Page 56 - CSI - Cisco Security Instroduction - BT
P. 56

Cisco Advanced Malware Protection (AMP)








                                                                                                                                               AMP Cloud



                                                                                                         2                           Retrospective

                                                                                                              AMP Dynamic              Incidents
                                                                                                            Malware Analysis      CWS PREMIUM
                                                     AMP
                                                                        AMP                                                         3
                                                                                            CTA                                                AMP
                                                                             1
                                                                             Dynamic                Layer 1                                CTA
                                                                                                                                                    Layer 2
                                                                            Malware                                                      Retrospection                                CTA      Layer 3
                                                                                   AMP File
                                                Policy             AV        Analysis                     OI
                                                      File Reputation             Reputation       Anomaly                 Trust                  Event            Entity modeling              Relationship modeling
                                                                                                  detection              modeling              classification
                                                                               File  File Unknown!
                                                                          Retrospection




                                       Know                     Understand                  See everywhere               Determine                Learn
                                       where it                 how it entered              that it has been             what it has              how to
                                       all started              the system                                               done                     stop it


                                            AMP delivers point-in-time, continuous and retrospective security




          59
   51   52   53   54   55   56   57   58   59   60   61