Cisco Umbrella 2024 Cisco Umbrella 2024
MichaelLee15927
68 views
27 slides
Mar 08, 2025
Slide 1 of 27
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
About This Presentation
Cisco Umbrella 2024
Slide Content
Cisco Umbrella
Cloud-delivered security, simplified
Joseph Lee, Technical Manager, (CyberSecurity) Ingram Micro
17 Jan 2024
Cloud-delivered security, simplified
Joseph Lee, Technical Manager, (CyberSecurity) Ingram Micro
17 Jan 2024
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
How are you addressing common
security problems?
Connectivity needs
change quickly
Data center can be a
bottleneck
Complexity increases
operational costs
App and network
performance can
drop
Internal 20%
Internet 80%
Bottleneck
VPN MPLS
Branch offices HQ Roaming/mobile
Challenges
Traffic
Today
Internal 80%
Internet 20%
Traffic
Yesterday
Animated
How are you addressing common
security problems?
Connectivity needs
change quickly
Data center can be a
bottleneck
Complexity increases
operational costs
App and network
performance can
drop
Internal 20%
Internet 80%
Bottleneck
VPN MPLS
Branch offices HQ Roaming/mobile
Challenges
Traffic
Today
Internal 80%
Internet 20%
Traffic
Yesterday
Animated
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Modernize with cloud-delivered security
Security Service Edge (SSE)-based architecture secures access to the
internet and the usage of cloud services and private applications.
of enterprises will have adopted a strategy
to unify web, cloud services, and private
application access using a SASE/SSE-
based architecture by 2025.
The market is evolving rapidly toward
SSE.
80
%
Source: “Critical Capabilities for Security Service Edge,” Gartner, 16 February
2023
Modernize with cloud-delivered security
Security Service Edge (SSE)-based architecture secures access to the
internet and the usage of cloud services and private applications.
of enterprises will have adopted a strategy
to unify web, cloud services, and private
application access using a SASE/SSE-
based architecture by 2025.
The market is evolving rapidly toward
SSE.
80
%
Source: “Critical Capabilities for Security Service Edge,” Gartner, 16 February
2023
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure Access Service Edge (SASE)
Network as a Service Security as a Service
Connect It Protect It
Firewall as a Service
(FWaaS)
Secure Web Gateway
(SWG)
Cloud Access Security
Broker (CASB)
Zero Trust Network
Access (ZTNA)
SSE
SASE
On-ramp into Public
IaaS and Private Cloud*
SD-WAN Analytics
(including Internet
Intelligence)
Secure SD-WAN
Fabric*
Performance-based
Internet Routing
SD-WAN
*with support for remote workers
On-prem Unified
Threat Management
A modern, future-looking approach to secure connectivity
Secure Access Service Edge (SASE)
Network as a Service Security as a Service
Connect It Protect It
Firewall as a Service
(FWaaS)
Secure Web Gateway
(SWG)
Cloud Access Security
Broker (CASB)
Zero Trust Network
Access (ZTNA)
SSE
SASE
On-ramp into Public
IaaS and Private Cloud*
SD-WAN Analytics
(including Internet
Intelligence)
Secure SD-WAN
Fabric*
Performance-based
Internet Routing
SD-WAN
*with support for remote workers
On-prem Unified
Threat Management
A modern, future-looking approach to secure connectivity
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Umbrella: Core for your SSE and SASE journey
Secure Web Gateway
(SWG)
Cloud-Delivered Firewall
(FWaaS)
Cloud Access Security
Broker (CASB)
DNS-layer
security
Cisco Talos Threat
Intelligence
Remote Browser
Isolation (RBI)
•App Discovery
and Control
•Cloud Malware
Detection
•Data Loss
Prevention (DLP)
Umbrella: Core for your SSE and SASE journey
Secure Web Gateway
(SWG)
Cloud-Delivered Firewall
(FWaaS)
Cloud Access Security
Broker (CASB)
DNS-layer
security
Cisco Talos Threat
Intelligence
Remote Browser
Isolation (RBI)
•App Discovery
and Control
•Cloud Malware
Detection
•Data Loss
Prevention (DLP)
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Talos drives Umbrella’s threat intelligence
1.4+ million malware samples processed
daily
625 billion web requests resolved daily
200+ new vulnerabilities discovered yearly
400+ full-time researchers + datascientists
Wesee moreandautomate more, so you
can block moreandrespond fasterto
threats.
