Cisco Secure Endpoint (formerly AMP)
Cisco Secure Endpoint offers next-generation cloud-delivered endpoint protection and advanced endpoint detection and response across multidomain and multiple OSs. Cisco Secure Endpoint protects your organizations Servers, Desktops, and Mobile devices from malware. Cisco Secure Endpoint stop threats and then rapidly detect, contain, and remediate advanced threats that evade front-line defenses.
Features
- Single-agent solution that provides comprehensive protection, detection, and response capabilities
- Utilises one of the largest collections of real-time threat intelligence
- Continual monitoring detects changes in behaviour allowing for retrospective remediation
- Isolate compromised endpoints quickly and with a single click
- Dynamically analyses files to determine if they’re Safe or Malicious
- The exploit prevention engine protects you from memory injection attacks
- File & device trajectory provides a detailed breakdown of events
- Administrators can write Custom IOCs to catch new targeted attacks
- Secure Endpoint scans your endpoints for vulnerable software
- Built-in highly secure Sand-Box environment to analyse threats
Benefits
- Secure all endpoints both on and off premise
- No additional hardware requirements
- Continuous monitoring with no endpoint performance impact
- Identify and stop threats before compromise
- Intuitive dashboards and high quality reporting
- Browser based management software, always updated and centrally controlled
- Standardised policies and compliance regardless of OS
- Easily locate the source of threats with Device Trajectory
- Backed by Cisco Talos global team, new threats detected quickly
- Intuitive management whitelist trusted resources with a single click
Pricing
£5.06 a user a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
7 7 0 7 1 4 4 7 5 1 9 6 1 3 6
Contact
QUADRIS LIMITED
Mark Charity
Telephone: 01615374980
Email: gcloud@quadris.co.uk
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Cisco Secure Endpoint can be extended with Cisco Secure X, Umbrella, StealthWatch, Secure Endpoint for Networks, CloudLock, Cisco Email Security, Cisco Threat Response and various manufacturers Firewall, IDS/IPS and anti-virus systems. Cisco Secure Endpoint offers an extension to many SIEM and SOC services including Cisco Talos global threat intelligence.
- Cloud deployment model
- Hybrid cloud
- Service constraints
-
Please note that the Cisco Security Connector is required for Apple iOS devices and this may be an additional cost. Further, a third party MDM is required to enforce Cisco Secure Endpoint on iOS and Android devices. A third party MDM may also be an additional cost for the customer.
Some performance and operational features may be limited by an endpoint device manufacturer or the end device operating system but this is beyond the control of the Cisco Secure Endpoint service.
Details of any specific manufacturer constraints may be set out at:
https://www.cisco.com/c/en/us/about/legal/cloud-and-software.html - System requirements
-
- Windows Clients: Windows 8.1 / 10 and 11
- Windows Server: 2012 and above
- Apple MacOS 10.12, 10.13
- Apple OSX 10.11
- Apple iOS 11 and above (requires separate MDM)
- Android 2.1 (Éclair) to 6.0 (Marshmallow) (requires separate MDM)
- Red Hat Enterprise Linux or CentOS 6.x 7.x
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
- 07:00 - 18:00 Weekdays excluding Bank Holidays and 24x7 cover if the client has the out of hours support add-on. 1 to 4 hour response dependent on priority call, Priority 1 - (30 mins), Priority 2 - (1 hour), Priority 3 - (4 hours).
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 A
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
For Cisco Secure Endpoint we offer implementation support and transition from existing solutions to Cisco. This service can be scheduled 24 x 7 x 365 to accommodate a full range of customer operating hours.
See our pricing details for the support cost breakdown. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Quadris ensures the successful implementation of Cisco Secure Endpoint with comprehensive training services both onsite and online as required. We maintain a standard documentation pack for Secure Endpoint which is easily tailored to your specific needs.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Customers export data is performed via the manufacturer options available within the management portal. No charge or restrictions of the export of data are applicable. Data is not hidden, restricted or locked from end users that hold the correct service access privileges. Data, reports and logs will be available for export from the service in the formats and options supported by the manufacturer, Cisco. Available data formats may be subject to change by the manufacturer from time to time.
