Datasheets

Cisco Umbrella Package Comparison

Issue link: https://learn-umbrella.cisco.com/i/1159688

Contents of this Issue

Navigation

Page 0 of 1

Data sheet Cisco Umbrella DNS Security Essentials DNS Security Advantage Secure Internet Gateway (SIG) Essentials Good for small companies or as first line of defense for any size company Good for mid-sized companies or as first line of defense for any size company Ideal for companies with Cisco SD-WAN, and large companies with adavnced security and web policy needs Licencing by the number of users Security & Controls DNS-layer security Block domains associated with phishing, malware, botnets, and other high risk categories (cryptomining, newly seen domains, etc.) ● ● ● Block domains based on partner integrations (Splunk, Anomali, & others) and custom lists using our enforcement API ● ● ● Block direct-to-IP traffic for C2 callbacks that bypass DNS¹ ● ● Secure web gateway Proxy web traffic for inspection Traffic associated with risky domains via selective proxy All web traffic Decrypt and inspect SSL (HTTPS) traffic With selective proxy ● Enable web filtering By domain or domain category By domain or domain category By domain, URL, or category Create custom block/allow lists Of domains Of domains Of URLs Block URLs based on Cisco Talos and third party feeds, and block files based on AV engine and Cisco Advanced Malware Protection (AMP) data With selective proxy ● Use Cisco Threat Grid cloud sandbox environment to analyze suspicious files (200 files/day) ● Use retrospective security to identify previously-benign files that became malicious ● Cloud-delivered firewall Create layer 3/layer 4 policies to block specific IPs, ports, and protocols ● Use IPSec tunnel terimination ● Cloud access security broker Discover and block shadow IT (based on domains) with with our App Discovery report ● ● Discover and block shadow IT (based on URLs) with App Discovery report ● Create policies with granular controls (block uploads, attachments, and posts) for select apps ● Umbrella Investigate Access Investigate's web console for interactive threat intelligence ● ● Use the Investigate on-demand enrichment API to enrich other tools/systems with domain, URL, IP, and file threat intelligence (2,000 requests per day) ● ● Integrate with Cisco Threat Response to aggregate threat activity across Cisco AMP, Threat Grid, Email Security, NGFW, and Umbrella With enforcement API only ● ● Cisco Umbrella Package Comparison Cisco Umbrella secures internet access and controls cloud app usage from your network, branch offices, and roaming users. Unlike disparate security tools, Umbrella unifies secure web gateway, cloud-delivered firewall, DNS-layer security, and cloud access security broker (CASB) functionality into a single platform. Umbrella acts as a secure onramp to the internet and delivers deep inspection and control to support compliance and provide effective threat protection. Backed by Cisco Talos, one of the largest threat intelligence teams in the world, Umbrella exposes threats for better investigation and response. By delivering all this from the cloud with 100% uptime, Umbrella offers visibility and enforcement to protect users anywhere. © 2019 Cisco and/or its affiliates. All rights reserved.

Articles in this issue

view archives of Datasheets - Cisco Umbrella Package Comparison