1) My 2.2 ISE is registered to the AMP console and shows status of connected.  When I look at the AMP console, the URL for my ISE is defined as the internal name ise240.metlab.local.   Does the AMP console reach out to my ISE or does ISE reach out to the AMP console?  In other words, is notification a push or a pull method? Does it matter that my ISE is not routeable/reachable directly from the Internet.  It does have outbound Internet, just not inbound from the Internet.

ISE receives IOC (Indicators of Compromise) events and “Threat Detected” events from AMP. During the AMP adapter configuration, you can specify which subset of events you want to subscribe to, that is used to send a POST request to AMP for those event types. Once ISE registers to the events, it will create a SSL connection to the AMP Queue and hear for any notification there after from AMP. 

2) Is there any automatic action to take when this happens?  I see there are Threat Centric attributes available in the AuthZ policy config but nothing that reflect a compromised host.  Is there an attribute I can set to True, similar to how Anomalous Behavior works.  In the documentation it talks about manually applying an ANC policy.

No, the action cannot be automated today. The following are the ‘Threat’ options today (in ISE 2.2), you can author a policy on:

3) Does this work when the malware notification comes after a ThreatGrid analysis or is retrospective?  Meaning that the file was executed as unknown and then marked as malware after ThreatGrid analysis.

The analysis on AMP is retrospective (more of an AMP/Threatgrid feature). I believe, there needs to be an active session on the PSN for the threat indices to be concatenated, which then gets published to the Policy Admin Node to be shown under 'Context Visibility'. (Copying jeppich and imbashir to keep me honest)

Cheers!

-Hari