You’re invited to attend a lunch and learn training session for Cisco Advanced Malware Protection (AMP). The training session is available on Jan 14 and Jan 22.
AMP is recommended as a replacement for Symantec Endpoint Protection (SEP) on managed University-owned devices, and it is available at no cost to campus units. AMP, configured in partnership with the UW–Madison Office of Cybersecurity, aligns with the UW–System Information Security Program. Units are encouraged to implement AMP now to replace the campus SEP licenses expiring in June 2020.
The purpose of the session is to familiarize and train IT admins across campus with the AMP endpoint connector and the AMP administrative console. There is a significant portion of time set aside for questions – so come prepared to participate!
Cicso AMP Session 1
Tues, Jan 14
Computer Science Building, Room 3139AB
Cicso AMP Session 2
Wed, Jan 22
HSLC, Room 1220/1222
- Brief introduction to AMP connector and how it functions (10 minutes)
- Getting started (5 minutes):
- Requesting AMP console account & endpoint connectors
- Downloading the AMP connector
- Deployment options available through BigFix, SCCM, JAMF, Airwatch, etc.
- Detailed Threat Analysis in the AMP Console (10-15 minutes)
- Viewing and reviewing events
- Drilling down into the details
- Tuning for performance (10-15 minutes)
- Whitelisting files
- Setting up exclusions
- Configuring policy settings and detection engines (15 minutes)
- Tetra/Clam AV traditional AV scanning (and scheduling scans)
- File, Network, Malicious Activity Protection, System Process Protection detection engines
- Enabling/disabling the local GUI
- Maintenance (5-10 minutes)
- Updating AMP via the console
- What happens with imaging/duplicate endpoints?
- Checking endpoint health & known issues
- Answer audience questions regarding AMP (remaining time)
If you have questions about the lunch and learn sessions or AMP questions, please email firstname.lastname@example.org.
If you have questions about the Endpoint Management & Security Project, please email email@example.com.
Endpoint Management & Security Project Team