"It doesn't impact the devices. It is an agent-based solution, and we see no performance knock on cell phones. That was a big thing for us, especially in the mobile world. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That can shorten the useful life of a device."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"The solution's integration capabilities are excellent. It's one of the best features."
"The visibility and insight this solution gives you into threats is pretty granular. It has constant monitoring. You can get onto the device trajectory to look at a threat, but you can also see what happened prior to the threat. You can see what happened after the threat. You can see what other applications were incorporated into the execution of the threat. For example, you have the event, but you see that the event was launched by Google Chrome, which was launched by something else. Then, after the event, something else was launched by whatever the threat was. Therefore, it gives you great detail, a timeline, and continuity of events leading up to whatever the incident is, and then, after. This helps you understand and nail down what the threat is and how to fix it."
"The most valuable feature is signature-based malware detection."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"They offer the whole package. Remote monitoring and management (RMM) is included with it, which is pretty nice. They also have Windows patching and third-party patching. It was easy to use for protection. The containment engine was pretty nice for securing our environment."
"The most valuable feature is the management of end-user machines."
"It really protects and does its job. It totally blocked every attack attempt, and no attack attempt was successful."
"It's a very easy-to-use product."
"The main features of this solution are that it handles everything by itself and is well integrated."
"It depends on the licensing. Most of the customers have got at least a 365 E3 license, and they can use most of the features of Windows 10 Defender. So, anyone who has got an enterprise license can start using those features. Some of the customers have got E5 licenses, and they can use all advanced features. Customers with E5 licenses use the advanced site protection (ATP) features and web content filtering without going via a proxy, which gives the benefit of replacing the proxy. They can get the benefit of MCAS and integration with Intune and the endpoint manager. It is a kind of single platform for all 365 technologies. It helps customers in managing everything through a unified portal."
"The most valuable features are the Windows Firewall and the regular virus definition updates. These features are very helpful and have helped to improve our security."
"It is easy to install and use requiring little maintenance but applying updates."
"The whole bundle of the product, which is similar to other Microsoft products, is valuable. Ten years ago, you had third-party stuff for different things. You had one solution for email archiving and another third-party one for something else. Nowadays, Microsoft Office covers all the stuff that was formerly covered by third-party solutions. It is the same with antivirus. The functionality is just basic. You have the scanning, and then you also have a kind of cloud-based protection and reporting about your environment. With Microsoft Security Center, you have a complete overview of your environment. You know the software inventory, and you have security recommendations. You can not only see that the antivirus is up to date; you can also see where are the vulnerabilities in your system. Microsoft Security Center tells you where you have old, deprecated software and what kind of CVEs are addressed. It's really cool stuff."
"The most important and the most relevant features of Defender for Endpoint are the malware and ransomware protection."
"This is not an inventory solution, but it helps you take count of how many workstations you have, as well as what software is installed on each of them."
"We use Microsoft Defender for the antivirus."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"I would like to see integration with Cisco Analytics."
"The GUI needs improvement, it's not good."
"They need to enhance the performance of the agents. Currently, the performance is going low when the agent starts a full scan. The agent is consuming a lot of resources while scanning. When there are a lot of documents to check, it slows down the endpoint. This is the only thing that worries me about Comodo, but this issue is also there in other products. It is missing DLP, and I know that they are working on adding some data loss prevention capabilities. They have added some capabilities, but these capabilities are not yet mature. I hope they will enhance these capabilities because it is important to prevent the data from going out from inside. We are protected from the outside, but we also have to be protected from the inside out."
"Their support is not very good because they are very late to reply."
"The licensing fees are high. The company should work to try to lower them for the customer."
"They need to just modernize the infrastructure with something that is next-generation. We have recently moved to SentinelOne. It had been doing good for us for a while, but we needed something modern with new technology."
"There is no behavior analytics for devices and endpoints. There is no behavior-based protection."
"I would like to see the next generation of the tool improved to work with other operating systems, like Linux."
"Defender is free for one year. Once that year is over, we will switch to Kaspersky."
"I would like to see fewer pop messages and alerts."
"The scanning is slow when it is working with incoming emails."
"Integrating this with third-party systems has some complexity involved."
"The detection of viruses could be a little bit better."
"The solution could improve by providing more integration."
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
Comodo Advanced Endpoint Protection (AEP) delivers patent-pending auto-containment, where unknown executables and other files that request runtime privileges are automatically run in a virtual contain that does not have access to the host system's resources or user data.
Comodo Advanced Endpoint Protection is ranked 35th in Endpoint Protection for Business (EPP) with 4 reviews while Microsoft Defender for Endpoint is ranked 3rd in Endpoint Protection for Business (EPP) with 84 reviews. Comodo Advanced Endpoint Protection is rated 7.2, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Comodo Advanced Endpoint Protection writes "Flexible, easy-to-use, and scales well". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Enables ingestion of events directly into your SIEM/SOAR, but requires integration with all Defender products to work optimally". Comodo Advanced Endpoint Protection is most compared with Symantec End-User Endpoint Security, Sophos Intercept X, CrowdStrike Falcon, SentinelOne and Cortex XDR by Palo Alto Networks, whereas Microsoft Defender for Endpoint is most compared with CrowdStrike Falcon, Symantec End-User Endpoint Security, Cortex XDR by Palo Alto Networks, SentinelOne and Trend Micro Apex One. See our Comodo Advanced Endpoint Protection vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection for Business (EPP) vendors.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.