Datasheets

Deployment Checklist for SIG Security packages

Issue link: https://learn-umbrella.cisco.com/i/1408805

Contents of this Issue

Navigation

Page 0 of 0

Deployment Checklist for SIG Security packages (SIG Essentials and SIG Advantage) One Pager Cisco Public Consider this checklist your personal deployment buddy. Protecting your organization is hard enough — let's make deploying Cisco Umbrella as simple as possible. How to contact support Tips from our CSMs • Not 100% sure if you want to enable a new security category? Monitor it first by running a Security Activity report and filtering by the desired category • Attend a live SWG Deployment webinar to ask questions and learn best practices • Subscribe to the "Announcements" section of our Help Center's Service Updates to receive product updates straight to your inbox 1. Check your support options Log in to your dashboard and go to Admin > Licensing. You'll see an email address and/or phone numbers depending on your package 2. Run our diagnostic tool Include the diagnostic in your support request to speed up the process 3. Contact support All customers can reach support at umbrella-support@cisco.com or by submitting a request here © 2021 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. 08/21 Configure your DNS policies to apply security and access control Note: Disable intelligent proxy for DNS policies if you will be configuring Web policies. Test your DNS policies Set up the roaming client or Roaming Security module for AnyConnect to enforce your policies off-network Deploy Virtual Appliances (VAs) to trace traffic back to a specific computer or IP address Register your network to let Umbrella know where your traffic is coming from Tip: Determine your IP address using whatsmyip.com Point your DNS traffic to Umbrella Test your DNS settings Add administrators and manage user roles Manage your logs Install the root certificate to enable block pages and access advanced features Explore Umbrella's different policy types. You can configure DNS, web, or cloud-delivered firewall policies Deployment basics Phase 1: Get familiar with your dashboard and add DNS-layer security Phase 2: Go beyond DNS-layer security with SWG, or add both SWG and CDFW for maximal protection. Deployment path 1: Add secure web gateway only Deploy for greater visibility into all web traffic, increased content control, advanced malware protection, sandboxing, and decryption. Deployment path 2: Secure web gateway + cloud-delivered firewall Add CDFW for greater visibility and control into outbound traffic across all ports and protocols without backhauling traffic to a datacenter for inspection. Configure the Web policy's ruleset and rules to apply security and access control Step 1: Add a ruleset to the Web policy Step 2: Add rules to a ruleset to set actions against individual identities and destinations Tip: Review our policy best practices Configure cloud-delivered firewall policies to apply security and control across all IP, ports, and protocols (Layer 3 / 4) and to easily block non-web applications (Layer 7) *Layer 7 protection available in SIG Advantage package only or SIG-E Add-on Deploy using Cisco's AnyConnect Roaming Security module Note: Recommended deployment method for SWG-only Deploy using a PAC file Deploy using proxy chaining Deploy using a IPsec tunnel Note: Same tunnel can be used to implement CFDW if you want to add in future Deploy using a IPsec tunnel to route outbound traffic directly to Umbrella Note: You can use the same tunnel used to deploy SWG Phase 3: Customize your protection with SWG and/or CDFW policies Phase 4: Take these actions to advance your deployment Set up Active Directory (AD) to provide user, group or computer name granularity in reports and policies Configure SAML integrations if you are sending web traffic to Umbrella using an IPsec tunnel, PAC file, or proxy-chaining deployment Get to know your Umbrella reports Tip: Review reports to make sure your policies are working how you want Schedule reports to be delivered straight to your inbox Add a new schedule setting on the Web policy to determine when (time and day) a selected action is applied to an identity and the destination associated with it Tip: Make sure to give your new schedule setting a meaningful name so you can easily reuse it whenever you are creating or updating a rule Got MDM-managed mobile devices? Deploy Cisco Security Connector for iOS or Android Mobile Security Integrate existing tools with APIs for enforcement, visibility, management and deployment. Check out the different APIs available today here and setup guides for commonly used integrations here Access your Investigate console to expose current and developing threats in real-time with interactive threat intelligence Add selective decryption to exclude content categories, applications (Web policy only), and domains (Web policy only) from being proxied Advanced features for DNS, secure web gateway, and cloud-delivered firewall Enable the intelligent proxy for more visibility and control and SSL decryption to inspect traffic over HTTPS and block custom URLs Note: Only enable intelligent proxy for DNS-only deployment Configure Intrusion Prevention System (IPS) on firewall policies for signature-based protection against threats Advanced features for DNS-only Advanced features for CDFW Configure the Data Loss Prevention (DLP) policy to analyze sensitive data in-line for visibility and control over data being transmitted to unwanted destinations (Available only in SIG Advantage package or as SIG-E Add-on) Protect identities from browser-based threats by redirecting web traffic from user devices to a cloud-based host with remote browser isolation (RBI) Available only in SIG Advantage package or as SIG-E Add-on Enable cloud malware detection to detect and remediate malicious files in your sanctioned cloud applications Enable file inspection for DNS and/or Web policies using Cisco's Advanced Malware Protection (AMP) to scan all uploaded and download files for malware and other threats Turn on Threat Grid malware analysis to analyze files for malicious behavior using advanced sandboxing with static and dynamic threat intelligence (These are files not blocked through file inspection or Cisco AMP) Apply Tenant controls to manage user access to SaaS apps, like Microsoft Office 365, Google G Suite, and Slack Block file downloads by file type Advanced features for SWG Go-to resources Bookmark for easy access Documentation: Technical user guides with step-by-step deployment instructions Knowledge Base: Regularly updated FAQs and troubleshooting tips How-to videos: On-demand educational resources and product demos. You'll need your Umbrella credentials to access. Customer webinars: Weekly expert-led webinars on onboarding, deployment health, the future of the product, and more Service updates: Software release notes and product announcements – Click the 'Follow' button to receive updates to your email inbox Cloud Security service status: Full transparency on the status of our services. Click 'Subscribe to Updates' to receive service impact notifications to your inbox. Before you begin, check Roaming Security prerequisites Note: The Umbrella Roaming Security module and client are incompatible. If roaming client is installed, it will be removed automatically when installing the Roaming Security module.

Articles in this issue

Links on this page

view archives of Datasheets - Deployment Checklist for SIG Security packages