Free Delivery!
CLOUDIFI PTY. LTD.  1300-853-512

AMP Threatgrid - New Anti-Malware on MX

Industry-leading dynamic threat analysis and cloud sandboxing for Meraki MX

Whenever a file is downloaded through a Meraki MX with Cisco Advanced Malware Protection (AMP) enabled, that file’s signature will be looked up against AMP’s large cloud database; however, the file’s evaluation may return as “unknown”. AMP is capable of retrospectively alerting administrators if such a file is later determined to in fact be malicious with the help of the global AMP cloud. This provides security teams with the necessary insight to take action to quarantine a threat before it spreads.

With our newly released support for Threat Grid, administrators now have the powerful option to send these unknown file types directly to the Threat Grid cloud for immediate analysis. Once received, Cisco Threat Grid will execute the file in a virtual environment and will then analyse the file for over 825 behavioural indicators that may suggest whether or not the file is malicious. If a file is in fact determined to be malicious, Threat Grid will immediately alert all network administrators, and armed with a new signature, AMP will also block any new attempts of the threat from being downloaded. What’s more, if the file is malicious, Threat Grid’s analysis results will also be distributed via the global AMP cloud so that all other subscribers around the world receive the new threat signatures. With record-breaking threats like the recent Wannacry Outbreak, this is an important, powerful tool to have in any organisation’s arsenal, and instrumental in contributing to the prevention of zero-day exploits around the world.

meraki-tg-2

Example of a downloaded file that was initially permitted, but later determined by Threat Grid to be malicious

We’re incredibly excited to announce the availability of Threat Grid on the Meraki MX as it provides the absolute latest in dynamic malware analysis and a deep, beneficial integration with Cisco’s broader security services. Threat Grid for MX is available as an additional subscription to any Meraki MX* (except for MX400 or MX600 at this time) with Advanced Security license. To find out more, please contact us and ask about Threat Grid sample packs.