- End-of-contract process
- The service ceases with no additional cost or it can be extended on request.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Linux or Unix
- MacOS
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Cisco Secure Endpoint performs the same level of service operation and protection for onsite and on premise desktop endpoints to those endpoints deployed for mobile or remote working based team members. For example, remote laptops devices will be protected just the same as on-premise desktop endpoints. It should be noted that the Cisco Security Connector is required for Apple iOS devices. Further, a third party MDM is required to enforce on iOS and Android devices. Some performance and operational features may be limited by the endpoints manufacturer or operating system of the device as opposed to by the Endpoint service.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
-
Web based control panel for deployment management and service configuration. The portal also provides extensive reporting and usage data as well as policy enforcement reporting.
Cisco offers dashboard views, granular end user and end device visibility, such as versions of end user device operating system, and associated vulnerabilities, risks and patching or update requirements.
These actionable dashboards built into Cisco Secure Endpoint enable streamlined management and efficient support of the service across all end users. - Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- This is provided by the third party vendor, Cisco.
- API
- Yes
- What users can and can't do using the API
- The API is provided via an open framework to allow for integration into other threat management and threat intelligence platforms. Details of the API can be provided on request from Cisco, the manufacturer of the cloud software service.
- API documentation
- Yes
- API documentation formats
-
- HTML
- API sandbox or test environment
- No
- Customisation available
- No
Scaling
- Independence of resources
-
Cisco offer an availability SLA for their Endpoint software application service as further defined in this service offering. The architecture of Endpoint is highly scalable, running across multiple 3rd party data centers around the world for each region (US, Europe, etc).
Performance of Cisco Secure Endpoint continues to operate with up-time in at least the high 99.98%.
For more details visit https://ciscoamp.statuspage.io/
Analytics
- Service usage metrics
- Yes
- Metrics types
-
A range of flexible service metrics reports and dashboards are available as part of the service.
Service usage data can also be output to other correlation, alerting and management systems, including many SIEM and SOC platforms and applications.
Cisco Secure Endpoint is available directly from Quadris via this service offering or as part of our G-Cloud Service "Quadris Cloud Security Service". - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Cisco
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- The Cisco Secure Endpoint control panel allows administrators to export and manage user data without additional charges. Exporting of data is provided to the customer on both a self service and as required basis. Data, reports and logs will be available for export from the service in the formats and options supported by the manufacturer, Cisco
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- HTML
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
Cisco will use commercially reasonable efforts to maintain Cisco Cisco Secure Endpoint availability of 99.999%
of each calendar month.
Any Service Level Agreements (SLAs), availability guarantees and any service credit models will form part of the manufacturers terms, which may change from time to time and can be found at: https://www.cisco.com/c/en/us/about/legal/cloud-and-software/cloud-terms.html. - Approach to resilience
- Available on request.
- Outage reporting
- Service outages are reported in a variety of ways. High level public dashboards of Cisco cloud services can be viewed at https://www.cisco.com/c/en/us/support/web/cloud-status.html. Further detailed service outage information may be available to customers via their specific service portal access. Automated email alerts and progress updates of a range of possible service outages or service matters are provided for each Cisco cloud service.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
- Cisco Secure Endpoint operates a role based application security model together with optional MFA authentication for each user. System access is controlled by these roles which are in turn applied to groups of users to control what if any management access they have.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Alcumus ISOQAR
- ISO/IEC 27001 accreditation date
- 07/01/2016
- What the ISO/IEC 27001 doesn’t cover
- None
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- Self Certified
- PCI DSS accreditation date
- 15/06/2019
- What the PCI DSS doesn’t cover
- All card related activities are covered
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- NHS Data Security and Protection Toolkit
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Quadris holds the following certifications that govern our security policies and processes: ISO27001, Cyber Essentials Plus, PCI DSS (self certified) and NHS Data Security and Protection Toolkit. Security incidents are monitored and reported in real time. Security is managed via weekly management and monthly board meetings.
