At Splendid, we’re committed to providing the best possible technology tools available for our clients. And when we come across something we feel is particularly valuable, we want to make sure people know. Cisco Umbrella is a perfect example of this.
Below, you’ll find an informative and thorough video that will walk you through all the high-points of Cisco Umbrella. But, we understand that business leaders are busy. While the video clocks in at under 8 minutes, finding that much uninterrupted time in the day can be a genuine challenge.
So to make this as easy on you as possible, we’ve summarized the key points from the video. Watch it or read our summary. Either way, we believe Cisco Umbrella is worth considering as a part of your overall cybersecurity strategy.
And if you need more information on Umbrella, cybersecurity best practices, or any other IT support-related need, feel free to reach out to us. We’re here for you.
What is Umbrella?
Umbrella is Cisco’s cloud-based security solution. Because it comes from a name you know and trust, you can take as a given that it’s a solid cybersecurity offering. But because it’s cloud-based, it’s even better.
Umbrella provides protection regardless of your location, making it perfect for businesses with multiple locations or for employees who travel.
The main dashboard
When you open up Umbrella, you’re greeted with a robust master dashboard, complete with a summary of all security-related activity.
Top security events are easy to identify and can be sorted by destination, identity or type. That gives your cybersecurity admin complete control over how information is analyzed and allows for some quick-fire insights into potential threats.
Let’s look at each of the three sorting options.
Destination – The destination of the security event can be configured as the domain name, IP address or URL path associated with the event.
Identity – The identity of the target can be configured as the network, a specific device or any active directory user, depending on your preferred configuration.
Type – Finally, the type provides details of what caused the security event block.
Your custom configuration allows you to see exactly the information that’s most helpful to you in a convenient dashboard view.
The most common mode of deployment is to point DNS from your internal DNS or DHCP servers to Umbrella. Or, as an alternative, you can use a network device integration with a Cisco integrated services router or Wi-Fi access points.
Protected remote access
As mentioned previously, one of the great things about a cloud-based cybersecurity solution is that it can be used at any business location or remotely. This kind of versatility allows you to maintain data security while remaining agile.
You have two options for taking advantage of Umbrella’s remote access availability.
Cisco AnyConnect – If you already use Cisco AnyConnect, remote access is easy. Simply upgrade to the newest version of AnyConnect and enable the Umbrella module. That’s it.
Other VPN services – If you currently use a different VPN service, Umbrella will still provide you with cybersecurity protection remotely. Just us the stand-alone roaming client, which works with other VPN services without conflicts or added latency.
Consistent with other Cisco products, the end-user experience for cybersecurity professionals utilizing Umbrella is functional and convenient. Here are some of the high points.
End users are protected, even when off-network, without any additional action on their part. This makes the experience for each individual end user seamless and automatic.
Umbrella offers complete protection, including protection from phishing attempts—one of the top cybersecurity threats today.
When a user clicks on a phishing link, for example, Umbrella will redirect to a block page, either default or custom, stopping the possible attack and logging all the relevant information about the security event.
On the control panel, your cybersecurity admin can find and investigate each security event.
Full details of each event are recorded for admin reference, allowing you to see if the threat was one-time or recurring. And, looking at the global traffic for the event, you can determine if your network was targeted specifically.
Insights into global traffic spikes and domain ownership (including other domains registered with the same contact email or hosted by the same name servers) can then be correlated with Cisco’s records to see the exact nature of the threats you were protected from, including probable effects on your network had the attack been successful.
You have the option to integrate with partner products in minutes or create a custom integration using a simple script. This allows you to use intelligence gathered at one location on a global level, boosting your protection immediately.
Finally, you can create individual policies according to the level of predefined profiles, security settings or content filtering. You can also limit access to specific URLs by policy.
There are a variety of customization options, including the ability to define and configure SSL decryption and determine what activities will and won’t be logged.
A final word
Cisco Umbrella is a wonderful cloud-based cybersecurity option. The above summary is just the tip of the iceberg regarding what this well-rounded tool can do.
If you’d like more information about what Cisco Umbrella can do to improve your cybersecurity protection, please feel free to reach out to us.