Cisco Umbrella FAQ

Issue link:

Contents of this Issue


Page 1 of 3

FAQ Q: What functionality does Umbrella now support? The following components are integrated seamlessly in a single, cloud-delivered platform: DNS-layer security: DNS requests precede the IP connection, enabling DNS resolvers to log requested domains over any port or protocol for all network devices, office locations and roaming users. Monitor DNS requests, as well as subsequent IP connections, to improve accuracy and detection of compromised systems, security visibility and network protection. Block requests to malicious destinations before a connection is even established — stopping threats before they reach your network or endpoints. Secure web gateway: A cloud-based full (or selective) proxy that can log and inspect your web traffic, including uploaded and downloaded files, for greater transparency, control, and protection against malware and other hidden threats. View detailed reporting with full URL addresses, network identity, allow or block actions, plus the external IP address. Create policies for content filtering by category or specific URLs to block destinations that violate policies or compliance regulations. Cloud-delivered firewall: All internet activity is logged and unwanted traffic is blocked using customizable IP, port, and protocol rules. To forward traffic, simply configure an IPsec tunnel from any network device. As new tunnels are created, security policies can automatically be applied for better visibility and control of all internet traffic, including easy setup and consistent enforcement throughout your environment. Cloud access security broker (CASB): Detect and report on the cloud applications in use across your environment. Automatically generate overview reports on the vendor, category, application name, and the volume of activity for each discovered app. Drill down reports include web reputation score, financial viability, and relevant compliance certifications to enable better management of cloud adoption, reduce risk, and provide more control to block the use of offensive or inappropriate cloud applications in the work environment. Interactive threat intelligence access: Umbrella utilizes threat intelligence from Cisco Talos, one of the largest commercial threat intelligence teams in the world to uncover and block a broad spectrum of malicious domains, IPs, URLs, and files used in attacks. We feed volumes of global internet activity into a combination of statistical and machine learning models to identify new attacks staged on the internet to help organizations respond to the rise in threats, incidents and breaches. View unparalleled threat intelligence in our web console or integrate with your existing security tools for faster remediation. SD-WAN integration: Deploy across your network and gain powerful cloud-delivered security to protect against threats on the internet and when accessing the cloud. Create flexible security policies based on the level of protection and visibility you need — all in the Umbrella dashboard. Our integrated approach can efficiently protect your branch users, connected devices, and application usage from all DIA breakouts. © 2019 Cisco and/or its affiliates. All rights reserved. SD-WAN adoption and direct internet access (DIA) require a new approach to of remote workers report they sometimes go DIA of orgs use SD-WAN extensively or selectively of branch offices + roaming users source of compromise in recent attack 85% 76% 68%

Articles in this issue

view archives of Datasheets - Cisco Umbrella FAQ