Trusted | Global | Unmatched
Cisco Talos drives Umbrella’s threat intelligence
1.4+ million malware samples processed
daily
625 billion web requests resolved daily
200+ new vulnerabilities discovered yearly
400+ full-time researchers + datascientists
Wesee moreandautomate more, so you
can block moreandrespond fasterto
threats.
Trusted | Global | Unmatched
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DNS-layer security
A differentiating first line of defense
•Deploy enterprise-wide in minutes
•Block malware, phishing, CNC callbacks—
from anywhere
•Prevent or limit visits to nefarious web
sites from guest Wi-Fi networks
•Stop threats at the earliest point to
reduce triage of alerts
•Accelerate internet access; only proxy
risky domains
SD-WAN ON/OFF NETWORK DEVICES
Blocked
requests
<5%
Safe
requests
Internet/
SaaS
DNS-layer security
A differentiating first line of defense
•Deploy enterprise-wide in minutes
•Block malware, phishing, CNC callbacks—
from anywhere
•Prevent or limit visits to nefarious web
sites from guest Wi-Fi networks
•Stop threats at the earliest point to
reduce triage of alerts
•Accelerate internet access; only proxy
risky domains
SD-WAN ON/OFF NETWORK DEVICES
Blocked
requests
<5%
Safe
requests
Internet/
SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure Web Gateway: Full web proxy
Deep inspection and control of web traffic
•Gain additional visibility via full URL logging and cloud
app discovery
•Enforce acceptable use policy via granular app
controls, content filtering, and URL block/allow lists
•Extend protection against malware via SSL
decryption and file inspection
•Improve content security: Sandboxing + retrospective
alerts on malware that’s evaded initial detection
•View detailed reporting with full URL addresses,
network identity, allow/block actions, external
IP addresses
Secure Web Gateway: Full web proxy
Deep inspection and control of web traffic
•Gain additional visibility via full URL logging and cloud
app discovery
•Enforce acceptable use policy via granular app
controls, content filtering, and URL block/allow lists
•Extend protection against malware via SSL
decryption and file inspection
•Improve content security: Sandboxing + retrospective
alerts on malware that’s evaded initial detection
•View detailed reporting with full URL addresses,
network identity, allow/block actions, external
IP addresses
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cloud Access Security Broker (CASB)
•Control SaaS app usage
−Content, app, and tenant controls
−Granular controls for uploads, posts,
shares, and more
•Automate alerts about risky apps
and activities
•Keep outbound web traffic secure
with inline and out-of-band data loss
prevention (DLP)
•Detect and remove malware from
cloud file storage apps
Visibility, control, and protection
Cloud Access Security Broker (CASB)
•Control SaaS app usage
−Content, app, and tenant controls
−Granular controls for uploads, posts,
shares, and more
•Automate alerts about risky apps
and activities
•Keep outbound web traffic secure
with inline and out-of-band data loss
prevention (DLP)
•Detect and remove malware from
cloud file storage apps
Visibility, control, and protection
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Meeting compliance requirements with CASB
Discover compliance
risks and violations in
cloud app usage
Maintain compliance
requirements for data in
or going to the cloud
Enforcecompliance
viaweb proxy
fordata-in-motion
Meeting compliance requirements with CASB
Discover compliance
risks and violations in
cloud app usage
Maintain compliance
requirements for data in
or going to the cloud
Enforcecompliance
viaweb proxy
fordata-in-motion
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Visibility and Control
Full view across managed and unmanaged cloud activity
•Minimize negative impact on productivity,
expenses, security, and support issues
Application Visibility and Control
Full view across managed and unmanaged cloud activity
•Minimize negative impact on productivity,
expenses, security, and support issues
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Visibility and Control
Full view across managed and unmanaged cloud activity
•Minimize negative impact on productivity,
expenses, security, and support issues
•Detect and monitor cloud apps in use
across your environment
Umbrella tracks 30K+ apps
Application Visibility and Control
Full view across managed and unmanaged cloud activity
•Minimize negative impact on productivity,
expenses, security, and support issues
•Detect and monitor cloud apps in use
across your environment
Umbrella tracks 30K+ apps
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Visibility and Control
