Secure Endpoint User Guide - Cisco

Secure Endpoint User Guide

Last Updated: March 24, 2023

Cisco Systems, Inc.

2

Table of Contents

Table of Contents

Chapter 1: Chapter 2:

Dashboard............................................................... 13

System Requirements .............................................................................................. 13

Menu ....................................................................................................................... 13 Organization Switcher ................................................................................ 14 Connect SecureX ....................................................................................... 14 Dashboard.................................................................................................. 14 Analysis...................................................................................................... 14 Outbreak Control ........................................................................................ 15 Management .............................................................................................. 16 Accounts.................................................................................................... 16

Threat Severity ........................................................................................................ 17

Dashboard Tab ........................................................................................................ 17 Filters ......................................................................................................... 18 Compromises ............................................................................................. 18 Quarantined Detections .............................................................................. 22 Vulnerabilities ............................................................................................. 24

Inbox Tab................................................................................................................. 24

Overview Tab........................................................................................................... 27

Events Tab ............................................................................................................... 29 Filters and Subscriptions ............................................................................ 29 SHA-256 File Info Context Menu................................................................ 30 Event List.................................................................................................... 30 Behavioral Protection Event ........................................................................ 31

iOS Clarity Tab......................................................................................................... 31 Content Alerts ............................................................................................ 32 Recently Observed Apps ............................................................................ 32 Unseen Devices ......................................................................................... 34

Outbreak Control ..................................................... 35

Custom Detections - Simple.................................................................................... 35

Custom Detections - Advanced ............................................................................... 36

Custom Detections - Android .................................................................................. 37

Application Control - Blocked Applications.............................................................. 38

Application Control - Allowed Applications.............................................................. 39

Network - IP Block & Allow Lists.............................................................................. 39 IP Block Lists.............................................................................................. 40 IP Allow Lists.............................................................................................. 40 IP Isolation Allow Lists ................................................................................ 41 Creating IP Block and Allow Lists ............................................................... 41 Editing IP Block and Allow Lists .................................................................. 41

Version 5.4

Secure Endpoint User Guide

3

Table of Contents

Chapter 3: Chapter 4: Chapter 5:

Device Control......................................................... 43

Device Control configurations and rules................................................................... 43 Create a Device Control configuration ........................................................ 44 Add a rule to the configuration ................................................................... 44 Device Control permissions ........................................................................ 45 Add a Configuration to a Policy .................................................................. 46

Known Issues and Limitations .................................................................................. 46

Exclusions ............................................................... 47

Custom Exclusions................................................................................................... 47 Exclusion Types.......................................................................................... 48

Cisco-Maintained Exclusions ................................................................................... 52

Antivirus Compatibility Using Exclusions .................................................................. 52 Creating Exclusions in Antivirus Software ................................................... 52

Policies.................................................................... 54

Policy Summary ....................................................................................................... 54

Secure Endpoint Windows Connector Policy............................................................ 55 Windows Connector: Required Policy Settings ........................................... 55 Windows Connector: Other Policy Settings ................................................ 58 Windows Connector: Device Control .......................................................... 59 Windows Connector: Product Updates ....................................................... 59 Windows Connector: Advanced Settings.................................................... 60

Secure Endpoint Mac Connector Policy ................................................................... 69 Mac Connector: Required Policy Settings ................................................... 69 Mac Connector: Other Policy Settings ........................................................ 72 Mac Connector: Outbreak Control .............................................................. 72 Mac Connector: Product Updates............................................................... 72 Mac Connector: Advanced Settings ........................................................... 73

Secure Endpoint Linux Connector Policy.................................................................. 80 Linux Connector: Required Policy Settings ................................................. 80 Linux Connector: Other Policy Settings....................................................... 83 Linux Connector: Outbreak Control............................................................. 83 Linux Connector: Product Updates ............................................................. 84 Linux Connector: Advanced Settings.......................................................... 85

Secure Endpoint Android Connector Policy.............................................................. 91 Android Connector: Required Policy Settings ............................................. 91 Android Connector: Other Policy Settings .................................................. 91

Network Policy......................................................................................................... 92 Network Policy: Required Policy Settings.................................................... 92 Network Policy: Other Policy Settings......................................................... 92

Secure Endpoint iOS Connector Policy .................................................................... 92 iOS Connector: Required Policy Settings .................................................... 93 iOS Connector: Other Policy Settings ......................................................... 93

Version 5.4

Secure Endpoint User Guide

4

Table of Contents

Chapter 6: Chapter 7:

Chapter 8:

Groups .................................................................... 95

Configuring the Group ............................................................................................. 95 Name and Description ................................................................................ 95 Parent Group Menu .................................................................................... 95 Policy Menus .............................................................................................. 96 Child Groups .............................................................................................. 96 Adding and Moving Computers .................................................................. 96

Deploying Connectors ............................................. 97

Download Connector ............................................................................................... 97 Secure Endpoint Windows Connector ........................................................ 97 Secure Client.............................................................................................. 98 Secure Endpoint Mac Connector ................................................................ 98 Secure Endpoint Linux Connector............................................................... 98 Secure Endpoint Android Connector .......................................................... 99

Deploy Clarity for iOS ............................................................................................ 100 Meraki ...................................................................................................... 100 Workspace ONE ....................................................................................... 101 MobileIron ................................................................................................ 102 Other MDMs ............................................................................................. 102

Deployment Summary............................................................................................ 103

Computer Management ......................................................................................... 103 Kenna Risk Score ..................................................................................... 104 Save and Manage Filters .......................................................................... 104 Computer Management: Connector Diagnostics....................................... 105 Computer Management: Secure Endpoint iOS Connector......................... 106

Secure Endpoint Windows Connector.................... 107

System Requirements ............................................................................................ 107

Incompatible Software and Configurations............................................................. 108

Configuring Compatibility for Antivirus Products .................................................... 108

Firewall Connectivity.............................................................................................. 108 North America Firewall Exceptions ........................................................... 109 European Union Firewall Exceptions ......................................................... 109 Asia Pacific, Japan, and Greater China Firewall Exceptions ...................... 110

Proxy Autodetection .............................................................................................. 111

Installer.................................................................................................................. 112 Interactive Installer ................................................................................... 112 Installer Command Line Switches ............................................................. 112 Installer Exit Codes................................................................................... 115 Cisco Security Monitoring Service ............................................................ 115

Connector User Interface....................................................................................... 115 Scanning .................................................................................................. 115 Settings.................................................................................................... 116 Command Line Interface .......................................................................... 116

Version 5.4

Secure Endpoint User Guide

5

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download