Cisco Secure Endpoint Reviews

I use the solution in my company to protect our Windows and Mac devices.

The most valuable features of the solution are its ease of use, simple management of dashboards, and constant updates.

It cannot currently block URLs over websites. From an improvement perspective, I want the tools to have the ability to block URLs over websites from a threat prevention point of view so that everything stays protected.

The product needs to offer better integration capabilities.

I have been using Cisco Secure Endpoint for two and a half years.

It is a totally stable solution. Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a ten out of ten.

Around 20 to 30 people use the product in my company.

The product is used extensively in my company.

The plan to increase the solution usage depends on the company's decision.

The product's initial setup phase was very simple.

The solution is deployed on the cloud model.

In terms of the time needed for the deployment process, my company requires one or two hours to upgrade the tool on our twenty machines.

One or two people who are engineers are required to deploy and maintain the solution.

The return on investment is fine. My company only looks at how the product can offer security.

You must make monthly payments towards the licensing charges attached to the product. There are no extra charges apart from the standard licensing fees associated with the product.

In the past, I have used ESET and Symantec in my company. The protection offered by Cisco is much better than that offered by ESET and Symantec.

I never used the tool's threat-hunting capability to see its impact on our company's security posture.

I have integrated Cisco Secure Endpoint with other security tools from Cisco, and I see that it has been great.

I recommend the product to those who plan to use it.

The product is reliable and stable. It also provides up-to-date security based on ongoing trends.

The benefits from the use of the product revolves around the fact that it helps our company to be secured, especially in a scenario where constant attacks happen on other companies.

If I consider the current trends in the cybersecurity world, I can say that the product offers main features that provide functionalities of an anti-virus solution.

I rate the overall tool a nine out of ten.

Emphasizing robust prevention and comprehensive security measures, it offers stable functionality. There are several valuable features including strong prevention and exceptional reporting capabilities.

The pricing policy could be more competitive, similar to Cisco's offerings. Cisco recently introduced the SecureX platform, where all the different platforms are consolidated. This means you need a single account to access all the platforms, simplifying the process. However, it can still be a bit frustrating because the access isn't straightforward. There are different links for logging in, and depending on which link you use, you might encounter issues with admin rights, even if you are an admin. It seems there are some access problems during the transition and migration process, which has affected my system as well.

For instance, we had the Cisco Mail gateway, and I used to have specific links to report and configure guardian and spam checks for emails. Now, all of these have also been moved to the SecureX platform, which doesn't always function smoothly when logging in. Sometimes, I still have to log in using my old links. It's a bit inconvenient, but that's how it is.

I have been using Cisco Secure Endpoint for the past two years. 

I would rate the stability nine out of ten. 

It is a scalable product and I would rate it eight out of ten. 

They have separate support departments for different products, and the experience can vary depending on the product. For instance, Cisco Meraki Support is notably excellent and quick. In contrast, the support for some other Cisco products may be slightly less effective or even more outstanding. They tend to be slow when responding to inquiries. Personally, I have had a good experience with Cisco.

Regarding maintenance, we receive the latest updates automatically. I handle tasks such as installing the updates, assigning licenses, and installing the agent. Additionally, I check for insights on the computers where the agent is installed. These insights provide reports on various aspects, such as the computer's Windows update status and whether the antivirus is on the latest version, among other things.

It is a subscription-based product. 

I would overall rate the product an eight out of ten and recommend it to fellow users.

I implemented the solution in my company to use its managed endpoint protection in my company's use cases. Most of the users of Cisco Secure Endpoint in my company are unaware that they use the product. Our company only uses it to isolate possible malware on the endpoints. Our company uses the solution in collaboration with other software protection tools we have so that it helps us to look into cases where possible malware or attacks can happen.

The most valuable feature of the solution is its technical support. In most cases, it's very difficult or complicated to incorporate Cisco Secure Endpoint in the IT environment, and most of the messages that appear are not very clear. It is a reliable tool. After the setup phase, I realized that it is a reliable tool.

The initial implementation of Cisco Secure Endpoint can be a pain and is an area in the solution that needs improvement. After the initial implementation phase, a person gets support from Cisco, making it a solid tool.

The solution needs to improve in the area of the specific details of the threats it provides to its users.

I have been using Cisco Secure Endpoint for three years.

After the presence and use of the solution in our company for three years, I rate the solution's stability a nine out of ten.

Since we haven't had any expansion in our company's infrastructure, I won't be able to comment on the solution's scalability feature.

