Cybersecurity threats continue to grow and evolve, as does the way your network interacts with the outside world. In the past, having your business apps and critical infrastructure secured behind a firewall may have been good enough, but now more and more business activity is happening outside your network. While this is great for improving collaboration and productivity, it can wreak havoc on your network security.

With the growing popularity and convenience of cloud services, more teams are using company devices to access the internet and company resources via other networks. In fact, Gartner predicts that by 2021 the average company will have 25% of its corporate data traffic bypassing the network perimeter.

“By 2021, 25% of corporate data traffic will bypass perimeter security and flow directly from mobile devices to the cloud.”

Gartner Security & Risk Management, Summit 2017

Your best defense against cyberthreats is a multi-layered approach to network security. You still need firewalls and antivirus software, but you also need ways to protect your devices and users when they’re not on your internal network. That’s where Cisco Umbrella comes in.

Your first line of defense

Cisco Umbrella is a cloud-delivered, open platform Secure Internet Gateway that delivers complete visibility into internet activity across all locations, devices, and users. It integrates with your existing security protections and blocks threats before they ever reach your network infrastructure or endpoints.

Umbrella can also analyze and learn from internet activity patterns to deliver live threat intelligence about current and emerging threats. Imagine being able to stop phishing and malware threats earlier, identifying infected devices faster, and preventing data breaches from occurring in the first place.

Cisco Umbrella by the numbers


175 billion daily internet requests


30 data centers worldwide

multiple users

90 million users

7M+ malicious destinations enforced concurrently at the DNSlayer

Benefits and features

From mitigating remediation costs and breach damage to reducing the time to detect and contain threats, Cisco Umbrella is jam-packed with benefits and features that will transform your ability to protect your network.

Here’s a look at the top Cisco Umbrella benefits and features:


Domain Name System (DNS) is a foundational component of the internet — mapping domain names to IP addresses. When you click a link or type a URL, a DNS request initiates the process of connecting any device to the internet. Umbrella uses DNS as one of the main mechanisms to get traffic to their cloud platform, and then uses it to enforce security, too.

When Umbrella receives a DNS request, it uses intelligence to determine if the request is safe, malicious or risky — meaning the domain contains both malicious and legitimate content. Safe and malicious requests are routed as usual or blocked, respectively. Risky requests are routed to their cloud-based proxy for deeper inspection.

Cisco’s proxy inspects files attempted to be downloaded from risky sites using antivirus (AV) engines and Cisco Advanced Malware Protection (AMP). And, based on the outcome of this inspection, the connection is allowed or blocked.

Intelligence & visibility

Cisco Umbrella provides crucial visibility for incident response and also gives you confidence that you’re seeing everything. Because the Umbrella global network analyzes massive amounts of data every day, it is able to detect patterns and uncover attacker infrastructure, which increases visibility into internet activity across all locations and users.

Internet activity data from their global network is turned into a real-time, massive graph database against which they continuously run statistical and machine learning models. This information is also constantly analyzed by the Umbrella security researchers and supplemented with intelligence from Cisco Talos. Using this combination of human intelligence and machine learning, they are able to identify malicious sites — whether domains, IPs or, URLs — all across the internet.

You also gain the visibility you need to uncover shadow IT and block risky apps. Cisco Umbrella’s App Discovery and blocking provides cloud app visibility with vendor, app, and risk details to enable secure cloud enablement plus blocking apps that are not approved.


Umbrella integrates with your existing security stack including security appliances, intelligence platforms, and cloud access security broker (CASB) controls. Umbrella can push log data about internet activity to your SIEM or log management systems, and using our enforcement API, you can programmatically send malicious domains to Umbrella for blocking. This allows you to amplify existing investments, and easily extend protection everywhere.

Because it is delivered from the cloud, there is no hardware to install or software to manually update. You can provision all on-network devices — including BYOD and IoT — in minutes and use your existing Cisco footprint — AnyConnect, SD-WAN, Integrated Services Router (ISR) 1K and 4K Series, and Wireless LAN Controller 5520 and 8540, and Meraki MR — to quickly provision thousands of network egresses and roaming laptops. Additionally, with the Cisco Security Connector app, you can use the Umbrella extension to protect supervised iOS 11. 3 or higher devices.

“Cisco has married its best-in-class enterprise networking with powerful machine learning, transforming the traditional hardware-centric approach to networking into a more software driven one.”


In conclusion

Protecting your network is the best thing you can do to protect your business. And that means protecting users and devices both on and off your network. Don’t wait until it’s too late. Contact a security expert your trust to learn more about Cisco Umbrella and other ways you can keep your network and your business safe from cyberthreats.