Policy adherence is audited internally and externally via independent third party security specialists.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Our Change Management process is designed around the ITIL standard and supported by our Change Management system. All changes are detailed by our engineers, including the assets affected, the reason for the change, proposed scheduled time, risk and risk mitigation analysis and actions including the impact of change on the backup and security systems. Detailed implementation, testing and backout plans must be defined for each change. All changes must be approved by Quadris and the customer’s CAB team or individual. All configuration changes are tracked through the same system and made available via email and our self-service portal.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We operate an internal and external vulnerability testing toolset on a weekly basis to identify vulnerabilities so they can be remediated immediately. An independent CREST, CISSP accredited security specialist conducts PEN tests of our network annually. Patch management operates in accordance with our ISO27001 certified Patching Policy to ensure all relevant devices are routinely patched against an effective schedule. We deploy a specialist patching application which automatically updates third party applications, such as Chrome, Adobe Reader etc. Zero-day threats are monitored continuously via a specialist security service provider and actioned immediately.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Quadris runs security software on all endpoints configured to alert our security operations team when any potential threats are detected. We use next generation firewalls with IPS and analysis software to alert on any suspicious external traffic. Our monitoring capability is 24x7x365 and all potential security compromises are actioned immediately. All security incidents are logged in our service desk system and reported to management on a weekly and monthly basis. We operate a detailed security incident management process to effectively diagnose, contain, resolve each logged incident, including definition of any further preventative actions.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Quadris operates an Incident Management (IM) process for failures or degradation to services, aligned to the ITIL standard. Our IM process includes impact analysis to determine the severity of the incident which has SLA backed response times. Where the cause of an incident is not diagnosed within 30 minutes the incident is automatically escalated to our incident escalations team with senior technical expertise in the related technology. Our IM process includes steps for developing workarounds to protect customers mission critical processes, including invocation of disaster recovery services and post incident review.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Quadris has been a carbon neutral organization since the 1st of April 2020 and aims to be carbon zero by 2040. To achieve this target, we have implemented a Sustainable Development policy that commits Quadris to have a carbon reduction plan in place. As we work towards our 2040 zero carbon goal, we have from 1st April 2020 been carbon net zero (or carbon neutral) in our own operations. We’ve done this by investing in verified carbon reduction projects overseas to offset our own emissions. Our Carbon Net Zero plan is aligned to the PAS 2060 specification for detailing how to demonstrate carbon neutrality which is produced and published by the British Standards Institute (BSI).
Emissions are reported and recorded in accordance with the published reporting standard for Carbon Reduction Plans and the GHG Reporting Protocol corporate standard1 and uses the appropriate Government emission conversion factors for greenhouse gas company reporting. Scope 1 and Scope 2 emissions have been reported in accordance with SECR requirements, and the required subset of Scope 3 emissions have been reported in accordance with the published reporting standard for Carbon Reduction Plans and the Corporate Value Chain (Scope 3) Standard.
We set ongoing initiatives for reducing our carbon emissions each commitment period which runs in parallel to our financial year and reporting on these initiatives annually.
Our carbon reduction plans for each year are available here: https://quadris.co.uk/carbon-net-zero/ - Covid-19 recovery
-
Covid-19 recovery
Quadris is committed to supporting local communities to recover from the impacts of COVID-19. At the heart of our social values and business planning is that we met and continue to meet and exceed, the ‘Good Work Plan’ recommendations (Taylor Review 2017) in advance of its publication and introduction into legislation in 2020. This includes the following COVID-19 recovery activities.
Recruitment & Employment:
Priority given to eligible unemployed applicants to join our workforce since 2020.
Agile working offered since 2020.
Above market median salaries, and a competitive value-add benefits package reviewed annually benchmarked against CIPD data .
Patterning with local Community Colleges and Universities to offer employment opportunities.
Apprenticeship partnering (Programme-led).
Health & Well-Being:
COVID education and risk assessment.
Access to free health supplements and fresh fruit.
Best practice line management in supporting health conditions through measures such as return to work meetings and alignment to CIPD & HSE best practices.
Provision for supporting Long-COVID through flexible and agile working options.
Rapid collaboration across the business to ensure employees children had access to laptops for education continuity during home schooling and beyond.
Workplace conditions:
Safe, open plan offices with safe working practices.
Home working options available, with full H&S risk assessment.
Workplace restructuring to new hybrid models of working.
Supporting Organisations & Business :
Free support provided to various UK NHS trusts during COVID to enable them to meet the changing demands and pressures faced in the HealthCare sector.
Launched our Managed Digital Workspace service offering enabling organisations to operate successful remote working practices.
Products and services sourced locally wherever possible, across a range of SME’s to invest back into our local economy’s recovery plan.
Fair payment terms.
