Configure Pop-Up Notification in Cisco Secure Endpoint

Available Languages

Download Options

  • PDF     (155.2 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (200.5 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (222.8 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:November 12, 2021
Document ID:215995

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes how to configure Pop-Up notifications when Cisco Secure Endpoint detects a malicious file.

    Contributed by Javier Martinez, Cisco TAC Engineer.

    Prerequisites

    Requirements

    Cisco recommends you have knowledge of these topics:

    • Cisco Secure Endpoint Console dashboard
    • An account with administrator privileges

    Components Used

    The information in this document is based on Cisco Secure Endpoint version 6.3.7 and above.

    The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

    Configure

    Cisco Secure Endpoint can send a Pop-Up alert in the Endpoint about the main Secure Endpointengines when it detects, blocks, or quarantines a file/process.

    Step 1. Log in to AMP Console; https://console.amp.cisco.com/ as shown in the image.

    Dashboard

    Step 2. Navigate to Management > Policies (select the policy) >Advance settings > Client User Interface.

    Engine Notifications is disabled by default as shown in the image.

    console

    Step 3. Mark Engine Notifications checkbox as shown in the image.

    Engine Notifications

    Step 4. In order to apply the new changes, navigate to Desktop > OpenCisco Secure Endpoint and select Settings, as shown in the image.

    Settings

    Step 5. Click on Sync Policy and select OK, as shown in the image.

    GUI policy sync

    Verify

    Use this section in order to confirm that your configuration works properly.

    When the Secure Endpoint engine quarantines a file/process, you can see a pop-up notification on the desktop, as shown in the image.

    connector notification

    Note: This configuration applies to all devices that belong to the Policy.

    Troubleshoot

    This section provides the information you can use in order to troubleshoot your configuration.

    In case Secure Endpoint does not trigger a Pop-Up notification, you can see an Alert Event on Secure Endpoint Console.

    Navigate to Cisco Secure Endpoint Console > Dashboard > Events,as shown in the image.

    event

    If there is not a pop-up Notification in the Endpoint or Alert Event in Secure Endpoint Console, please contact Cisco Support.
    Cisco Support: Visit the online portal at http://cisco.com/tac/caseopen or Phone: Regional free phone numbers: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html

    Revision History

    Revision Publish Date Comments
    2.0
    12-Nov-2021
    Updating content
    1.0
    09-Sep-2020
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Jesus Javier Martinez
      Cisco TAC Engineer

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products