Professional Documents
Culture Documents
5 out of 10 4 out of 10
targeted by malware targeted by targeted by
cryptomining ransomware
Source: Cisco Umbrella Research (Midmarket (<5,000 users, January 2019 – June 2019)
1 in 4 $3.92M
face risk of a major breach average cost
in the next 24 months of data breach
Orchestration
79% struggle to orchestrate
alerts across vendors
Source: Cybersecurity Ventures Cybersecurity Jobs 2019 Report | Cisco 2019 CISO Benchmark Survey
End complexity
Simplify with DNS-layer security
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
90% of malware use DNS in attacks
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Source: Cisco Security Research Report
1 in 3 $100-200B
reported breaches could have global losses could have
been controlled by DNS been prevented by DNS
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Meet Cisco Umbrella
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Umbrella DNS-layer security Malware
C2 Callbacks
Phishing
Benefits
First line See all internet traffic across users
DLP Router/UTM
Easily enforce content web filtering
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Enterprise-wide coverage in minutes
On-network coverage
With one setting change
Integrated with Cisco SD-WAN, Cisco ISR
1K and 4K series, Cisco Meraki MR, and Cisco
WLAN controllers
30+
data centers
worldwide
Reliable, fast
global network YVR
208.67.222.222
DFW
208.67.222.222
200B 100M
requests daily active
per day users
18.5K 190+
enterprise countries
customers worldwide
Unmatched threat intelligence
Massive & diverse data
• 200B requests per day
• Represents 100M active users,
Security researchers
18.5K enterprise customers • Industry renown researchers
• From 190+ countries • Build models that can
automatically classify and
score domains and IPs
Models
• Dozens of models continuously
analyze millions of live events
per second
• Automatically uncover malware,
ransomware, and other threats
Statistical models
2M+ live events per second
11B+ historical events
Network
devices
Umbrella
Network Enforcement Investigate
Security device API API API
stack
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Survey says: time to value
>85%
report time to value
>50%
report time to value
in under a week in under a day
75%
reduction in malware
50%
reduction in alerts
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
It’s the easiest POV you’ll ever do.
1) Signup 2) Point DNS 3) Done
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Umbrella deployment scenarios
DEPLOYMENT
Internet gateway
208.67.222.222
Your policy Network egress IP
Enforce all security settings for 67.215.87.11
67.215.87.11 DNS server
208.67.222.222
Default
YOUR NETWORK
DEPLOYMENT
208.67.222.222
Your policy Network egress IP
Enforce all security settings for 67.215.87.11
67.215.87.11 DNS server
208.67.222.222
Supported
+Custom
YOUR NETWORK
DEPLOYMENT
208.67.222.222
Your policy Network egress IP
Enforce all security settings for 67.215.87.11 SERVER VLAN
Workstation VLAN Workstation VLAN
DNS server
or 208.67.222.222
Server VLAN Sever VLAN
DNS server
208.67.222.222
YOUR NETWORK
DEPLOYMENT
208.67.222.222
Your policy Network egress IP
Enforce all security settings for 67.215.87.11 GUEST WI-FI SSID
Employee Wi-Fi SSID Employee Wi-Fi
SSID DNS server
or 208.67.222.222
Guest Wi-Fi SSID Guest Wi-Fi SSID
DNS server
208.67.222.222
YOUR NETWORK
DEPLOYMENT
Laptop IP
Internet gateway 10.1.1.3
Internal DNS Server
208.67.222.222
Server IP
Your policy Network egress IP 10.1.1.1
Enforce all security settings for 67.215.87.11 External DNS resolution
67.215.87.11 DNS server 208.67.222.222
10.1.1.1
YOUR NETWORK
DEPLOYMENT
Server IP
Inserts 10.1.1.3, GUID and 10.1.1.1
Org ID in EDNS request,
encrypts and forwards
Laptop IP
Internet gateway 10.1.1.3
Umbrella VA
208.67.222.222
Appliance IP
Your policy Network egress IP 10.1.1.2
Enforce all security settings for 67.215.87.11 DNS server
10.1.1.3 DNS server 10.1.1.1
10.1.1.1 Internal domains
office.acme.com
YOUR NETWORK
DEPLOYMENT
Associates
CEO with Associates CEO
EXEC group with 10.1.1.3
(via HTTPS
Internet gateway push)
Internal
Umbrella VA DNS Server
208.67.222.222
Appliance IP DHCP IP
Your policy Network egress IP Inserts 10.1.1.3, 10.1.1.2 10.1.1.1
Enforce all security settings for 67.215.87.11 GUID and Org ID DNS server
DNS server in EDNS request, 10.1.1.1
EXEC group encrypts and
(GUID = CEO, a member of EXEC group) 10.1.1.1 Internal domains Laptop IP
forwards office.acme.com 10.1.1.3
CEO
YOUR NETWORK
DEPLOYMENT
AnyConnect roaming
security module
Internet gateway
208.67.222.222 or
Embed unique device ID
and GUID (if AD) in EDNS
Your policy Network egress IP request, encrypts and
Enforce all security settings based on N/A forwards
User identifiers DNS server
N/A
Umbrella
roaming client
ANY NETWORK