•Minimize negative impact on productivity,
expenses, security, and support issues
•Detect and monitor cloud apps in use across
your environment
•Discover app names, vendors, categories,
activity, risk rankings, and more
Full view across managed and unmanaged cloud activity
Umbrella tracks 30K+ apps
Application Visibility and Control
•Minimize negative impact on productivity,
expenses, security, and support issues
•Detect and monitor cloud apps in use across
your environment
•Discover app names, vendors, categories,
activity, risk rankings, and more
Full view across managed and unmanaged cloud activity
Umbrella tracks 30K+ apps
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Visibility and Control
•Minimize negative impact on productivity,
expenses, security, and support issues
•Detect and monitor cloud apps in use across
your environment
•Discover app names, vendors, categories,
activity, risk rankings, and more
Full view across managed and unmanaged cloud activity
Application Visibility and Control
•Minimize negative impact on productivity,
expenses, security, and support issues
•Detect and monitor cloud apps in use across
your environment
•Discover app names, vendors, categories,
activity, risk rankings, and more
Full view across managed and unmanaged cloud activity
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Visibility and Control
•Minimize negative impact on productivity,
expenses, security, and support issues
•Detect and monitor cloud apps in use across
your environment
•Discover app names, vendors, categories,
activity, risk rankings, and more
•Ensure access to essential cloud apps
and block access to unapproved apps
https://umbrella.cisco.com/schedule-a-demo
Full view across managed and unmanaged cloud activity
Application Visibility and Control
•Minimize negative impact on productivity,
expenses, security, and support issues
•Detect and monitor cloud apps in use across
your environment
•Discover app names, vendors, categories,
activity, risk rankings, and more
•Ensure access to essential cloud apps
and block access to unapproved apps
https://umbrella.cisco.com/schedule-a-demo
Full view across managed and unmanaged cloud activity
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Tenant controls
Productivity
Provide access only to corporate instances
ofcore SaaS apps
Security
Ensure sensitive data is created and stored only
inapproved instances of cloud apps
Cisco.com
Corporate instance
Deb Smith
Personal instance
Bob Jones
Personal instance
Select the instance(s) of core SaaS applications that can
be accessed by all users or only by specific
groups/individuals
Tenant controls
Productivity
Provide access only to corporate instances
ofcore SaaS apps
Security
Ensure sensitive data is created and stored only
inapproved instances of cloud apps
Cisco.com
Corporate instance
Deb Smith
Personal instance
Bob Jones
Personal instance
Select the instance(s) of core SaaS applications that can
be accessed by all users or only by specific
groups/individuals
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Multimode Cloud Data Loss Prevention (DLP)
With unified policies and reporting for a single console experience
Real Time DLP
•Works via Umbrella Secure Web Gateway (SWG) proxy
•Scans web traffic inlinefor real-time enforcement
•All application coverage: sanctioned and unsanctioned
SaaS API DLP
•Works via cloud APIs for data at rest, without SWG proxy
•Scans web traffic out-of-band with near real-time
enforcement
•Sanctioned app coverage
Same management interface
Multimode Cloud Data Loss Prevention (DLP)
With unified policies and reporting for a single console experience
Real Time DLP
•Works via Umbrella Secure Web Gateway (SWG) proxy
•Scans web traffic inlinefor real-time enforcement
•All application coverage: sanctioned and unsanctioned
SaaS API DLP
•Works via cloud APIs for data at rest, without SWG proxy
•Scans web traffic out-of-band with near real-time
enforcement
•Sanctioned app coverage
Same management interface
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cloud Malware Protection
Better intelligence drives better security
•Take advantage of comprehensive
Cisco Talos threat intelligence
•Alert system admins to potentially
malicious files in supported cloud apps
Cloud Malware Protection
Better intelligence drives better security
•Take advantage of comprehensive
Cisco Talos threat intelligence
•Alert system admins to potentially
malicious files in supported cloud apps
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cloud Malware Protection
Better intelligence drives better security
Billions of new malware samples analyzed daily