All of the employees in the back-end processes of our company are users of the solution since the product is implemented on all the PCs and servers. From an IT perspective, only two people use the solution in the company. One person looks after the maintenance of the solution, while the other person looks at the messaging part of the solution.

My company has chosen an outsourced option to get technical support of the solution since we don't get any technical support internally. 

The initial setup of Cisco Secure Endpoint is complex.

Speaking about the deployment process, during the initial phase of using Cisco Secure Endpoint, we were getting a lot of false positives in our company, making it pretty hard for us initially since we had to cut endpoints until we could stabilize the solution.

My company does make annual payments towards the licensing costs of the solution. Cisco Secure Endpoint is a little bit expensive. The pricing for licenses is pretty expensive for the moment, but it is a good solution.

My company wants to stop using Cisco Secure Endpoint and opt for another solution.

I recommend the solution to those planning to use it.

I rate the overall solution an eight or nine out of ten.

We use a lot of Cisco products to integrate into our services for about 160 customers in healthcare, local government, and social housing.

We are using tons of Cisco products. Besides all types of firewalls, we are using IronPort for email. We are using a lot of networking products as well, in which security is also embedded. We also use the SecureX platform to leverage our security automation.

We have about 160 customers, and each of these customers has its own compliance, set of rules, and governance. So, the use cases might vary, but it's all about keeping them safe on all levels; on a technical level, on a tech framework level, and also on a personal level. We try to prevent our customers from doing things that they didn't intend to do as well. The use cases vary, and we embed them in all our services and also in our security operations center.

Most of the customers don't even know that they are more secure. It's like they expect to be secure, but the moment we have a big threat from the outside, they will see and they will know that we are far faster and better able to protect them and react to threats from the outside.

Cisco Secure has saved us time, especially the SecureX platform has helped us to automate certain processes and do analytics. That prevents us from taking each individual part of the logging. They have the intelligence in there to do the first check for us, and that saves a lot of time.

There is a reduction in operating expenditures but not only from the Secure perspective. Our full stack is based on Cisco, so we leverage the full integration part of that. We have our compute, we have our networking, and we have our security, and that makes it easier because you have less interfaces with different products.

From a technical perspective, I would rate it quite high for securing our infrastructure from end to end. From a behavioral perspective, in terms of the end customers leveraging it, there's still a little bit of work to do because we need to help the end customers to be more aware of what they're doing. On the endpoint for a user, they don't exactly see what is happening. From a visual perspective, you also want to have a feeling that you're safe or you get some tips or tricks to be safer, but for the most important part, which is the technical part, I would rate it very high. We really trust Cisco.

The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP. It has behavioral analytics, so you can be more proactive toward zero-day threats. I found that quite good.

I'm also a big fan of Talos, which provides us with a lot of insights to react faster. We also created our own toolset to embed Talos input to the Cisco products, which was not a native function, but it's being enhanced right now in the new Secure and SecureX platform.

On the firewall level, they were lagging a little bit behind, but they are running up again. I have full trust in the new 3000 series of firewalls where we would also be able to look more into the traffic that we're monitoring and get more security layers in our services. That would definitely be a big step.

We have been using Cisco since we started the company in 2002. At the time, it was not branded as such, but security is embedded in every Cisco product.

I'd rate them a nine out of ten because we still had to do things ourselves. After they had done them for us, if it was just one click on a button, then I would've given them a ten. 

Positive

We were using different products before, but we made a strategic choice to use the endpoint protection part. We're very happy with this part because it works on all types of devices and all types of endpoints—not only the user endpoint but also the networking endpoint and a lot of server platform endpoints as well. That was a primary reason, and obviously, the cost or OPEX was a part of the strategic choice to do so, but the most important part was that it had the behavior analytics part in there, so we could be more prepared for zero-day attacks.

I was only indirectly involved in its deployment. As a board, we do look at the choices that we are making, but the real firm choices are made by our chief technology officer, our corporate information security officer, and the people in the operations. However, at the board level, we always look into what are the benefits and what are the costs, so I was involved indirectly, but I was not the one who made the decision.

The deployment of Cisco Secure solutions is a little bit in the midst. Because we had such a big install base, we took a lot of time. It was a program of approximately one and a half years. For us, it was a tough project. Was it tough because of Cisco? I don't think so. It was tough because it was such a big install base.