Use of suppliers that are ethically like-minded. - Tackling economic inequality
-
Tackling economic inequality
Quadris is committed to working with people and businesses to create employment opportunities that stretch and challenge, resulting in high quality career development, positive social engagement, and a sense of value in the wider economy. In addition, we purposefully seek out and encourage local, small, diverse high-quality suppliers as part of our procurement approach, and treat our suppliers fairly through fair terms and conditions, and prompt payment practices. We pride ourselves on strong links with local college and university career hubs, offering opportunities for work in the IT sector that can help to kick start careers for the inexperienced. We work very closely with local training providers to source externally accredited courses, and engage with them for our Apprenticeship placements. We operate the following activities focused on tackling economic inequality:
Focus on local sourcing and attraction, with priority given to eligible unemployed applicants to join our workforce wherever possible, encouraging return to work applicants since 2020; partnering with local Community Colleges and Universities to offer employment opportunities; development of employment and skills through Personal & Professional Development planning; financial support for Industry recognised skills shortage technical and digital qualifications; financial advice for all employees joining; Apprenticeship partnering (Programme-led); work placements/work experience programmes; Diversity & Inclusion and all other policies aligned with Equality Act 2010 & EHRC; clear anti-harassment and anti-bullying policies underpin our workplace culture of inclusion; developing our relationship with BiTC (Business in the Community) in community-based volunteering opportunities; aligning with our staff social well-being. - Equal opportunity
-
Equal opportunity
Quadris is proud to be a diverse and representative organisation that challenges itself and its staff to do all it can to ensure that diversity and inclusion is embedded in our ways of thinking, and in our ways of working. Through recruitment, to the development and promotion of our people we encourage opportunity for all to shape the future of Quadris’ professional and specialist levels of expertise. We value different skill sets, perspectives, and backgrounds and this is reflected in our Core Values around teamwork, and knowledge and learning. We take pride in ensuring we can deliver the best possible outcomes to our customers through staff that feel empowered to be the best version of themselves and feel respected, valued and included which in turn, we believe, unlocks their true potential as individuals and our potential as an organisation. By continuously increasing the diversity of our teams we encourage a culture of empowerment, continuous learning, creativity, a sense of ownership and responsibility, wider thinking, and collaborative working. We achieve this position through: ensuring recruitment practices are inclusive with regard to socio-economic diversity, and accessible by supporting reasonable adjustment requirements; voluntarily collecting data on the backgrounds of those who apply to, and make up Quadris’ workforce; investment and commitment to apprentice upskilling into digital & technology-based careers, whilst also supporting functional skills achievements; addressing the gender imbalance in technology, by increasing our female headcount % of the workforce; increasing our ethnic minority representation; actively attracting female STEM Graduates into our business. All our operations must take place in accordance with policies we have for: Equality & Diversity Policy; Modern Slavery Policy. - Wellbeing
-
Wellbeing
Well-being is integrated into our organisation, and embedded in our culture, our leadership, and our people management. We pride ourselves on recognising we are a ‘people’ business and looking after our employees which is achieved through the following areas and activities.
Good Work: effective people management policies; clear job roles and key deliverables for each employee; externally accredited Employee Assistance Programme for all staff to support them with their health; personal, physical, mental and emotional, their relationships, their lifestyle and their financial well-being.
Health & Lifestyle: access to free health supplements and fresh fruit to improve health and relieve pressures on health services; encouraging physical fitness as well as mental fitness as part of our culture; social ‘activity based’ events for employees; commitment to Mental Health at work initiative.
Values//Principles: values based leadership and company vision; encourage openness, empowerment and autonomy through our leadership approach; company core-values that support trust, respect and encouragement across colleagues woven into the fabric of our business; Diversity & Inclusion and all other policies aligned with Equality Act 2010 & EHRC.
Collective/Social: ‘employee voice’ formal staff survey and reporting and action planning against this output into continuous improvement plans; social calendar of Quadris funded staff and family events.
Personal growth: Career Development Planning – mentoring, coaching, performance management, development plans, succession planning.
Financial
Financial advice for all employees joining us; life assurance provision;
Pay & Reward; Above market median salaries, and a competitive value-add benefits package reviewed annually and benchmarked against current market CIPD data; all salaries (excluding Apprentices) maintained above the voluntary National Living wage.
Pricing
- Price
- £5.06 a user a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- 14 day full feature trial is available subject to third party vendor availability and maybe for a limited number of users /devices only.