Malware blocks
17.7k total ▲ 992% vs. last 30 days
720
240
•Take advantage of comprehensive
Cisco Talos threat intelligence
•Alert system admins to potentially
malicious files in supported cloud apps
•Enable admins to auto-quarantine,
manually quarantine, or delete unsafe
files before they reach endpoints
Cloud Malware Protection
Better intelligence drives better security
Billions of new malware samples analyzed daily
Malware blocks
17.7k total ▲ 992% vs. last 30 days
720
240
•Take advantage of comprehensive
Cisco Talos threat intelligence
•Alert system admins to potentially
malicious files in supported cloud apps
•Enable admins to auto-quarantine,
manually quarantine, or delete unsafe
files before they reach endpoints
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cloud Malware Protection
•Take advantage of comprehensive
Cisco Talos threat intelligence
•Alert system admins to potentially
malicious files in supported cloud apps
•Enable admins to auto-quarantine,
manually quarantine, or delete unsafe
files before they reach endpoints
•Continually gather new threat data
Better intelligence drives better security
Cloud Malware Protection
•Take advantage of comprehensive
Cisco Talos threat intelligence
•Alert system admins to potentially
malicious files in supported cloud apps
•Enable admins to auto-quarantine,
manually quarantine, or delete unsafe
files before they reach endpoints
•Continually gather new threat data
Better intelligence drives better security
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cloud-Delivered Firewall (CDFW)
Outbound traffic firewall for the cloud edge
Tunnel (IPsec)
SWGCDFW
80/443
Non-web/
site
exclusions
DEVICES ON NETWORK
•Block high risk, non-web applications
•Centrally manage IP, port, protocol
andapplication rules (layer 3, 4, and 7)
•Deepen security with Snort 3 IPS
•Forward web traffic (ports 80/443) tosecure
web gateway
•IPsec tunnel termination
Internet/
SaaS
Cloud-Delivered Firewall (CDFW)
Outbound traffic firewall for the cloud edge
Tunnel (IPsec)
SWGCDFW
80/443
Non-web/
site
exclusions
DEVICES ON NETWORK
•Block high risk, non-web applications
•Centrally manage IP, port, protocol
andapplication rules (layer 3, 4, and 7)
•Deepen security with Snort 3 IPS
•Forward web traffic (ports 80/443) tosecure
web gateway
•IPsec tunnel termination
Internet/
SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Remote Browser Isolation (RBI)
•Provide air gap between users, devices,
and browser-based threats
•Deploy rapidly without changing existing
Umbrella configuration
•Deliver secure web browsing with
protection from zero-day threats
•Maintain employee productivity by
ensuring safe access to risky destinations
and protecting high-risk users
More protection from risky destinations
Remote Browser Isolation (RBI)
•Provide air gap between users, devices,
and browser-based threats
•Deploy rapidly without changing existing
Umbrella configuration
•Deliver secure web browsing with
protection from zero-day threats
•Maintain employee productivity by
ensuring safe access to risky destinations
and protecting high-risk users
More protection from risky destinations
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Meraki or Cisco SD-WAN with Umbrella for SASE
Security and efficiency from the world’s top SASE vendor
Simple
•Fast protection of users
across your distributed
network with simple,
flexible deployment options
•Off-network protection
•Automatic failover
Secure
•Multiple layers of security from
asingle, cloud-native service
•Flexible policy enforcement
•Higher security efficacy with
less effortand fewer resources
Scalable
•Consistent high-performance
security for multi-cloud
demands
•SSL decryption at a scale not
possible with on-prem
hardware
•Real-time worldwide
intelligence updates ensure
protection
from the latest treats at the
earliest moment
Meraki or Cisco SD-WAN with Umbrella for SASE
Security and efficiency from the world’s top SASE vendor
Simple
•Fast protection of users
across your distributed
network with simple,
flexible deployment options
•Off-network protection
•Automatic failover
Secure
•Multiple layers of security from
asingle, cloud-native service
•Flexible policy enforcement
•Higher security efficacy with
less effortand fewer resources
Scalable
•Consistent high-performance
security for multi-cloud
demands
•SSL decryption at a scale not
possible with on-prem
hardware
•Real-time worldwide
intelligence updates ensure
protection
from the latest treats at the
earliest moment
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Reliable and lightning-fast performance from day one
•Containerized, multi-tenant architecture powers