We handled it as a project. At first, we had to explain to our customers that we are going to use another product and why. We had to do a lot of marketing and communication beforehand. We had to train our people and our resources. We had to fix our automation. We also had our implementation plan per customer because it does impact the performance at first because it has to get to know the infrastructure and it has to get to know the services. After that, it all worked out well, and we are continuing to do so because this is a never-ending project. There are still new releases and new features. It's embedded continuously in our organization now. It's sort of cyclic maintenance.

We do not measure that on a product basis. We have a growth rate with a company that lies between 15% to 30% each year in our services and profits. It definitely adds to that as well. It's year-on-year, so we're doing quite well, and it's partly because of Cisco.

It can always be cheaper.

We only had one real runner-up, and it was Microsoft Defender, which is also a good solution, but it's less integrated with our Cisco infrastructure.

Don't take it to light and implement it with your customer in mind, and don't only implement it as a technical project. It's all about mitigating risks for your customers, and it might not always be technical. 

Be aware that implementing such a new embedded technology might also cause an impact on performance. So, keep informing your customers about the benefits and say that it might be a little difficult at certain times, but when we're finished, they are far safer than they were ever before.

Open Line has a big customer base in healthcare, local government, logistics, and social housing. Societal responsibility is quite huge in the Netherlands. Cisco might also be aware of the impact that they have. They shouldn't just look at us as a managed services company or a partner; just be proud that their social reach in the Netherlands is so high. They're part of that as well. At certain times, I don't think they're aware of that. They can be far prouder than they are right now.

I'd rate Cisco Secure an eight out of ten because we have a high ambition level. Perhaps with the new Cisco 3100 series firewalls, we'll go up a little bit because that will also help us in a risk-based security approach.

We are delivering Cisco solutions and security services to more than 100 customers. We use AMP, which I believe is currently called Cisco Secure Endpoint. We use Umbrella, we use SecureX, we use Meraki, and we, of course, use firewalls. So, it's a very broad range of Cisco products. 

Cisco Secure solutions have improved our company in the sense that we are now moving towards being a managed service provider, which is doing what Cisco is telling about combining your network, your hosting, and your security together in one company so that you can deliver IT services in a carefree way for your customers. So, Cisco is helping us in creating that goal of carefree use of IT.

I'm very glad that for most customers, we have onboarded Cisco Secure Endpoint because it helps us a lot in solving and detecting ransomware. It's being done automatically, so you don't have to worry. It's removing that. Therefore, it is called an EDR solution. It takes care of detection and response, and it's being done automatically. In the case some handling is needed, we have a connection from Cisco Secure Endpoint towards SecureX and ServiceNow. So, we are bringing that very simply to our support engineers. If any handling is needed there, they automatically get a ticket, and they can act.

It has helped a lot in saving time because when you have an automated flow of tickets, a ticket is immediately handled by the support people. They can immediately act in ServiceNow and see what they have to do if something is detected where a manual action is still needed. There are, however, not many cases because AMP already handles a lot of responses automatically. 

We are saving a lot of money on our operational costs because people don't have to enter tickets anymore in the system. Secondly, a lot of response is being done automatically by AMP. That helps us a lot as well in saving costs because, in the past, somebody had to do it manually.

The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware.

We would like to see the protection from the start of the endpoint till the end. Nowadays, we see that working from home is quite important, so there's a need to protect the whole layer, not only the network of the customer. There is a change towards starting from the process on the endpoint and then protecting that towards the application and the data on the back end. You need to protect that whole layer, which means that you have to have something on your endpoints that can protect. Today, at the Cisco Live event, I heard that there will be an AnyConnect solution from Cisco that will help us in delivering the kinds of security solutions that customers currently want. In some cases, we use AnyConnect, but because SaaS is coming up, many of the solutions or many endpoints are using a browser to make the connection to any place, anytime, and anywhere, so you want to have a secure connection at the start. It should be on every endpoint. I've heard Cisco is developing that right now to have all endpoints, not only laptops, desktops, and tablets, but also mobile devices, connected and secure towards the application and the data at the end. We are using AnyConnect as a VPN solution, but not as a whole set, which is currently being developed by Cisco.

They can combine the platforms and the management tools so that they are a little bit simpler and easy to use.

The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers.

The quality of the product should be on top. For instance, when they are being introduced, some firewalls have some bugs, and they are known bugs. So, going to the latest version of the firewall is not always the smartest thing to do. There could be an improvement to help us go to the most modern version.

Cisco's support for their solutions is very good, but it always depends on people. We have a good account manager or service manager from Cisco, and he is helping us a lot in getting the right people from Cisco to talk to, etc. So, it's good. It's a very good arrangement. 

