Case Studies

Cisco's Use of Umbrella

Issue link: https://learn-umbrella.cisco.com/i/789540

Contents of this Issue

Navigation

Page 3 of 3

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) The results Simplified security for a complex, global organization "We didn't have to change hundreds of thousands of DHCP scopes, coordinate change management with thousands of labs, or reconfigure thousands of statically defined end nodes," West says. "All it took was pushing out four lines of code to a few dozen DNS servers. It doesn't get much easier to implement an enterprise-wide security control. The global roll-out was complete inside of 60 minutes." For information security investigator, Brandon Enright, the deployment's speed and simplicity proved revelatory. "One of the things that made it so easy to deploy to 140,000 users is that we didn't have to go through 140,000 endpoints and make configuration changes. Instead of making our resolver recursive, all we did was change the IPs on our DNS forwarding server." Umbrella delivered another unexpected bonus: "My biggest surprise was the way shorter DNS lookups resulted in more responsive web browsing," says West. "We did not anticipate that putting a security control in place to improve protection and visibility could also improve the user experience. It was an unexpected win." With Umbrella now a part of Cisco, clients who need DNS-based protection have an effective solution already tested by Cisco's own deployment. "Umbrella gives our clients matchless visibility and deep threat intelligence in a turn-key, off-the-shelf security solution supported by a world-class research team," West says, "They can deploy Umbrella very, very quickly instead of spending five years developing something from scratch like we did, and we can in turn spend more time solving other problems." There have been other gains as well. Enright notes that Umbrella has been effective in blocking domain generation algorithms (DGAs) commonly used in attacks, "By dedicating substantial effort to reverse-engineering algorithms, Umbrella is determining their future course and blocking DGAs today, tomorrow, and the next day," he says. And having covered the global security base, does Umbrella also meet Cisco's continuous acquisition onboarding challenges? According to West, "Umbrella is highly promising in that space. Instead of having to buy, build, ship and install a $1 million dollar rack of gear, we can protect new Cisco entities by placing a DNS-based shield in front of their networks and turning it on virtually overnight." Martino says, "My top concern is protecting the data that our customers entrust in us through our tools. Umbrella gives me a global set of enforcement capabilities and layer of protection to better protect and live up to the obligations and expectations of our customers." " One of the things that made it so easy to deploy to 140,000 users is that we didn't have to go through 140,000 endpoints and make configuration changes. Instead of making our resolver recursive, all we did was change the IPs on our DNS forwarding server." Brandon Enright Information Security Investigations Manager Cisco

Articles in this issue

Links on this page

view archives of Case Studies - Cisco's Use of Umbrella