scalability and reliability
•1000+ peering partnerships with IXPs, CDNs and
SaaS platforms for fastest route
•Agile infrastructure delivers continuous innovation
without customer downtime
•Augmented routing automatically selects closest
available data center for best availability and
reliability
•Carrier neutral data centers chosen purely on best
connections and quality services
•Data centers support compliance standards
ISO27001,SOC2, and GDPR requirements
Born in the cloud, global cloud architecture
Reliable and lightning-fast performance from day one
•Containerized, multi-tenant architecture powers
scalability and reliability
•1000+ peering partnerships with IXPs, CDNs and
SaaS platforms for fastest route
•Agile infrastructure delivers continuous innovation
without customer downtime
•Augmented routing automatically selects closest
available data center for best availability and
reliability
•Carrier neutral data centers chosen purely on best
connections and quality services
•Data centers support compliance standards
ISO27001,SOC2, and GDPR requirements
Born in the cloud, global cloud architecture
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Umbrella packages
†
Qualifies for E-Rate funding
** Also available as add-ons for SIG-Essentials
††
Secure Malware Analytics (formerly known as Threat Grid) for 3 admin users and unlimited sample submissions
DNS Security
Essentials
DNS for EDU: Same feature set
SIG Advantage
SIG Essentials
DNS Security
Advantage
Firewall (L7 AVC; IPS)
†
**
Inline and Out-of-Band DLP**
Cloud Malware Detection (all supported apps)
Secure Malware Analytics
††
L3-L4 Firewall
†
| Cloud Malware Detection (two apps) |
File Analysis (Secure Malware Analytics): Now 500 samples/day
SelectiveWeb Proxy | Web Filtering | File Inspection: AV and Secure Endpoint | Investigate Console + On-demand Enrichment API
Umbrella DNS security: Domain Filtering, Security Blocking and App Discovery and Blocking | Network and Branch Protection (VA + AD Connector) + Roaming + Mobile User Protection |
Cisco Secure Mobility Client (AnyConnect)license for simpler roll out | Highly available, global cloud architecture powered by Umbrella and Talos threat intelligence
Policy, Reporting and Enforcement APIs | Cisco SecureX | S3 Log Management (not in EDU) | Multi-org Console | DOH | DNSSEC | Threat Lens
24x7 access to Cisco Cloud Security Support (Cisco Software Support Enhanced: Required attach) | (Optional) Premium Support Upgrade
SIG for EDU
Secure Web Gateway and DNS SecurityAdvantage
Umbrella packages
†
Qualifies for E-Rate funding
** Also available as add-ons for SIG-Essentials
††
Secure Malware Analytics (formerly known as Threat Grid) for 3 admin users and unlimited sample submissions
DNS Security
Essentials
DNS for EDU: Same feature set
SIG Advantage
SIG Essentials
DNS Security
Advantage
Firewall (L7 AVC; IPS)
†
**
Inline and Out-of-Band DLP**
Cloud Malware Detection (all supported apps)
Secure Malware Analytics
††
L3-L4 Firewall
†
| Cloud Malware Detection (two apps) |
File Analysis (Secure Malware Analytics): Now 500 samples/day
SelectiveWeb Proxy | Web Filtering | File Inspection: AV and Secure Endpoint | Investigate Console + On-demand Enrichment API
Umbrella DNS security: Domain Filtering, Security Blocking and App Discovery and Blocking | Network and Branch Protection (VA + AD Connector) + Roaming + Mobile User Protection |
Cisco Secure Mobility Client (AnyConnect)license for simpler roll out | Highly available, global cloud architecture powered by Umbrella and Talos threat intelligence
Policy, Reporting and Enforcement APIs | Cisco SecureX | S3 Log Management (not in EDU) | Multi-org Console | DOH | DNSSEC | Threat Lens
24x7 access to Cisco Cloud Security Support (Cisco Software Support Enhanced: Required attach) | (Optional) Premium Support Upgrade
SIG for EDU
Secure Web Gateway and DNS SecurityAdvantage
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Next steps
•Schedule a demo
https://umbrella.cisco.com/schedule-a-
demo
•Sign up for a free DNS-layer security
trial
https://signup.umbrella.com/
•Join an Umbrella Studio workshop
https://umbrella.cisco.com/cisco-
umbrella-studio
Cisco Umbrella
Protect users everywhere in minutes
Animated
Next steps
•Schedule a demo
https://umbrella.cisco.com/schedule-a-
demo
•Sign up for a free DNS-layer security
trial
https://signup.umbrella.com/
•Join an Umbrella Studio workshop
https://umbrella.cisco.com/cisco-
umbrella-studio
Cisco Umbrella
Protect users everywhere in minutes
Animated
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 68
- Slides 27
- Age 267 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views