I'd rate them between eight and nine. I don't think that the support organization has to change, but if the tools that you have to use and the management consoles you have to use are simpler, then the support can also be much simpler, and the support department from Cisco can easily support the partners as well.

Positive

I was involved in the implementation of Cisco AMP. When we did a changeover from the traditional antivirus to AMP, I was highly involved. It was an interesting journey, and in the end, we achieved what we wanted to achieve.

It was easy in a certain way, but if you are a managed service provider, you also need to have multi-tenancy. The multi-tenancy support is within Cisco AMP. If you want to implement it, it's not always easy because you cannot do some of the things, such as specifying the policies you want to use, from the top level. You have to do them separately in every tenant, but I've heard that they are going to change it.

We have indeed seen a return on investment for the Cisco Secure solution we have implemented. We've seen the benefits in terms of earning money, but also in terms of extending our services and turnover in many cases.

The pricing and licensing of the security solutions of Cisco are very good in comparison with the competitors, but sometimes, it's difficult to see all the discounts and other kinds of things. So, you have to be careful, but the pricing is good.

I was a part of the evaluation process to go from a traditional antivirus package to a new solution called endpoint detection and response. Of course, there are only two big players, Cisco and Microsoft, in that area. We had to discuss what to do and how to deal with it. Of course, many customers have Microsoft in their workplace, but we are offering Cisco at least for the endpoint service where we have the hosting center. If they want, we can deploy AMP on the endpoints as well. However, there's something to say about the fact that you have two different kinds of EDRs. On your end-user devices, you have Defender, and on your server, you have Cisco, which makes it even more strong.

Traditionally, Cisco comes from the infrastructure. The difference between Cisco and Microsoft security solutions is that Cisco is coming from the infrastructure part, and Microsoft is coming from the data part. What you see is that Microsoft developed its solution from information, from data, and Cisco is coming from the infrastructure. It is deeper in IT. The solutions are deeper, and therefore, they sometimes might be stronger if you are only looking at the top of what's in IT. That makes it a little bit different. So, it's not about who's better or who's stronger. In some cases, they are an addition to each other.

Cisco Secure was the right solution for us. Of course, that was also because of the cost. Because we were already working together with Cisco, we chose Cisco for our hosting center and for all of our services. If the customer wants to have it on their endpoints and user devices, they could use our Cisco solution as well. If they want to have Defender, we support that as well on the endpoints of the user. 

To those evaluating Cisco Secure solution, I'd advise understanding the roadmap and the architecture of Cisco very well and seeing how it can add things. I have to mention Microsoft solutions because there is an added value on top of the Microsoft solutions, and that's what you have to look for. 

Cisco Secure solutions are currently at the level of a seven out of ten, and that's based on the fact that some management consoles are not working together, and in some of the new products, there are still, for instance, some known bugs. That's an issue that could be improved, and they are working on that.

We use Cisco Secure Endpoint as an antivirus on computers. That is one of the important use cases that we have, as an antivirus.

[It has helped our organization] tremendously. First of all, because we are always on-point in terms of our solution. We are proactively looking into the alerts and Cisco Secure Endpoint is already taking care of looking into it, provisioning it, and fixing it. All those three stages are done by the software itself. We are only looking at in terms of what the statistics look like. That really helped us. 

Because the solution is taking care of itself, we get the chance to research more on the other side of it rather than focusing on the problem. The moment a problem is there, Cisco Secure Endpoint is already working toward fixing it. That really helps us. I can go home and have [peace of mind] at home, not thinking about whether the next attack is coming and I have to wake up in the middle of the [night] to figure out what's going on. That really helps in a tremendous way.

It has easily [helped us save] hundreds of hours in a quarter. We are definitely saved because of this solution.

Definitely, the best feature for Cisco Secure Endpoint is the integration with Talos. On the backend, Talos checks all the signatures, all the malware, and for any attacks going on around the world. Cisco Secure Endpoint gets the information from it. We do get knowledge about all the attacks going across the world. Because Secure Endpoint has a connection to it, we get protected by it right then and there. Rather than our looking for it, and finding out the information, the software does it for us without our having to get in between. That is really an easier way of fixing a problem. Before, we would manually have to look into it. That really helps us. It's taken care of in a way.

Because the software is doing such a good job, we barely have any recommendations in terms of what can be changed. [However], at this moment, in terms of integration with other software, that could be helpful. 

