Cisco Umbrella: Cybersecurity in minutes

If all staff worked from their desktop computers in the head office, the IT security people would be much calmer. But times are different. Today, people communicate from anywhere and everywhere. Even in this situation, security officers can keep a calm heartbeat if they deploy Cisco Umbrella.

You can never rely on employees using only secure connections at work. On the contrary, they move around and work in public environments such as cafés, airports, and restaurants, where their devices can be attacked. If its internal antivirus loses the battle against malicious code, any single laptop can become a threat to the entire company. The Cisco Umbrella cloud platform is the first line of defence against internet threats. It is a cloud-based security platform that protects networks and endpoint devices from internet threats such as malware, ransomware, phishing, and other malicious activities. This primarily addresses situations such as when staff use an unsecured Wi-Fi connection and do not turn their VPN on because they are looking for information online rather than accessing the company network.

DNS-level security

The way Cisco Umbrella works is that it uses the Domain Name System (DNS) to control access to websites. DNS is a protocol that translates domain names (such as soitron.cz) into IP addresses that are used to identify specific servers.

Cisco Umbrella performs internet request filtering based on a set of predefined rules and security policies. When a user or device on the network requests access to a website, the request is routed through the Cisco Umbrella infrastructure. “The platform evaluates the request and decides whether the site is safe, suspicious, or malicious. When Umbrella identifies that the site the person is attempting to connect to is suspicious, it blocks the connection. This happens even before connecting a laptop or other device to the website and transferring any data containing a threat,” explains Petr Kocmich, Global Cyber Security Delivery Manager at Soitron.

Cisco Umbrella Expert Tip

Cisco Talos support

The key to Cisco Umbrella’s superior efficiency is support from Cisco Talos. Cisco Talos Intelligence Group is one of the largest commercial threat monitoring teams in the world. It collects data from tens of millions of installations around the world to generate accurate, fast, and actionable threat intelligence. Thanks to Cisco Talos intelligence, Umbrella tools can evaluate things such as whether a user is navigating to a site containing malicious code, whether their computer is communicating with a ransomware control server, or whether this is a newly established domain for which there is not enough information available. That’s when it blocks the connection.

Points for Umbrella

Cisco is continuously developing the Umbrella, and on top of the DNS protection it has integrated several additional security functionalities into the tool.

  • Firewall as a service (FWaaS). A cloud-based service for advanced protection across the organization, including remote offices, primarily aimed at cloud applications. The Umbrella Firewall logs all activity and blocks any unwanted traffic using IP, port, and protocol rules.
  • Secure Web Gateway (SWG). This helps connect and secure the connection of staff to the public internet, such as websites or cloud-based web applications that are not part of the company’s official list of SaaS services in use.
  • Cloud Access Security Broker (CASB) is used to secure connection to SaaS applications such as Office 365 and Salesforce. It can also detect any shadow IT by monitoring cloud applications, showing their risk level, and blocking or restricting their use.

“Cisco Umbrella runs in Cisco data centres located around the world. You don’t need to invest in hardware, and you don’t need to build your own data centre to run Umbrella. It takes less than an hour to deploy it, and it works in large and small companies. Umbrella can be controlled from anywhere, so the network administrator just needs an internet connection. They can even be on a beach by the sea.”

A #CiscoExpertTip by Cisco security expert Milan Habrcetl: Umbrella can be deployed in a few moments and without any hardware

Related articles