Cisco Umbrella Overview
Cisco Umbrella is a comprehensive cloud-delivered security service designed to provide organizations with a robust and reliable internet security solution. This platform acts as the initial line of defense against a wide range of internet threats, ensuring secure access to the internet and cloud applications for users both on and off the network.
Key Features and Functionality
DNS-Layer Security
Cisco Umbrella’s DNS-layer security is a foundational component, leveraging DNS to block connections to malicious domains, IPs, and URLs before they can pose a threat. This feature improves security visibility, detects compromised systems, and protects users across any port or protocol, preventing malware, ransomware, and phishing attacks.
Secure Web Gateway
The secure web gateway logs and inspects web traffic in real-time, providing full visibility, URL and application controls, and protection against malware. It allows for the enforcement of acceptable use policies and blocks advanced threats using IPsec tunnels, PAC files, or proxy chaining.
Firewall
Umbrella includes a cloud-delivered firewall that logs all activity and blocks unwanted traffic using IP, port, and protocol rules. This ensures consistent enforcement of security policies across all network devices, simplifying setup and management.
Cloud Access Security Broker (CASB)
The CASB functionality in Umbrella detects and reports on cloud applications in use across the organization, exposing shadow IT. It provides details on the risk level of discovered apps and allows for the control or blocking of usage to better manage cloud adoption and reduce risk.
Interactive Threat Intelligence
Umbrella Investigate offers real-time context on malware, phishing, botnets, trojans, and other threats through its unique view of the internet. This intelligence is available via a console and API, enabling faster incident investigation and response.
Integration with SD-WAN
Cisco Umbrella seamlessly integrates with Cisco SD-WAN, deploying easily across the network to provide powerful cloud security and protection against internet threats. This integrated approach secures cloud access and protects branch users, connected devices, and app usage from all direct internet access breakouts.
Additional Security Functions
- Malware Protection: Umbrella detects and blocks malware threats quickly and efficiently, ensuring comprehensive protection against various types of malware.
- Remote Browser Isolation (RBI): Provides an added layer of protection against browser-based security threats for high-risk users.
- Data Loss Prevention (DLP): Discovers and blocks sensitive data from leaving the organization.
- Cloud-Delivered Firewall: Enhances security efficacy by ensuring consistent enforcement of security policies everywhere.
Benefits and Deployment
Cisco Umbrella is known for its ease of deployment, requiring only minutes to set up and protect all users, whether they are on or off the network. It processes over 700 billion internet requests daily to uncover threats before they reach the network or endpoints, providing effective and reliable protection against phishing, malware, and ransomware.
The platform offers flexible cybersecurity protection, consistent policies across remote locations, and better performance and user satisfaction everywhere. Its integration with existing systems and other Cisco products, such as Meraki, further enhances its capabilities and simplifies security management from a single dashboard.