100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace
Cybersecurity

Cisco Umbrella

By Cisco Systems

IntermediateService8.3K learners

Cisco Umbrella is a cloud-delivered security service that uses DNS-layer and secure web gateway filtering to block malicious domains, malware, and phishing sites before a connection is even established.

Definition

Cisco Umbrella is a cloud-delivered security service that uses DNS-layer and secure web gateway filtering to block malicious domains, malware, and phishing sites before a connection is even established.

Overview

Cisco Umbrella works primarily at the DNS layer: when a device attempts to resolve a domain name, the request is routed through Umbrella's cloud infrastructure, which checks it against continuously updated threat intelligence before allowing the connection. Because this happens before any actual connection is made to a malicious site, Umbrella can block threats like Phishing and command-and-control communication used by Malware and Botnets at an early stage. Beyond DNS filtering, Umbrella has expanded into a broader secure internet gateway, incorporating a cloud-delivered firewall, secure web gateway, and cloud access security broker (CASB) functionality — packaging several network security functions as a cloud service rather than requiring on-premises appliances at every location. Because it is DNS-based and cloud-delivered, Umbrella is particularly well suited to protecting distributed and remote workforces, since it can enforce policy for a laptop at a coffee shop the same way it would inside a corporate office, without requiring a traditional Virtual Private Network (VPN) for basic protection.

Key Features

  • DNS-layer security that blocks malicious domains before connection
  • Cloud-delivered architecture requiring no on-premises appliances
  • Secure web gateway and cloud-delivered firewall functionality
  • Cloud access security broker (CASB) capabilities for SaaS visibility
  • Threat intelligence continuously updated from Cisco Talos research
  • Protects remote and distributed users regardless of network location
  • Lightweight roaming client for off-network device protection

Use Cases

Blocking phishing and malware domains before a connection is made
Protecting remote and distributed workforces without full VPN tunneling
Enforcing acceptable-use and content filtering policies at the DNS layer
Gaining visibility into shadow IT and unsanctioned SaaS usage
Reducing malware command-and-control communication
Simplifying branch-office security without additional hardware appliances

Frequently Asked Questions