Cisco Umbrella is a cloud-centric security solution that aims to monitor your software perimeter before attackers can cross your line. To achieve this, it relies on artificial intelligence (AI) that helps it track down cyber threats and block them before they can cause damage to your system.
Its living, beating heart is your browser-linked dashboard from which you can easily ban IP addresses and get a full overview of what's going on with your network at all times.
Sound good so far? Let's take a look at the details of Cisco Umbrella's security features to see if it can really protect you from all kinds of cybersecurity storms.
Security features
Cisco Umbrella operates on a software-as-a-service (SaaS) model in which security threats are managed at the IP and DNS level. This means threats like malware, Trojans, and botnets can be blocked across ports and protocols before they make contact with your network.
With Cisco Umbrella, URL filtering is done through its web content filtering feature. Allows the user to manage Internet access based on which sites are accessible or blocked from user access.
Appropriate allow and block lists cover individual sites for URL filtering, which also supports various filter categories. These include default settings such as "high", "moderate" or "low", as well as support for creating a custom list. You get finer control over what content your users can access through URL filtering that covers Google, Bing, or YouTube and that users themselves can't turn off.
This is all done from a web-based console that allows the user to perform URL filtering at the individual IP address, user, network, or device level.
To up their game, Umbrella relies on real-time actionable security and threat intelligence. Here, "actionable" means that Cisco Umbrella will leverage threat intelligence models provided by its world-renowned Cisco Talos team. Whether it's a dangerous IP address, domain, file, or spam link, Cisco Umbrella will monitor all activity on your network to counter any threat and, just as important, try to learn by dealing with it.
This is made easy by recording and categorizing all your internet activity, helping your IT administrators map cybersecurity risks and close gaps based on previous Umbrella interaction with cyberthreats.
Therefore, Umbrella's DNS layer security allows you to easily detect a hacked subsystem by increasing the overall security visibility of your system. Umbrella's Secure Web Gateway will continuously log and monitor network traffic, application checks, URLs, and malware encounters.
It also relies on the cloud-based proxy that receives all web traffic forwarded through IPsec tunnels and PAC files. Once forwarded, this traffic will be subject to existing security policies while detected threats are countered.
Umbrella's firewall will apply similar diligence to log and block suspicious traffic that also travels through IPsec tunnels from all devices. While tunneling is in progress, unwanted traffic is handled according to valid security policies that can be easily defined and consistently applied at all times.
Cloud Access Security Broker is another security feature that helps you keep an eye on cloud applications that are used collectively. All detected apps will receive a risk assessment and be blocked accordingly or archived to monitor for suspicious behavior. Keep in mind that with this level of agility comes the hassle of being denied access to secure sites. Fortunately, this rarely happens.
Finally, the integration involving Cisco Umbrella and Cisco SD-WAN can be deployed throughout the network as a source of blanket coverage against cyber security threats. This includes managing the risks posed by the remote workforce, networked devices, and any applications used.
If you plan to use other Cisco products, you're ready to go. You'll have a bit more trouble integrating Cisco Umbrella with third-party products, making its out-of-the-box functionality slightly hampering.
Management functions
Even first-time users will be happy to learn that Cisco Umbrella is a walk in the park when it comes to setup.
Its intuitive dashboard plays a central role in fine-tuning your security system and recording all your activity. First, you have security categories around which you can organize your defenses against threats. They range from standard malware to newly spotted domains and crypto mining. Categories help you define appropriate security policies and make sense of blocked threat reports.
A more recent addition to the Umbrella Dashboard is the Investigation feature that allows you to track Umbrella's threat intelligence. Its Domain Summary feature, for example, will give you information about all the apps linked to a particular domain, along with the date the domain was created, IP data, country of origin, and more.
A unique visitor score is then used to measure the popularity of a domain and its changing usage patterns.
usability
While Cisco Umbrella use cases will ultimately depend on your specific situation, an ideal implementation involves larger organizations facing contemporary challenges, such as managing a large remote workforce.
Those who work offsite can easily expose their organization to malware found on the websites they use. Cisco Umbrella aims to counter this with its remote device monitoring systems that can easily block access to these sites. The same goes for applications used on your network that you consider to be a security risk.
Cisco Umbrella is an efficient web proxy system that also comes with a cloud firewall. You can also block resources that don't necessarily act as active security risks at all times, such as your employees' private email accounts. In addition to security, these resources are often a source of distractions that hamper productivity and are easily blocked by Cisco Umbrella.
Pricing
To start with, Cisco Umbrella will offer you a fair 14-day free trial, which is a great way to try it out before you opt for one of the four plans on offer.
The cheapest, DNS Security Essentials, will give you the basic threat blocking functionality you should be able to enjoy at the DNS layer and with zero latency.
DNS Security Advantage gives you the same level of protection, with an added focus on security and threat intelligence to make it easier to manage investigations.
More advanced security features and easier management are offered with the SIG Essentials package, while SIG Advantage is the flagship product with advanced protection features like Layer 7 firewall with IPS, etc.
final verdict
Cisco Umbrella is a cloud-based cybersecurity powerhouse that doesn't rest on the laurels provided by its brand. It's a robust security system that helps you detect, log, and block network threats and cyber addicts while leveraging AI and threat intelligence to keep your assets sparkling clean.
Coupled with its intuitive configuration and management features, you can't afford to at least try its trial version if you need a SaaS-based security solution that can handle all modern security and workforce management challenges.
We've also highlighted the best firewall, the best cloud firewall, and the best business VPN.