See attacks before they happen.
Cisco’s Umbrella software see’s the relationship between malware, domains, IPs and networks across the internet. This is similar to how Amazon learns from shopping patterns and then suggests your next purchase. Instead, Cisco Umbrella learns from internet activity patterns to automatically identify attacker infrastructure being staged for the next threat.
Before we used the Investigate API in our incident response process, it might have taken our incident responders many hours, or even days, to respond to an incident. Now we’ve automated much of that process, so we can get it down to a very quick and efficient few minutes.
Head of Security, Yelp
I like the ease of use and the threat intelligence. We do a lot of research on our attack vectors, analysing phishing emails, and anomalous events. Nine times out of 10 Cisco Umbrella is already blocking identified malicious domains.
Senior IT Architect
Large Enterprise Computer Software Company
Peering for speed
Umbrella won’t add latency compared to your current provider. In fact, many customers see a boost in internet speed. Cisco’s peering partnerships with ISPs and CDNs provide shortcuts between every network. And Umbrella stores the responses to 80 million users’ daily requests, and for most safe destinations, responds back immediately.
Enforcement built into the foundation of the internet
Cisco Umbrella uses the internet’s infrastructure to block malicious destinations before a connection is ever established. By delivering security from the cloud, not only do you save money, but Cisco also provides more effective security.
Enforcement without latency or delay.
To start, Umbrella determines which customer the internet request belongs to, and which policy to enforce. Next, Cisco determines if the destination – domain request and IP response – is (A) malicious, unwanted, or blacklisted; (B) safe or whitelisted; or (C) risky, meaning it hosts both malicious and safe content.
For type A destinations, Cisco route the connection to a block page. For B, Cisco route the connection as normal. And for C, Cisco route the connection through Cisco’s cloud-based proxy for deeper inspection. All requests are logged globally and immediately visible for your security teams to take action.
World’s first intelligent proxy.
Traditionally, blocking web content at the URL level requires proxying all connections – which adds complexity and negatively impacts performance. With Umbrella, safe connections are allowed and malicious requests are blocked at the DNS-layer. Only requests to risky domains, which contain both malicious and legitimate content, are routed for deeper URL and file inspection. With Umbrella’s intelligent proxy, users don’t experience any slow or broken internet access.
Cisco Umbrellas platform is open for integration.
One fear that IT has with the cloud is a loss of customisation and control. Umbrella is an open platform that integrates with your in-house tools and third-party solutions. Using Cisco’s API, you can send local intelligence to Umbrella and enforce it globally in minutes. Additionally, you can query Cisco’s threat intelligence using the Cisco Umbrella Investigate API and enrich security event data in your SIEM or other systems.
Protection in 30 seconds with one change.
Do you use DNS or DHCP servers in your network? Just add 188.8.131.52 in one of the settings, and every device on that network is protected. What about laptops connecting off-network? If you use Cisco AnyConnect, simply enable Umbrella roaming security module for protection anywhere – even when the VPN is off. If not, Cisco have an agent that works with any VPN – proven in over a million deployments. And by performing everything in the cloud, there is no hardware to install, and no software to manually update.
The fastest, most reliable platform.
When you connect to a cloud security platform, performance is critical. It cannot break or slow down your internet connection. To ensure reliability, Cisco use Anycast routing – every data center announces the same IP address so that requests are transparently sent to the fastest available with automated failover. With Umbrella, you’ll never experience downtime for maintenance and you don’t need static routes to a primary and backup datacenters.