- How effective is the solution?
- How does it compare (or add) to the customer’s security stack?
- Does it deliver great time-to-value?
With a Cisco Umbrella trial, however, you can provide your customers with security enforcement and visibility in minutes across all ports and protocols, on and off network. All you need to do is point their DNS traffic to the Umbrella global network. By leveraging DNS—the foundation of the internet—your clients can safely evaluate how well Umbrella protects their enterprise against malicious activity.
What’s more is that customers who opt for a free 14-day trial receive a free report at the end that will help them see not only which threats were blocked and which devices are infected, they’ll learn how Umbrella discovered the attack. Visualizations correlate their local activity with Umbrella’s global visibility of attacker infrastructures to show them when and where Umbrella protected them.
Short videos with Umbrella security researchers reveal the techniques that discover, and often predict, these attacks, too. For example, a single ransomware domain seen in your client’s local activity is correlated with related domains, IPs and malware derived from 100+ billion daily internet requests and 1.5+ million daily malware samples. Unlike a static executive summary, a Cisco systems engineer will walk your customers’ teams through an interactive data portal to expand their knowledge about the different threat families and specific attacks operating inside their enterprise environments.
How an Umbrella expert helps partners close deals
More than just a printout of weeks’ worth of security data points, the Umbrella security report is reviewed with the client by a Cisco Umbrella expert who can help them:
- Determine when an activity was first tagged as malicious and whether Umbrella predicted it. Using statistical and machine learning models, Umbrella can tag domains as being malicious before they’re even registered or seen by one of Umbrella’s 85+ million active daily users.
- Investigate the concerns clients are most concerned about. For ease of use, Umbrella’s policies group threats as malware, C2 callbacks (aka botnets) and phishing. But Umbrella actually classifies up to 20 granular threat families, which are unveiled in the report. Unique malicious domains requested by various devices, are each represented as a bubble and visually grouped by threat.
- Trace relationships between customer activity and attackers to learn more about the threat. Umbrella continuously graphs the relationships between 2+ million live events per second and 11+ billion historical events to track the evolution of attacker infrastructures. Based on any malicious activity and the report’s algorithms, a partial view of this massive graph is revealed. For example, several domains requested by your customer’s users are related to IPs, email addresses and even malware files associated with the same threat. This context helps your client understand how Umbrella discovered the domains.
- Spot increased malicious activity. During the free trial, it’s common to have too many malicious requests to evaluate each one. Time series profiling helps you quickly spot days or hours with increased activity. With a simple click, the report zooms in to show which destinations their devices attempted to connect to, allowing them to quickly compare their local activity vs. what Umbrella sees globally.
While Cisco Umbrella can enforce security at the DNS, IP and HTTP/S layers, this report doesn’t require that blocking is enabled and only monitors DNS activity. Any malicious domains requested and IPs resolved are indicators of compromise (IOC). This report, along with an Umbrella expert, will help your clients associate these IOCs to threat families and the specific attacks that exposed them to risk.
Direct your clients to signup.umbrella.com to provision their free Cisco Umbrella Insights package in seconds. No credit card or phone call is required.