Malware protection options

The system applies several methods of file inspection and analysis to determine whether a file contains malware.

File inspection sequence

Depending on the options you enable in a file rule, the system inspects files using these tools, in order:

  1. Spero analysis and AMP cloud lookup

  2. Local malware analysis

  3. Dynamic analysis

For a comparison of these tools, see Comparison of malware protection options.

(You can also, if you choose, block all files based on their file type. For more information, see Block all files by type.)

Refer to information about Cisco's Secure Endpoint product at (Optional) Malware protection with Secure Endpoint and subtopics.