Cisco Secure Endpoint
At our university, Cisco Secure Endpoint is provided as an endpoint security solution for work devices. This software offers protection against viruses, Trojans, ransomware and other malware.
You can use the software on your work device free of charge. Please understand that for cost reasons we can no longer provide an endpoint security solution for employees' and students' private devices, but only for work devices owned by the university.
The configuration of the product is automatically handled by the RRZK/ITCC and cannot be customized by end users. Cisco Secure Endpoint reports status information about your device to the RRZK/ITCC and informs us, for example, about malware infections. In the Important information section you will find information about which data is collected and can be viewed by the responsible employees.
A specially adapted version is provided in a few areas of the university, such as the university administration. If you are unsure whether you should use the version provided here or a special version from your institute, please contact your institute's IT department upfront.
Please read the following instructions carefully before installing Cisco Secure Endpoint on your work device.
Cisco Secure Endpoint is part of the Cisco Secure Client, just like the Cisco AnyConnect Client (our VPN client). If you have installed both AnyConnect and Secure Endpoint, both programs might be displayed in the same window, depending on your operating system.
Important notes
Data processing
All devices protected by Cisco Secure Endpoint report status information to a cloud operated by Cisco, where we can view this data. This cloud is also used to transfer Cisco Secure Endpoint configurations to users, provide updates, etc.
The associated servers are operated within the EU and are subject to DSGVO and NRW data protection laws.
RRZK/ITCC employees can receive information about the security status of your device, on the one hand to be able to assess the current risk situation, and on the other hand to be able to offer you help and support. However, this does not give RRZK/ITCC employees full access or access to your stored data.
If malware is detected, we can usually delete the infected data remotely, either automatically or manually.
The data that can be displayed to authorized RRZK/ITCC employees in connection with this product includes:
- Computer name (can be freely selected and changed by the user)
- IP address (both of your local network adapters and your public IP)
- Installed operating system
- Version of Cisco Secure Endpoint
- Installation date of Cisco Secure Endpoint
- Time of the last update of Cisco Secure Endpoint and the associated virus definition data and the policies provided
- Time of the last connection to the cloud instance
- Event messages about detections and cleanups of malware
- Time of detection
- File name including the full file path of the malware
- Currently logged in user
System requirements
Please make sure your devices fulfill the following system requirements
Please make sure that you always use an operating system that is supported by security updates. Windows 8.1 and older may no longer be used and have not received any security updates for many years in some cases.
Information on Windows 10 versions that are still supported can be found here:
Support
If you need support, you can contact the RRZK helpdesk.
If you have already installed Cisco Secure Endpoint, please send us the GUID of your device. To do this, open the Cisco Secure Client and click on the gear to go to the settings. There, click on Secure Endpoint → Statistics → GUID and copy the entry with CTRL+C. Then paste the information into your email with CTRL+V. This GUID is necessary so that we can clearly identify your device.
If you are using a version of Cisco Secure Endpoint that has been customized by your institute's IT department, the RRZK helpdesk cannot offer you support. In this case, contact your institute's IT department.
Operating instructions
Cisco Secure Endpoint runs in the background and, as usual, analyzes files that users access. It is also possible to trigger the following scans separately.
- Flash scan
- Custom scan
- Full scan
- Rootkit scan
Individual files can also be scanned by right-clicking → Cisco → Scan Now.
Updates to virus definitions and the client itself are carried out automatically in the background. You can view more detailed messages, e.g. about malware detections, via Settings → Advanced → Event history.
Notes for individual PC pool/server administrators
If you manage a larger number of PCs or servers and would like to make your own special configurations in Cisco Secure Endpoint, please contact us for individual advice.
Notes for Linux users
If you are using linux on your device, please contact us so we can provide you with the correct packages for installation
Contact
If you have any questions or problems, please contact the RRZK-Helpdesk