What is Cisco Umbrella Cloud Security?

Cisco Umbrella or formerly OpenDNS (acquired in 2015) is a cloud security solution and the leading provider of DNS-layer security. Cisco Umbrella enables secure, reliable, and fast Internet access for its users wherever they are, including remote users. It protects against Internet-based threats and blocks requests to malicious destinations, such as malicious domains, IP addresses, and URLs, through DNS. It restricts undesirable requests before the IP connection is established.

Aside from the DNS-layer security, Cisco Umbrella also integrates threat intelligence, Cloud Access Security Broker (CASB), secure web gateway, and cloud-delivered firewall into a single platform. It gives its users effective protection, better security, and simpler management and control.

The Cisco Umbrella global network has a guaranteed 100% uptime because of its multiple data centers located around the world using Anycast DNS. Anycast DNS infrastructure routes DNS traffic to the closest location. Thus, the users’ location wouldn’t be a problem. Whether you’re on or off the network, or if you have roaming users.

Its security intelligence is fed into Cisco Umbrella’s database in real-time where it is utilized for statistical and machine learning processes. The information gathered is supplemented with Cisco Talos intelligence and is analyzed by the Cisco Umbrella team. By understanding the Internet activity patterns, Cisco Umbrella automatically discovers the current and emerging threats on the Internet.


Cisco Umbrella Setup

To set up Cisco Umbrella, all devices in the network, including guest devices, must forward their DNS traffic to the Umbrella’s global network. This can be easily configured in the DHCP settings on the network’s Internet gateways, like routers and access points.

Cisco AnyConnect clients are supported by Cisco Umbrella as well. Cisco AnyConnect has an enable roaming security module which allows all DNS requests to be sent to Umbrella’s global network even if the device’s VPN is turned off. Cisco Umbrella also has a roaming client feature that tags, encrypts, and forwards DNS queries to the Umbrella global network. Therefore, per-device security policies can be enforced without latency or complexity.

Cisco Umbrella

When a user makes a request to a website on the Internet, the DNS request for the website will be forwarded to Umbrella. Then, Umbrella will analyze the request to check if the domain the user is trying to access is malicious or not.

If the domain is safe, its IP address will be sent by Umbrella and the user can connect to the requested domain. If the requested domain is malicious, then Umbrella will send the IP address of its block page. It will restrict the user to connect to the website.

Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.

We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training: