We have a customer using a locked down environment using Endpoint Security with ATP / DXL.
The design is setup accordantly and all nodes are managed. They receive amCore content updates successffuly on daily basis and we make sure that we monitor content updates since it is a crucial part.
I'm at the point where I need to compare what functionality Of ENS/Atp that might not work properly and what works. I have pretty good idea/overview but I want to review it again. Since it will lean entirely on local AmcOre for signatures and DAC in ATP what functions might we not rely on entirely that is need for internet connection ? Thinking if it is necessary to shut down certain function in Oas policy of there is no internet connection, Like "McAfee GTI, Enable Mcfee GTI" in In-Access policy for Threat prevention. Etc etc.
Please feel free to reference to KB that might help in above case for a summarization.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.