Securing your organization’s network is getting harder and harder. With many organizations having to adapt to the new norm we find ourselves in. The number of remote workers has increased and that means our security protocols and infrastructure have been stretched. This is where Cisco Umbrella and Duo Security come in. Cisco Umbrella is a cloud-delivered security service that is fast and flexible. Cisco has partnered with Duo Security to provide zero trust security that gives you SSO and secures remote access.
First, let’s cover the Cisco Umbrella and what if offers. The Cisco Umbrella offers integrated security from the cloud with intelligence-driven security and an easy way to block malware. With Umbrella this all happens before it can get to your devices. Cisco Umbrella offers three packages that meet escalating levels of security. The first package covers DNS layer security with the ability to block malicious domains before they can reach your networks. It also contains off-network protection for mobile devices. As well as Umbrella’s API, log tracking, Cisco threat response, identity-based policies, blocking of shadow IT by domain. The next tier adds the ability to proxy risky domains, block/inspect files using an AV engine and Cisco AMP. The last tier includes a secure web gate for proxy, cloud-delivered firewall, sandbox analysis with Cisco Threat Grid, and cloud access security broker functionality. Now let’s look at the components.
First, is the Cloud-delivered security services, which has two major parts. those two components are the cloud access security broker and cloud-delivered firewalls. Let’s look at the cloud access security broker functionality or CASB functionality for short. This detects and reports on the use of cloud-based applications across your environment and helps detect shadow IT. This extends IT’s visibility into cloud apps in use and gives details on the application on possible risks. It also allows you to block or allow specific applications. Next is the Cloud-delivered firewall which logs all activity and can block unwanted traffic using IP, port, and protocol rules. It uses an IPsec tunnel which is managed with the Umbrella dashboard. This dashboard makes creating tunnels, changing security easy to do and gives consistent enforcement of your policies throughout all your devices.
Next, is the Cisco SD-WAN and architecture that helps secure your organization’s workers to your cloud-based services. Most organizations today have more than one cloud-based service in use. These services are not all the same and can have many various weak points that occur while connecting that vary from service to service. By using the Cisco SD-WAN architecture your IT can analyze the various services and areas of concern and apply the need security protocols to ensure you have a safe connection. Using the Cisco vManage allows you to efficiently create and manage these protocols, through an easy to use GUI interface.
Finally, we have DNS layer security, this provides the first line of defence against threats. The first step of internet access is DNS resolution. By enforcing security at the DNS and IP layers you can block requests to malicious destinations before the connection can even be established. Umbrella allows you to do this and can stop threats over any port or protocol before it reaches your networks. This cloud-delivered service provides visibility and protection across all devices, and location where you would need it. Its logs can categorize DNS activity by threat level and web content and can act based on those criteria. The logs are kept for as long as you need this allows for more in-depth analysis and investigation. The Cisco Umbrella dashboard allows this DNS-layer security to be implemented quickly and cover as many users and locations as needed in minutes.
Now, the Cisco umbrella offers many services to help secure remote access but to provide complete package Cisco has partnered with Duo Software to do just that. Duo software is a provider of zero-trust security solutions and they have partnered to add those measures to Umbrella. This partnership increases your security and allows you to secure your cloud apps by adding an SSO with two-factor authentication. This is done through Umbrella SSO with integration with WebEx that gives you SAML 2.0 level authentication. It also provides DNS securing through the Umbrella SSO and allows you to secure Remote access with Cisco ASA VPN that has been integrated with DUO’s zero-trust policies.
For case studies on how Cisco Umbrella has helped many organizations click here. If you are interested in any of the services mentioned above or want to know more about how Powerland and Cisco can help your organization. Feel free to contact us by using the form found on the bottom of the page or email us at inquiry@powerland.ca. We will connect you with a helpful and knowledgeable member of our staff that can help you achieve your goals.
