How to Configure Malware Protection

This topic summarizes the steps you must take to set up your system to protect your network from malicious software.

Procedure

Step 1	Plan and Prepare for Malware Protection
Step 2	Configure File Policies
Step 3	Add File Policies to Your Access Control Configuration
Step 4	Configure network discovery policies to associate file and malware events with hosts on your network. (Do not simply turn on network discovery; you must configure it to discover hosts on your network to build a network map of your organization.) See Network Discovery Policies and subtopics.
Step 5	Deploy policies to managed devices. See Deploy Configuration Changes.
Step 6	Test your system to be sure it is processing malicious files as you expect it to.
Step 7	Set Up Maintenance and Monitoring of Malware Protection

(Optional) To further enhance detection of malware in your network, deploy and integrate Cisco's AMP for Endpoints product. See (Optional) Malware Protection with AMP for Endpoints and subtopics.