AMP on MX now available in open beta

Get a sneak peek at what Cisco Advanced Malware Protection brings to the MX Security Appliance!

As many IT professionals already know, the Internet can be a dangerous place. The unfortunate reality is that not everyone out there just wants to show you adorable cat pictures. With the threat landscape continuing to evolve and the number of Internet-connected devices growing faster than ever, it has never been more important to have powerful security tools at your disposal to prevent malicious software from compromising your network.

It is with that in mind that the Meraki development team and the Advanced Malware Protection (AMP) development team have been hard at work to bring the best anti-malware solution in the industry to the MX Security Appliance. This integration will allow network and security administrators to take advantage of AMP’s global threat intelligence database alongside the unparalleled ease of use and powerful feature set of the Meraki MX.

Not only does the AMP database include over 500 million known files, it receives over 1 million new malware samples per day.  Between file sandboxing, a variety of industry threat feeds, and the diligent work of our Talos threat intelligence team, we ensure that AMP customers are protected against even the most cutting-edge malware.  You can learn more about AMP here.

So what does the AMP on Meraki MX integration add from a functional perspective?  Here’s the breakdown of what’s new in the beta:

AMP file scanning: the “Malware detection” selector on the Security Filtering page in Dashboard now enables AMP.  When AMP is enabled, downloaded files will be checked against the global AMP database to ensure that they are not malicious before they are allowed to enter the network.

New Security Center reporting page: to ensure that you have the latest information about malicious files or attacks on your network, we’ve completely overhauled the Security Reports page into the new Security Center.  This page combines information from both the IPS and anti-malware features to give a holistic view of network security.  We’ll have a separate blog post specifically about the use and capabilities of the Security Center coming soon, so keep an eye out for that.

Retrospective alerting: no solution, no matter how powerful, can detect 100% of all malware.  However, with retrospective alerting administrators will be notified retroactively of malicious files entering the network even when those files were not known to be malicious at the time.  Through the Security Center, administrators can determine which clients downloaded the malicious file and take corrective action.

Threat Grid sandboxing (coming soon): stay tuned for another update in the coming months about integration with Cisco’s Threat Grid malware sandboxing solution, which allows administrators to send unknown files to either a cloud or on-premises sandbox so that it can be executed safely in a virtual environment and inspected for malicious content.  Threat Grid integration is not part of the current beta.

Here’s the best part: if you have an Advanced Security license, you can try out AMP on MX for yourself right now.  Simply reach out to our Support team and ask to be added to the AMP beta, and they’ll work with you to schedule a time to perform the upgrade. Over 1000 MXs are currently running AMP, and the feedback we’ve gotten from that initial beta pool has been phenomenal. We want your feedback too, so if you’re interested in having these great new capabilities on your MX, give us a call!  Don’t forget that you can always opt in to this and future betas by checking the “Try beta firmware” box on the Network-wide>General page in your Meraki Dashboard.