Cloud Security for All

Cisco Umbrella

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the internet wherever users go. Cisco Umbrella uses the internet’s infrastructure to block malicious destinations before a connection is ever established. The key difference is the use of both Cisco Talos Intelligence Group that allows for human and AI cooperation in threat identification and the ability to detect, measure and assess the Zero Day threats, as Cisco procesess a magnitude more data than any other vendor.

Overview

Cisco Umbrella is a cloud-native platform that delivers the most secure, reliable, and fastest internet experience to more than 100 million users daily. Umbrella unifies firewall, secure web gateway, DNS-layer security, cloud access security broker (CASB), and threat intelligence solutions into a single platform to help businesses of all sizes secure their network. As more organizations embrace direct internet access, Umbrella makes it easy to extend protection to roaming users and branch offices.

Threat mitigation solution delivered from cloud with zero hardware investment for all

Cisco Umbrella is the cloud solution for any size. Regardless if you are an Enteprise or Service Provider the cloud delivered solution enables you to work at any scale. Setup of a new system in hours, ability to extend the protection to vast number of endusers in minutes. Every device that access internet in you company or in your subcriber’s home is protected. With classic solution one needs to invest in hardware and configuration. Hardware on-prem requires different approach and can take much longer to test and setup. Cisco Umbrella delivering the same protection against threats from the cloud is much faster to setup and requires only minimal changes in network configuration infrastructure – as little as pointing the DNS resolver entry to the two new IP addresses. With the fast chaning network enviroment and new threats poping up daily – the Umbrella has the key to respond to those threats in timely manner.

Visibility, statistics, detailed reports for Service Provider or Enterprise

The first thing that you will notice is how fast Umbrella can be switched on. Regardless of the size of your user base – starting from Enterprise and looking up to biggest service providers – activation of the service is instantaneous. No other service can be scaled in such manner with so little effort.

The Service Provider agreement with Subscribers allows for novel way to turn on and test the service, but the actual key to deliver quality product lies in the extensive Umbrella Console.

Umbrella Console provides the expected level of configuration and raporting, but the actual experience in providing such service allows Cisco to enhance it even further. Than includes among other features: an API to allow automatic update of list of URLs that need to be treated in special way – i.e. goverment law stating that certain Web pages should be redirected to static page with information about hazard and games laws. The Console allows also to quickly build a pre-configured safe enviromet, by grouping the threats – or questionable practices – that can be offered to a Subsrciber. An example is the obvious lock-out in case a malicious we page starts to “mine” cryptocurency – but one can decide that they don’t want to even see the pages related to cryptocurency. The identification by IP address allows for easy aplication of such policies to Subscriber.

Cisco Umbrella is the first line of defence against Ransomware

After declining in 2018, ransomware has risen once again to the top of the threat list for businesses both large and small. In 2019 and 2020, local governments, hospitals, and schools all faced ransomware attacks that locked up important data and disabled critical systems for days. The holidays might be here, but no one wants to unwrap a surprise cyber attack.

Ransomware is one of the greatest security concerns ever to exist, it can strike at any time — even on the most seemingly resilient of systems. All it takes is one wayward click combined with inadequate security controls to lock down your network and potentially lose critical business information.

With the ability to penetrate organizations in multiple ways, fighting this threat effectively requires more than one product. Cisco Ransomware Defense offers an integrated approach that provides protection from these cyber attacks for all office locations and users, even when users are off the virtual private network (VPN). Backed by unmatched threat intelligence from Cisco Talos, Cisco’s unified security architecture brings together complementary cyber security products including domain name system (DNS)-layer, web, email, endpoint, and network security.

Protecting users everywhere with DNS-layer security

Since 2006, we’ve delivered a fast, secure, and reliable internet experience to more than 100 million users (and counting) starting with DNS-layer protection. We use the internet’s infrastructure to block malicious and unwanted domains, IP addresses, and cloud applications before a connection is ever established. The roaming users are able to get protected with Cisco Umbrella by means of installing Cisco AMP Client.

The elements of Cisco Umbrella

The Umbrella DNS Security Essentials package

This element includes core DNSlayer security capabilities, to block requests to malicious domains before they reach your network or endpoints. You gain off-network protection and mobile support in this base package, as well as access to Umbrella’s APIs (policy, reporting and enforcement), log exporting, the multi-org console, integration with Cisco Threat Response, and identity-based policies (virtual appliance + Active Directory connector). Additionally, this package provides discovery and blocking of shadow IT (by domain) with the App Discovery report

The Umbrella DNS Security Advantage
This elements includes all the capabilities of DNS Security Essentials plus it enables organizations to proxy risky domains for URL blocking and file inspection using AV engines and Cisco AMP. For organizations looking for deeper context during incident investigations, DNS Security Advantage offers unmatched threat intelligence in the Investigate console and on-demand enrichment API.

The Umbrella SIG Essentials Here we have all of the capabilities of the DNS Security Advantage package plus access to a secure web gateway (full proxy), cloud-delivered firewall, sandbox file analysis with Cisco Threat Grid, and cloud access security broker (CASB) functionality. With a single, cloud platform, you can combine multiple security services and threat intelligence to secure your network and remote and roaming users with confidence.