And in terms of the user experience, if the UX design could be much simpler [that would improve things]. Because I'm an engineer, I understand what I'm looking at and [for me it's] intuitive in terms of what is there and what is not. But [if] another engineer or someone at the management level or C-level is looking at the portal of the webpage, if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something. If they could improve [on that], that would be great.

I have been using Cisco Secure Endpoint for more than four and a half years. It's been quite some time.

The stability of the solution is definitely a 10 out of 10. I have no problems with that at all. It's consistent across the board and that's perfect.

The scalability of the solution is really good with SecureX, which is an integration platform. All the other tools are coming together, and that really helps us to scale. I don't have to jump through to different windows. I can see everything in one place. That has really helped a lot since SecureX launched a couple of years ago.

Cisco tech support has been really good because they have a chat tool in the portal itself. If there's an issue, we can reach out to them right away. It's pretty quick and easy because the support itself is built in right then and there. I can connect to it whenever I want to, which is really nice.

I can't rate them at 10 out of 10, nothing is perfect. I would say nine for sure. We all can improve.

Positive

In the beginning, we had previous software. It was like the old way of seeing it, looking for the signatures. By the time we faced a problem and were trying to fix it, it was already too old. We were just not on top of it. It was becoming more of a reactive solution, rather than a proactive approach to fixing the problem. That was the main, driving force for us to find a solution that can be more proactive rather than reactive.

The antivirus software we used previously was facing a lot of issues with the signature downloads. Antivirus is looking for the signatures, to see if [there is] the respective problem, and trying to match those signatures. This is such an old way of doing it, which was [being done] for quite some time. 

Secure Endpoint has become a real game-changer in that field because it's a cloud-based approach, and we are already talking about getting signatures, not only for our organization, [but for] attacks [that have] happened to other organizations. We also get that information and we get protected already, without even having to intervene in the process. That really helps in many ways.

Previously, we were using Sophos antivirus and we replaced it with Cisco Secure Endpoint, which was previously called AMP at the time.

I believe we first we did it through our management console, our deployment software that we use to deploy it, for the first stage, to reach our different computers. And once that was done, we are managing the updates to the respective software through the cloud.

The deployment was easy. But the only reason it was easy was because we already had a deployment solution ready for it. If a new company wants to get this product, and they don't have any management solution they can use to deploy this software, that can be a challenge. 

A recommendation [for Cisco would be], if they can come up with some deployment process—I understand that's not the priority of the tool itself—but if that can be done, that will be good. 

But if a company already has a deployment solution that can be used to deploy the software across other computers, then the transition is pretty easy.

Honestly, [the deployment] is a one-man show. That is also a really good point about it because it can be done by one person all the way. It does not take too many people for you to get the ball rolling, which is a great part. And that really helps us because one person can handle the whole process.

I'm a senior network engineer with a security background, so I do know what I needed. But a senior help desk engineer can also get this thing done. You don't have to be a senior network engineer or [have] any higher degree in software to understand the product. That is really good about it. Any new person who is just trying to get into the field can learn about it and get going with this process pretty quickly. It's pretty user-intuitive.

Because we do see the value of what it's bringing, I think they have priced it well. I understand we have to go through a different licensing process to get this solution, but at the end of the day, the headaches [associated with that], if you were to put it into some kind of a number, it's priced completely reasonably and well as a product. You cannot contemplate the amount of time it takes, sometimes, to fix a problem, and that's already too late. I feel the value of the software is reasonable for what it does.

We looked into McAfee back in the day, and Windows Defender, and all different [kinds of] antivirus software, but we end up landing on AMP because of that connectivity with the cloud and instant connection to other resources. That really helped as the driving force to select this as our tool.

Our primary use case is general antivirus protection.

This product was deployed to a number of Windows machines, and we also have a VMware environment.

The product gives greater visibility of malware being downloaded by my clientele. In a more general fashion, Cisco Secure Endpoint has helped to prioritize threats. It has allowed us to make more effective use of our security team members.

Another advantage is that it has improved the effectiveness of our security options. We now have better response times when dealing with outbreaks.

We have decreased our time to detection, although it is difficult to say by how much because we weren't detecting all of the malware in the past.

It is reasonably easy to remediate issues using Cisco Secure Endpoint. In part, this is because I don't have to visit the physical machines to remediate them. As such, the time it takes for remediation has been decreased. 

This solution accelerates threat hunting by automatically promoting endpoint incidents to the Cisco SecureX platform, which is something that is fairly important to us.

