Cisco Secure Endpoint (AMP)-Endpoint Isolation Requirements

This document provides the requirement that needed to be met to use the endpoint isolation feature within Cisco Secure Endpoint.

Endpoint isolation is a feature that lets you block incoming and outgoing network activity on an endpoint to prevent threats such as data exfiltration and malware propagation. Endpoint isolation sessions do not affect communication between the connector and the Cisco cloud. There is the same level of protection and visibility on your endpoints as before the session.

Cisco Secure Endpoint Connector Version

In order to leverage the endpoint isolation feature the Cisco Secure Endpoint connector running must be:

  • Secure Endpoint Windows connector 7.0.5 and later on x64. 
  • Secure Endpoint Windows connector 8.4.4 and later on ARM.
  • Secure Endpoint Mac connector 1.21.0 and later.
  • Secure Endpoint Linux connector 1.27.0 and later.

 

Enable Endpoint Isolation in Cisco Secure Endpoint Policy

Follow the following steps to enable endpoint isolation in your policy.

  1. Navigate to "Mangement->Policy"
    navigate
  2. Find the policy and click on the "pencil" to edit the policy
    find and edit
  3. Check the "Enable Endpoint Isolation" checkbox (add in IP allow list if needed) and click "Save"
    config

 


Keywords:
cut off IP access isolate computer secure endpoint amp cisco secure endpoint 
Doc ID:
156815
Owned by:
Jennifer K. in Cybersecurity Testing and Cyber Defense
Created:
2025-11-19
Updated:
2025-11-19
Sites:
Cybersecurity Operations Center, Cybersecurity Testing and Cyber Defense, Office of Cybersecurity