Cisco launched Umbrella
February 2017 by Marc Jacob
Cisco launched the industry’s secure internet gateway (SIG) in the cloud, Cisco® Umbrella, to address the new enterprise security challenges of today’s mobile, cloud-era.
The way people work is changing. An increasingly mobile workforce conducts business via Software-as-a-Service (SaaS) applications. The unprecedented growth of SaaS apps looks set to continue with Gartner predicting that SaaS usage will increase 70 percent by 2018. Because of this, more branch offices are connecting directly to the internet, bypassing protections offered by the corporate network. This new way of working, while great for productivity and flexibility, means that a large population of users aren’t protected by traditional network and web security controls offered on the corporate network. It also leaves organizations without visibility into threats targeting a significant portion of their enterprise.
Organizations are struggling to protect themselves in this new working paradigm. Most rely heavily on virtual private network (VPN) usage. But according to IDG, 82 percent of mobile workers admit that they don’t always use the VPN. Others depend on on-premise secure web gateway solutions and an array of associated agents, creating complexity and latency. Today’s challenges call for a new approach to security. Cisco believes that cloud protection is the new first line of defense for organizations, providing visibility and control right at the edge of the internet.
Cisco is driving this shift to cloud protection by pioneering a new product category, secure internet gateway (SIG), a new technology to secure this new working paradigm. A secure internet gateway (SIG) provides safe access to the internet anywhere users go, even when they are off the VPN. A SIG acts as a secure onramp to the internet and provides the first line of visibility and defense regardless of where users are located or to what they’re trying to connect.
Cisco Umbrella, a secure internet gateway, is a cloud-delivered security platform that provides this first line of defense to protect employees both on and off the corporate network. Umbrella stops current and emergent threats over all ports and protocols for the most comprehensive coverage. It blocks access to malicious domains, URLs, IPs, and files before a connection is ever established or a file downloaded. With most threats targeting the endpoint, it’s critical to cover all ports and protocols to provide a safety net that covers 100 percent of traffic. Umbrella’s powerful, effective security does not require the typical operational complexity. By performing everything in the cloud, there is no hardware to install, and no software to manually update. Organizations can provide protection for all devices in minutes and leverage their existing Cisco investments — including AnyConnect® client, Integrated Services Router 4K Series, and wireless LAN controllers— to easily point Internet traffic to Umbrella whether on or off the corporate network.
Cisco Umbrella delivers:
Visibility and protection everywhere: Umbrella provides the visibility needed to protect Internet access across all devices on a network, all office locations, and roaming users. By combining Umbrella with Cisco Cloudlock’s Cloud Access Security Broker technology, Cisco can now enable organizations to identify which SaaS apps are being used and enforce policies to block risky or inappropriate apps.
Intelligence to stop attacks before they launch: Umbrella resolves over 100 billion internet requests every day and correlates this live data with over 11 billion historical events. This is analyzed to identify patterns, detect anomalies, and create models to automatically uncover attacker infrastructure being staged for the next threat.
Broadest coverage for malicious destinations and files: Umbrella leverages powerful tools from across Cisco Security to obtain the most complete view to identify and stop threats earlier. This includes
Machine learning models to uncover known and emergent threats, blocking connections to malicious destinations at the DNS and IP layers.
Cisco Talos threat intelligence to block malicious URLs at the HTTP/S layer.
Cisco Advanced Malware Protection (AMP) to detect malicious files and block them in the cloud
An open platform for easy integration: Umbrella can integrate with existing systems, including security appliances, intelligence platforms or feeds, and custom, in-house tools which enables users to extend protection for devices and locations beyond the perimeter.
Discovery and control for Software-as-a-Service (SaaS) apps: Umbrella, together with Cloudlock, enables organizations to discover and control sensitive data in SaaS apps on and off-network.
Reliable and fast connectivity for a great user experience: Customers don’t experience broken or slow connections when they use Umbrella. Umbrella uses Anycast routing — every data center announces the same IP address so that requests are transparently sent to the fastest available with automated failover to maintain 100 percent uptime. This is security that won’t slow down users.