WWT's Cisco AMP for Endpoints Lab exists to provide a sandbox environment that can be used to evaluate the Cisco solution suite across a wide variety of endpoints, including both Windows and Unix-based operating systems. There is also an attack machine, running Kali Linux, with which to test the efficacy of these tools using benign, non-weaponized malware.
Next-generation endpoint security is the integration of prevention, detection and response capabilities in a single solution, leveraging the power of global threat intelligence and cloud-based analytics. Cisco Advanced malware Protection (AMP) for Endpoints is a lightweight connector that works on your Windows, Mac, Linux, Android and IOS devices. It can use the public cloud or be deployed as a private cloud.
AMP continuously monitors and analyzes all file and process activity within your network to find and automatically eliminate the riskiest 1% of threats that other solutions miss. AMP never loses sight of where a file goes or what it does. If a file that appeared clean upon initial inspection ever becomes a problem, AMP is there with a full history of the threat’s activity to catch, contain and remediate at the first sign of malicious behavior.
You will access the environment using a Windows-based jumphost from which you can browse web consoles, open RDP/SSH sessions, etc. See the topology diagram above and to the right.