4. Endpoint Security, Authentication Integrated
Cisco has more closely stitched together its AMP (Advance Malware Protection) for Endpoints and Duo multi-factor authentication capabilities, meaning that AMP can now notify Duo if it sees malware on an end user device, according to Reed. If an end user device is potentially compromised, Reed said Duo is able to change the application access policy as soon as it’s notified of the potential issue by AMP.
Augmenting the access policy means that Duo can now take advantage of the malware and endpoint health visibility provided by AMP for Endpoints, Reed said. This is an improvement over how things have worked up until now, where Reed said any issues in AMP for Endpoint would require an administrator or SOC analyst to first spot the alert and then manually change the authentication policy for that customer.
Now that the products communicate automatically, Reed said there’s no time gap between when malicious activity is spotted on the endpoint and when the user’s authentication policy has been modified. Tying together application access and Cisco’s endpoint security offering means that customers are now staying secure at the speed of machines rather than the speed of people, according to Reed.