WHAT IS THE BLOG ABOUT?
Advanced cloud technology, DNS-layer security, interactive threat intelligence
The extent to which both corporate and private IT depend on the Internet in the 21st century is puzzling. In the case of the latter, there is no doubt that smartphones have brought about an explosive change, no less advanced network gaming consoles. Virtually most of humanity has chained to the Internet, and we can also state, for example, from the large number of social media accesses, that most of us live our lives in the cloud.
Either way, it’s impossible to avoid using the internet. The blog will not be about whether it is good or not, or why it was needed, but rather about how we can protect our digital assets and devices from the dangers of the Internet.
Of course, many private users are not yet aware of exactly what these threats mean, while most companies are already experiencing in their own skin how dangerous irresponsible Internet use can be for business values. While in many places they try to prevent problems from occurring with strict rules and more serious security measures, others do not deal much with prevention. The bad news is that both groups can be affected equally by the threat, regardless of the level of protection. The good news is that the Cisco Umbrella solution can help both groups not fall victim to cybercrime.
Mankind’s attitude to the sources of danger is interesting. In 2022, for example, every car in the EU will have airbags, seat belts, ABS, ESP, and the newer ones have ADA package with LKV, BSD, FCA, RCTA services. They all protect against visible and easily avoidable hazards. But while this year, according to statistics, more than half of the world population are smartphone users, not all devices have adequate protection against potential cyber-attacks. There is a talking assistant and fingerprint reading, but there is no real factory integrated protection in either. Because these are not visible dangers? However, the chances are the same that e.g. we will crash the car or our passwords will be stolen and our personality will be misuesd, in the worst case fraudsters“get rid” of our values. It is even more interesting that there is a common point in the mentioned dangers, that they are both known problems, existing dangers. But most surprisingly, there are developed countries where, despite this, strategy providers are unable to create satisfactory security in their own IT systems and as a victim can cause extreme problems for millions.
IS IT POSSIBLE TO CREATE AN EFFECTIVE SECURITY SOLUTION IN THE CLOUD?
Yes, Cisco offers several complex solutions for this, of which we will now talk about the Umbrella cloud security system. There is a lot to talk about the potential of the cloud, yet security is mentioned the least as an exploitable advantage. However, if we think about it better, why not use it for that? Moreover, if we think about it further, it is easy to see how many additional benefits it can have. By providing security from the cloud, there is no hardware to install and no manual software to update, moreover it gives you centralized administration. This saves time and reduces costs.
WHAT IS UMBRELLA?
Umbrella is a cloud-based environment that provides a number of other security features in addition to DNS layer security, such as a secure web gateway, firewall, access security broker, or interactive threat intelligence. Together with all of the features, and optionally with other Cisco services, the concrete-proof infrastructure provides protection with SD-WAN integration with virtually any network device.
HOW TO PROTECT EXISTING INFRASTRUCTURE WITH UMBRELLA?
Cisco Umbrella’s DNS-layer Security
Deploying Umbrella’s DNS-layer security is the fastest and easiest way to improve security. It increases security transparency, instantly detects hacked systems, and protects users inside and outside the network by blocking threats on any port or protocol before they reach the network or endpoints.
Secure Web Gateway (SWG)
Umbrella’s secure web gateway logs and monitors web traffic for full visibility, for URL and application control, and for protection against malware. The advantage is that it can be easily integrated with Meraki Auto VPN and Cisco SD-WAN.
Cisco Umbrella Cloud-Delivered Firewall
Umbrella Firewall provides control over outbound Internet traffic across all ports and protocols, logs all activity, and blocks unwanted traffic using IP, port, and protocol rules. It is easy to configure from network devices, but it also allows Meraki VPN or Cisco SD-WAN integration, so as a Zero Touch solution, the VPN and connection to Umbrella are established automatically.
Cloud Access Security Broker(CASB)
Umbrella explores shadow information by being able to detect and report on cloud applications used within the organization. You can view risk analyzes of logged applications and block them or control the use of applications. The service allows you to manage your applications transparently and reduce security risks.
Cisco Umbrella Investigate, Interactive threat intelligence
Umbrella Investigate provides the most complete picture of the connections and evolution of Internet domains, IP addresses and files – helping to identify the infrastructure of attackers and predict future threats. The service, available through the console and API, provides real-time connections to malware, phishing, botnets, Trojans, and other threats, allowing incidents to be investigated and responded to faster.
Integration with SD-WAN
Cisco SD-WAN and Umbrella integration allows you to load effective cloud-based security into your SD-WAN network, protecting your branch offices and roaming users. Integration is easy to deploy on the network, providing effective cloud-based security and protection against Internet threats. This approach effectively protects office users, connected devices, and provides all applications with direct Internet access security.
WHAT KIND OF BUSINESS IS CLOUDY SECURITY IDEAL FOR?
Cisco Umbrella service packages are designed to provide the functionality you need for virtually everyone, from small businesses without security professionals to multinationals with complex environments. Umbrella offers four primary packages that provide increasingly sophisticated capabilities for greater flexibility, visibility and control.
WHY DO WE RECOMMEND THAT ALL BUSINESSES AND INSTITUTIONS WITH AN EXTENSIVE NETWORK USE UMBRELLA?
Umbrella, run by Cisco Talos, one of the world’s largest commercial threat teams, previously blocks malicious activity before it reaches the network or endpoints. Umbrella also uses statistical and machine learning models to explore new attacks on the Internet.
Umbrella’s service is based on a highly flexible cloud infrastructure that has had 100% business availability since founded in 2006. With service-neutral data centers, Umbrella delivers outstanding speed by partnering with more than 1,000 leading ISPs around the world.
Easy API integration
Umbrella provides APIs for easier installation and sharing of intelligence and security event details with security systems and workflows.
AND IT'S NOT OVER YET
Cisco SecureX extends the value of Umbrella
SecureX is a cloud-based, built-in platform that connects Cisco Secure solutions such as Umbrella, and corporate infrastructures. It greatly reduces the time required for security inspections, individual analyzes, and provides a unique insight into security processes.
SecureX combines data collected by Umbrella from traffic and threat analysis with data from third-party security devices and a number of Cisco security and networking solutions to provide better visibility and faster investigation. Automated process descriptions simplify many steps in traditional threat hunting, detection, reporting, case management, and response processes. SecureX is an essential part of Umbrella packages, as it can be found in all other Cisco Secure products, where it adds XDR (Extended Detection and Response) capabilities.
And if we go on to explain our security concept, we can list a myriad of benefits and opportunities in addition to Umbrella and SecureX cloud solutions. Virtually any Cisco Secure Solution component can be included in the scope of the XDR system. Using Meraki System Manager, Cisco DUO Network Gateway, and Access Gateway, you can further increase the efficiency of your Zero Trust. The Cisco Identity Services Engine (ISE) provides a dynamic and automated approach to policy enforcement that simplifies the implementation of secure network access control. And ISE gains extensive visibility and context through Cisco Secure Network Analytics. Combining visibility and control results in the automatic suppression of threats to restrict or eliminate access based on the organization’s risk regulation.