Why do I need DNS Layer Security?

Today’s IT environments extend way beyond the corporate perimeter and infrastructure that is owned and managed by internal IT teams. Most organisations are utilising hybrid clouds, SaaS-based applications and other web-based services. In addition to this, a higher proportion of end-users access systems and the internet through direct internet access, such as from home, business lounges, using their mobile device or even in local offices utilising SD-WAN.

The net result is that end-users are more frequently accessing websites, applications and content without passing through the corporate firewall and as such potentially exposing their devices and the corporate IT infrastructure to risk from malware, phishing attacks and command-and-control call backs sites.

By putting in place DNS layer security you are able to protect all devices from all locations whether or not they are on your corporate network. You are able to analyse the web request at the stage the DNS is being used to perform the IP look-up and therefore, block access to malicious sites before a connection is even established.

What is Cisco Umbrella?

Cisco Umbrella unifies the key security elements that you should be utilising to protect direct internet access either to websites or to cloud applications. It provides Secure Web Gateway (SWG), cloud-delivered firewalls, DNS-layer Security and Cloud Access Security Broker (CASB) functionality in a single cloud platform.

How Does Cisco Umbrella DNS-Layer Security Work?

Most organisations rely on their ISP to provide them with DNS look-up, this is a simple service that takes a DNS and translates it to an IP address to allow access to the website, server or web service. By utilising Cisco Umbrella for DNS look-up, you place an additional layer of security at this point. It allows you to maintain lists of DNS’s that you wish to block, define categories of content that you do not want to allow, and more importantly, utilise real-time threat intelligence to detect infrastructure being used to stage malicious activity.

Does This Support On & Off Network Users?

By placing a level of security at the DNS layer you are able to protect users regardless of whether they are inside or outside of your core network. Inside of your network, your routers point users to the Umbrella DNS service, outside of the network, the end-users device is configured to point directly to the Umbrella service.

Does Cisco Umbrella Impact Latency?

Cisco Umbrella is a highly resilient platform that boasts 100% uptime since 2006. It uses anycast routing to send requests to a network of over 30 data centres world-wide, so when a DNS request is made, this is sent to the nearest, fastest centre and failover is automatic. What is more, Umbrella peers with more than 800 of the world’s top internet service providers (ISPs), content deliver networks (CDNs) and SaaS platforms to delver superior speed and an ultra-low latency experience.

Where is Cisco Umbrella Installed?

Cisco Umbrella is a cloud delivered service, there is no hardware to install and no server-based software to install. You simply point your external DNS to the Cisco Umbrella IP address.

This can be done at the network level where any network device such as a router, DHCP Server, etc can be pointed to Umbrella. If you are already utilising Cisco solutions such as Viptela SD-WAN, Integrated Services Router (ISR), Meraki and Wireless LAN Controllers, these can be quickly configured to utilise Cisco Umbrella.

Outside of the network, then protection can be provided for end-user devices that are utilising Windows, macOS and Chrome OS.

What Intelligence Does Cisco Umbrella Use?

Cisco Umbrella utilises threat intelligence from Cisco Talos, one of the largest commercial threat intelligence teams in the world to uncover and block a broad spectrum of malicious domains, IPs, URLs and files used in attacks. Each day Umbrella analyses over 200 billion internet requests, enforcing more than 7 million unique malicious domains and IPs and adding over 60,000 new destinations to the block list.

Is Cisco Umbrella a Secure Web Gateway?

For organisations looking for a Secure Web Gateway, Cisco Umbrella can also provide this. A cloud-based full (or selective) proxy that can log and inspect your web traffic, including uploaded and downloaded files, protecting against malware and other hidden threats. You can view detailed reports with full URL addresses, network identity, allow or block actions, plus the external IP address. It allows you to create policies for content filtering by category or specific URLs to block destinations that violate policies or compliance requirements.

Is Cisco Umbrella a Cloud Access Security Broker (CASB)?

Cisco Umbrella provides the option to deploy a Cloud Access Security Broker (CASB), this allows you to detect and report on the cloud applications in use across your environment. It automatically generates overview reports on the vendors, categories, application names, and the volume of activity for each discovered app. It enable you to drill down on web reputation scores, financial viability, and relevant compliance certifications to enable better management of cloud adoption, reduce risk, and provide more control to block the use of offensive or inappropriate cloud applications in the work environment.

What is the Value of a Cisco Umbrella Free Trial?

By trialling Cisco Umbrella DNS-layer security for 14 days free of charge, you are able to prove the value that this solution can offer to your organisation. Around 78% of people utilising the free trial see the value of Cisco Umbrella within the first week and the majority of these are able to observe a reduction in malware exposure that is greater than 50%.