Our systems are monitored by this product, and if threats are detected then the systems are shut down before problems arise. This is something that is fairly important to our organization.

This product has issues with the number of false positives that it reports. Especially when updates are released for Chrome, many detections report a virus when it really wasn't.

Another problem that I notice is that Outlook 2016 creates cache files of attachments, and when this product detects them as malware, it can't delete them. I assume this is because Outlook still has the file open. This means that I get notices about the issue but I can't do anything about it until later, after Outlook has closed them. This may not be Cisco's fault as much as it is Microsoft's fault.

I have been working with Cisco Secure Endpoint for less than a year.

In my experience, this product is very stable.

This is a fairly scalable solution.

We deployed it to all of our Windows devices. A team consisting of fewer than 10 people receives alerts from the product when there is an issue. The team will follow up on the incidents and any remediation.

At this point, we have no plans to increase our usage.

I have not needed to use Cisco technical support for this product. I am usually happy with their support, so I'm assuming that for this product it will be roughly the same.

Prior to using this product, I did not have other agents in place to handle the same job. We had implemented Microsoft Defender for Endpoint but that doesn't really have any reporting tools.

We switched away from Defender because we needed better visibility. There really wasn't any.

The initial setup was fairly straightforward. It might have been complex for somebody that hasn't been doing this type of thing for as long as I have. For example, not a lot of people understand deploying things via group policies. In my case, however, I have a lot of experience and it wasn't complicated.

The deployment was done in-house, by me. I did not use any external help for the implementation.

We purchased the product through a reseller, CDW, and our experience with them was straightforward. There were fairly easy to deal with.

It does not require regular maintenance or monitoring. I receive alerts when they happen but I don't actively monitor it. When an alert happens, an email is sent to a small team of fewer than 10 people.

The pricing and licensing fees are okay. As a school, we do not have quite as much funding as a private business might. I wish that there were more of a discount available for educational uses.

Before choosing Cisco Secure Endpoint, we didn't thoroughly investigate or evaluate other options. We are a Cisco shop and we generally lean toward using Cisco products.

My advice for anybody who is considering this solution is that all of their security products should come from the same vendor. This way, your dashboard can be set up to monitor all of them. In my case, because we're a Cisco shop, this product makes sense for us.

The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected.

I would rate this solution an eight out of ten.

Cisco Secure Endpoint has improved our speed of response and the level of confidence we have that we are in good shape or are not in good shape.

Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts.

I've been using Cisco Secure Endpoint for three years.

It's very stable.

We haven't had any issues at all with the scalability. We're a global enterprise with between 1,500 and 1,700 users and we use it on servers, Macs, and PCs.

The technical support is good.

We've already got SHI and Cisco reps on top of us, and that's a lot of the reason why everything is so good.

Positive

We were looking to replace Microsoft Defender, which really just wasn't cutting it. Before Defender, we used Kaspersky. We needed to go to an EDR solution and we were already a Cisco-centric company, so it made sense to go into a unified environment.

It was straightforward. We just rolled out the agent to all the endpoints. It took just a couple of people, one security person and one person for the tool that pushed it out to Windows devices.

If I didn't have someone else taking care of the licensing, I would say that the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out.

There are a lot of pieces that roll into the pricing issue. For Cisco Secure Endpoint, with our Cisco EA, the pricing seems reasonable compared to the others. But when we get to solutions like Duo and we think that with our Microsoft agreement their MFA is "free," it's not exactly free. But without our EA, Duo would cost so much more. It feels a little bit like nickel and dime sometimes, but I get it.

We looked at CrowdStrike and Carbon Black. All the solutions had great value, but we went with Cisco because we were with Cisco for networking quite a bit. Also, our overall direction was to look at SASE, and with some of the other things, they all just started coming together. It made a lot of sense to stay in one environment for functionality.

Traditionally you'll see the industry reviews talk about Cisco Secure Endpoint as typically in Cisco environments, but I'd tell the CrowdStrike users and other folks to take a look. It's an interesting solution and it provides a lot of value.

Cyber security resilience has been extremely important for our organization. Cisco Secure Endpoint has stopped a few things. I don't know whether other avenues of defense in depth would have caught them or not, but the resilience of depth and the ability to keep moving, even after an event, keep the rest of our business productive.

The Cisco environment has been perfect. When there is an event in the news that I know my leaders are going to be reading about, in 10 minutes I can check my environment to see if I have any indicators of compromise, and I'm done.