CISCO security in the cloud. News CISCO UMBRELLA

CISCO security in the cloud. News CISCO UMBRELLA

Cisco Umbrella is the answer to your cloud security challenges.

Cisco Umbrella helps to protect the Internet access of its users, whether they are connected from their central office, branches or when the user is roaming.

Your systems will be safe at any time and place thanks to protection against malicious Internet addresses.

Umbrella acts as a security layer for Internet access and offers deep inspection and control to support security compliance and provide effective protection against threats. Backed by Cisco Talos, one of the world’s largest threat intelligence teams, Cisco Umbrella presents the threats for better investigation and response. By delivering it from the cloud with 100% uptime, Cisco Umbrella offers visibility to protect users anywhere updated.

Cisco Umbrella is security that adapts to the way we work today:

Protection for Remote Users and Roaming: Your users work from many locations and devices. They no longer need the VPN to get the job done: they use cloud applications, many of which have not been examined by IT. What would happen if I had a quick and easy way to protect users and apply acceptable usage policies?

Protection against cyber threats: Threats continue to increase in sophistication, and the costs of cybercrime continue to rise. But attackers often reuse the same infrastructure in multiple attacks, leaving cyber fingerprints. What would happen if you could use those fingerprints to discover attacks before they launch?

As responsible for cybersecurity, your goal is to reduce detection and defense time against malware. But with all your security devices, is your network more secure? Are you still flooded with infections? Your security team needs better intelligence, be fast and have solutions that are flexible, integrated and easy to implement and manage.

The evolution of CISCO UMBRELLA.

As a leading provider of DNS recursive services, CISCO has helped companies of all sizes and industries connect to the Internet in a secure manner. CISCO has built a reputation thanks to a simple implementation and powerful protection, regardless of where users are located.

To help organizations adopt direct Internet access, in addition to DNS layer security and interactive threat intelligence, Cisco Umbrella now includes the functionality of:

  • secure web gateway
  • cloud firewall
  • cloud access security agent (CASB)
  • more integration with Cisco SD-WAN

Do you want to try CISCO UMBRELLA for free?

Do not hesitate, ask us!

Multiple security features in a single cloud security service

DNS layer security

Umbrella DNS layer security provides the fastest and easiest way to improve your security. It helps improve security visibility, detect compromised systems and protect its users inside and outside the network by stopping threats on any port or protocol before they reach your network or endpoints.

Secure web gateway

Umbrella’s secure web gateway records and inspects web traffic for full visibility, URL and application controls, and malware protection. Use IPsec tunnels, PAC files or proxy chaining to forward traffic to our cloud-based proxy servers to apply acceptable use policies and block advanced threats.

Firewall

The Umbrella firewall records all activity and blocks unwanted traffic through IP, port and protocol rules. To forward traffic, simply configure an IPsec tunnel from any network device. As new tunnels are created, policies are automatically applied for easy configuration and consistent application everywhere.

What CISCO UMBRELLA solution that best suits your business?

Solutel advises the DNS Security Advantage solution, to cover most of the profile needs of the companies consulted.

DNS Security EssentialsDNS SecurityAdvantageSecure InternetGateway (SIG)Essentials
Good for small
companies or as first line
of defense for any size
company
Good for mid-sized
companies or as first line
of defense for any size
company
Ideal for companies
with Cisco SD-WAN,
and large companies with
advanced security and
web policy needs
Licencingby the number of users
Security & Controls
DNS-layer security
Block domains associated with phishing, malware, botnets, and other high risk categories (cryptomining, newly seen domains, etc.)
Block domains based on partner integrations (Splunk, Anomali, & others) and custom lists using our enforcement API
Block direct-to-IP traffic for C2 callbacks that bypass DNS¹
Secure web gateway
Proxy web traffic for inspectionTraffic associated
with risky domains via
selective proxy
All web traffic
Decrypt and inspect SSL (HTTPS) trafficWith selective proxy
Enable web filteringBy domain or
domain category
By domain or
domain category
By domain, URL,
or category
Create custom block/allow listsOf domainsOf domainsOf URLs
Block URLs based on Cisco Talos and third party feeds, and block files based on AV engine and Cisco Advanced Malware Protection (AMP) dataWith selective proxy
Use Cisco Threat Grid cloud sandbox environment to analyze suspicious files (200 files/day)
Use retrospective security to identify previously-benign files that became malicious
Cloud-delivered firewall
Create layer 3/layer 4 policies to block specific IPs, ports, and protocols
Use IPSec tunnel terimination
Cloud access security broker
Discover and block shadow IT (based on domains) with with our App Discovery report
Discover and block shadow IT (based on URLs) with App Discovery report
Create policies with granular controls (block uploads, attachments, and posts) for select apps
Umbrella Investigate
Access Investigate’s web console for interactive threat intelligence (5 logins)
Use the Investigate on-demand enrichment API to enrich other tools/systems with domain, URL, IP, and file threat intelligence (2,000 requests per day)
Integrate with Cisco Threat Response to aggregate threat activity across Cisco AMP, Threat Grid, Email Security, NGFW, and UmbrellaWith enforcement
API only
Deployment & management
Traffic forwarding
Forward external DNS traffic for:
• On-network protection via Cisco (SD-WAN, Meraki MR, Integrated Services
Router, & Wireless LAN Controller) and third party integrations (Cradlepoint,
Aerohive, & others)
• Off-network protection via AnyConnect, Umbrella roaming client, and Cisco
Security Connector for iOS
Send outbound network traffic via IPSec tunnel, proxy chaining, or PAC filesI
User attribution
Create policies and view reports by:
• Network (egress IP)
• Internal subnet²
• Network device (including VLAN or SSID)³
• Roaming device
• Active Directory group membership (including specific users)⁴
Create policies and view reports using SAML
Management
Customize block pages and bypass options
Use our multi-org console to centrally manage decentralized orgs
Use our management API to create, read, update, and delete identities using own internal tools
Reporting and logs
Leverage real-time activity search and our reporting API to easily extract key events
Choose North America or Europe for log storage
Use customer or Cisco-managed AWS S3 bucket to export and retain logs as long as needed⁵
Access domain request logs in our user interface (30 day: detail, 1yr: summary)
Access full URL logs in our user interface (30 days: detail)
Access firewall (IP, port, and protocol) logs in our user interface (30 days: detail)
Soporte
Enhanced – 24 x 7 technical + on-boarding RequiredRequired
Premium – 24 x 7 technical + on-boarding + Technical Account Manager (TAM) Optional upgradeOpcional upgrade
Footnotes:
1 Requires endpoint footprint (Umbrella roaming client, Chromebook client, or AnyConnect roaming module)
2 Internal IP attribution requires network footprint (our virtual appliance), Meraki MR integration, Cisco ISR integration, or Cisco ASA integration, or Cisco SD-WAN integration. Select third-party integrations available too
3 Requires network device integration with Cisco Integrated Services Router (ISR) or Cisco Wireless LAN Controller or Meraki MR
4 Active Directory (AD) policies and attribution requires Umbrella AD connector with network footprint (Umbrella virtual appliance)
or endpoint footprint (Umbrella roaming client or AnyConnect roaming module)
5 No Amazon account required when using the Cisco-managed S3 bucket

Solutel,  Advanced Security Architecture Specialized Partner

Do not hesitate, ask us!

Related news:

Con los productos de seguridad CISCO, puede lograr una seguridad de red eficaz para afrontar las amenazas.

“Gran parte de mis procesos y de mis datos van al exterior de mi red corporativa”. Solución CISCO UMBRELLA

¿Buscas CISCO Umbrella para escuelas o universidades? Umbrella educación

Share this post