When it comes to WAN security, DNS (domain name system) is playing an increasingly important role, too. Every time users connect to the internet, for instance, the internet service provider (ISP) specifies the DNS server address that users key into the browser network settings or router. If the default DNS servers used by the ISP become overtaxed, it can significantly slow down users’ web browsing experience. Even worse, DNS servers can become conduits for phishing websites and malware, leading to computer and other endpoint infections.
Cisco Umbrella (formerly Open DNS) is a cloud security platform that uses the internet’s infrastructure (i.e., DNS) to provide a first line of defense against threats on the internet wherever users go by blocking connections to bad IP addresses, URLs and domains. Cisco Umbrella can protect any computing device using any ports and can be easily activated in the Cisco AnyConnect client, seamlessly protecting your customers from malware, phishing, and command-and-control callbacks.
Unlike some security solutions that over-quarantine data traffic, Umbrella selectively routes suspicious URLs for deeper inspection, effectively optimizing security without compromising performance. And even if users’ devices become infected in other ways, Umbrella prevents connections to attacker’s servers, thereby stopping data exfiltration and execution of ransomware encryption.
Unlike the DNS servers many ISPs use, Umbrella servers store the IP addresses of millions of websites in their caches, which is how they resolve requests more quickly. Another advantage of using Cisco Umbrella is that it uses PhishTank’s anti-phishing service to block phishing websites from loading onto users’ computers.
Today more than 65 million users around the world connect to the internet via Cisco Umbrella servers. Over the past few years, the company expanded its cybersecurity reach with Umbrella cloud-based security, which supports roaming Macs, PCs and iOS devices, all managed through one web-based dashboard.
Recognizing Cisco Umbrella’s complementary role in its Security Everywhere strategy, Cisco integrated its AMP (Advanced Malware Protection) Threat Grid malware analysis cloud service with Umbrella. This new integration provides Umbrella users with a constantly updated list of newly identified malicious domains from the latest malware samples available. When a customer sends files to AMP Threat Grid, malicious domains are automatically added to Cisco Umbrella in minutes, with no user interaction.
Additionally, Cisco partners can connect Cisco Integrated Services Router (ISR) G2, Adaptive Security Appliance (ASA), and Meraki MX Security Appliances and Meraki MR Access Points to Umbrella for added security layers and an improved internet browsing experience.
To learn more about the benefits of Cisco Umbrella and AMP integration, check out “Sell Cisco Security into Any Account—AMP for Endpoints and Umbrella.”
During this 1-hour, instructor-led virtual presentation, you’ll learn how Cisco AMP for Endpoints continuously detects and monitors malware, immediately and retrospectively, to protect your customers' networks. Plus, get a better understanding of Cisco Umbrella, the new cloud-delivered security service for Cisco’s next-generation firewall.