On-Premises Malware Analysis, Threat Intelligence
Empower your security team with context-focused intelligence to quickly recover from and proactively defend against attacks. AMP Threat Grid Appliances combine advanced malware analysis with comprehensive threat analytics and content in one on-premises appliance. They are designed for organizations that have compliance or policy restrictions on submitting malware samples to the cloud.
Edge to Endpoint Malware Analysis
Threat Grid provides a common analysis platform across your security infrastructure.(2:07 min)Watch Video
Beyond the Sandbox
Listen to Forrester, ADP, and Cisco discuss sandboxing as a means to fight against malware.Watch Video
Features and Capabilities
Get powerful, advanced malware analysis, comprehensive threat analytics, and compliance, all in one on-premises appliance. Information submitted to the AMP Threat Grid appliance, or generated during local analysis, is safely and more securely kept within the organization. It provides the malware protection you need while helping to ensure adherence to organizational requirements.
You also get the most up-to-date malware knowledgebase and behavioral indicators. The appliance has a manual update feature that allows it to stay current while maintaining compliance with corporate and regulatory restrictions.
The AMP Threat Grid appliance delivers context-driven security analytics to accurately identify attacks, in near real time. Files are analyzed and correlated against hundreds of millions of other analyzed malware artifacts to provide a global view of malware attacks, campaigns, and their distribution. Detailed reports identify key behavioral indicators and determine threat scores for faster prioritization and recovery from advanced attacks.
Behavioral Indicators and Threat Score
Arm your team to prioritize and respond rapidly and efficiently with confidence. Over 450 indicators produced through static and dynamic analysis covering malware families, malicious behavior, and more can ensure analysis is accurate and specific.
Threat score, a reflection of maliciousness, delivers detailed descriptions and actionable information to gain deep knowledge and insight into malware behavior and various attack techniques. Proprietary analysis and algorithms determine the confidence and severity of a threat by a score for better prioritization.
Advanced Search, Correlation, and Reporting
AMP Threat Grid Appliance provides accurate detection of advanced malware attacks. Robust search, correlation, and reporting capabilities provide detailed information on current and historical malware artifacts, indicators, and samples. Detailed analysis reports include all malware sample activities, including network traffic and artifacts.
Powerful API and Platform
Automate for faster detection and response. Use the REST API in conjunction with the appliance to easily integrate premium feeds into existing security infrastructures such as security information and event management (SIEM), intrusion detection systems (IDS), gateways, and proxies for faster detection and blocking of malware.
Specifications at a Glance
Cisco AMP Threat Grid 5000 Series
- Capacity 5000: Up to 1500 samples per day
- Capacity 5500: Up to 5,000 samples per day
- General: Cisco UCS C220 M3 Chassis; 2 x E5-2697 CPUs (2.7 Ghz / 12-Core / 30 MB cache per CPU); 512 GB DDR3 RAM; 2 x 100 GB SSD (OS/apps); 6 x 1 TB 7.2K RPM HDD with LSI hardware RAID
- Interfaces: TBD
- Power: 2 x 650 Watt AC
Close Your Endpoint Security Gaps
Learn how to stop attacks where they start with Cisco AMP for EndpointsRegister for Webinar
Strengthen Your Malware Security
Beyond the sandbox- learn how to optimize your edge-to-endpoint security.Read Whitepaper