using nbar to match with the bittorrent Protocol and other similar protocols. And then just Butterfly traffic down using a map policy.

  HTH

  Mike

• Upgrade of vShield than version 5.1.0 - 01814505 for endpoint the 5.1.0 - 02563458 version error message

  Hello!

  After update of vShield Manager when attempting to install the following message is displayed:

  installation of endpoint vShield has detected the error during the uninstallation of vib: internal server error: could not read or write to the database.

  The process is stopped. This situation is observed on 2 hosts on 7. Uninstall causes a similar error.

  What measures are appropriate in this situation?

  The issue is resolved after you restart the host

• Graphic HTTPservice & amp; for loop

  I use a togglebuttonbar to navigate between the 3 separate linecharts, each display unique data. My problem is with my current code only the last chart shows all data. Whenever I have change which chart is finally displayed is always the last chart which displays correctly.
  
  So my lloks of code like this:
  
  TOGGLEBUTTONBAR
  
  VIEWSTACK
  
  Loop for (example: 3 times looped) {}
  
  new canvas (added as child to viewstack)
  
  new Panel (addd like child on the Web)
  
  new chart
  
  new Array (for the online series)
  
  LOOP FOR (example: 2 times) {}
  new line
  Line.yfeild = NAME
  line to push in the Bay of the serial line
  }
  
  HTTPservice to get data, called dataReceived function, which is within this loop for
  
  dataReceived {Chart.dataProvider = event ;} / / works for you of httpservice, Ive checked during debugging, and because the last chart shows properly}
  
  }
  
  fact.
  
  So, who should display 3 cards, each with two lines. Notice that the httpservice calls the same piece of XML code for each graph, but Im showing only a few parts in the each individual card. (for example, the xml file has: APPLES, ORANGES, BANANAS a cahrt display apples next bananas, etc.)
  
  A useful part of the code is below... once more, only data from the last chart are displayed.
  
  var DB_Connect:Object = new Object;
  var URL: String = new String;
  URL = "" http://192.168.11.12/getdata.php?length=day " "
  
  useHTTPservice (DB_Connect, URL, dataReceived);
  
  _newChart.series = _newSeries;
  _newPanel.addChild (_newChart);
  
  function dataReceived(evt:ResultEvent):void
  {
  _newChart.DataProvider = evt.result.point;
  }
  
  It is within the first loop. I'm sure Im making a noob!
  
  
  

  get the newChart object synchronously, but sometimes the data asynchronously.

  You need to store a reference to each instance of the child, perhaps in an array (object) associative, as it is created. Then in the result handler, assign the result to the appropriate chart.

  Probably need AsyncToken to match the call to succeed.

  Tracy

• Malicious file found, but what is?

  AMP for endpoint found this W32.39C4C54D7D - 100.SBX.VIOC in a file named Chrome.exe. Where can I go that will tell me what are that malware?

  Thank you!

  Hello Chad,

  Because you have hash, you can check the details.

  https://www.VirusTotal.com/en/file/39c4c54d7d46fd831c92c8ae0da03e555cd57...

  Click the file Details on above link to know more about this file.

  Rate and correct mark if the post will help you

  Concerning

  Jetsy

• SSL certificate has expired for the endpoints BlackBerry push last Thursday!

  There is a generic cert used for endpoints BlackBerry push Eval expired last Thursday.  My embed code for the push service is the appropriate certificate validation and can no longer send.  I checked several end points of cpNNNN.pushapi.eval.blackberry.com and they all share the same expired SSL server cert (no wonder they are shared, surprisingly it is expired).

  To test:

  OpenSSL s_client-connect cp4714.pushapi.eval.blackberry.com:443

  Expansion: NO
  SSL-Session:
  Protocol: TLSv1.2
  Encryption: RC4 - SHA
  Session ID:
  Session-ID-ctx:
  Master-Key: E6D069A6416C5672A99B5D7FA4482190D03E9E14985FE2EB33AF51C580151200490CB06874412C62DAA945A35EA2BE22
  Key - Arg: no
  Krb5 main: no
  PSK identity: None
  PSK identity hint: None
  Start time: 1402341727
  Timeout: 300 (s)
  Check the return code: 10 (certificate expired)

  Cert server returned:

  Certificate:
  Data :
  Version: 3 (0x2)
  Serial number:
  5b: 49:CB:40:09:A7:D3:FB:72:F2:EE:4 b: 97:39:28:47
  Signature algorithm: sha1WithRSAEncryption
  Issuer: C = US, O is Thawte, Inc., CN is Thawte SSL CA
  Validity
  Not before: Jun 5 00:00:00 GMT 2013
  Not after: June 5, 23:59:59 GMT 2014
  Subject: C = CA, ST = Ontario, L = Waterloo, O = Research In Motion Limited, OU = IT, CN is *. pushapi.eval.blackberry.com

  ETA on when a new server certificate will be installed on endpoints pushapi.eval.blackberry.com?

  Seems now fixed.  New certificates of June 11 00:00:00 GMT through 11 Jun 23:59:59 GMT 2014 2015 are in place.

• Output USB amps and the voltage on the Satellite A100

  Help, please. I have a device that recharges its battery via the usb port. It only came with a car charger which has an output of 5 v 1. 0a - what is the output voltage and amps for my Satellite A100 usb port?

  Hello

  Generally, the USB ports provide 500mA.
  USB voltage values are know not to me but to my knowledge all the USB ports must supports USB standards.
  So if you are using a device that supports the simple USB 2.0 standards you should be able to recharge your battery

• Trial license of ISE for wireless devices

  Hello

  We currently have a project underway for a deployment BYOD, but focuses mainly on smartphones and tablets.

  For this I want to evaluate the ISE. I know that there is a 90 days trial license, but according to the reference of the function guide is the basic and advanced.

  As far as I know there is also a specifically for authentication of wireless devices.

  My question is now, if there is also an evaluation license available for the authentication of wireless devices.

  Thank you!

  Kind regards

  Patrick

  Patrick,

  It still works with the eval base licenses and advanced that come with the software.

  To ensure that radius account management is configured correctly for endpoint devices reports you correctly.

  Wireless license is only for wireless users, while the base allows wired and wireless.

  Thank you

  Tarik Admani