Advanced Malware Protection (AMP)

Also appears as Malware protection and monitoring

What is Advanced Malware Protection (AMP)?

In accordance with UCLA Policy 401, "Minimum Security Standards for Network Devices, we provide our community with layers of defense.  

Our Security Team centrally manages and monitors Advanced Malware Protection (AMP) technology, enhancing its built-in defensive capabilities.  

Instead of just scanning for pattern signatures and behaviors, AMP tracks and eliminates malware that enters our system.  

The technology continuously analyzes activity on computers and across the network in order to quickly block and quarantine harmful files. 

Access type:

  • Staff provided
  • Fully subsidized


Ask a question: 310-267-CARE

Good news! If you’re using a school-issued computer, it should already be running AMP.
Give our 7-Care team a call to confirm your device has up-to-date AMP. 

Ask a question: 310-267-CARE


Security team 

Safeguarding data to support important work

We work in collaboration with Information Services and Solutions (ISS) to maintain the highest level of IT security. Our technology and expertise keep data secure and systems and networks operational.

Adhering to industry standards, university-wide policies, and government regulations, we work proactively to avoid breaches by reducing the risk of compromise to institutional data, systems, and networks.

Meet the team


Service frequently asked questions

Do I need AMP?


Yes! UCLA Policy 401, "Minimum Security Standards for Network Devices," requires it:“Anti-malware software for any particular type of operating system must be running and up-to-date on every Device*, including clients, file servers, and mail servers. Products other than offered by the campus may be used if comparable.”

*Please note: This policy includes laptops, desktop computers, and servers. AMP is not required for mobile devices, such as smartphones. 

How does the security team leverage AMP?


Our Security Team centrally manages and monitors the AMP technology, enhancing its built-in defensive capabilities. We collect logs and send them to our Security Operations Center (SOC) where analysts scour them for potential problems. If something comes up, the analysts alert the appropriate teams and help them take action before a threat becomes a breach.