Cisco Umbrella Product Overview

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and thank you for watching this product overview video for Cisco umbrella during this session we'll briefly cover the product history and then focus on key differentiators and benefits for a deeper dive into the key features and functionality of umbrella please view the key features video sisqó umbrella comes from Cisco's acquisition of OpenDNS which happened back in 2015 OpenDNS started in 2006 as a provider of a recursive DNS service that strive to provide safer faster internet browsing for business and home users in 2012 Open DNS entered the enterprise security market with a launch of umbrella a cloud delivered security service that protects users any way they go by enforcing security at the DNS layer customers loved how many threats umbrella blocked and they started asking for more information about why we were blocking those destinations the umbrella security researchers were using an investigative interface for all the data that they gathered and analyzed so in 2013 it was productized and released as open DNS investigate investigate gives you access to all the threat intelligence behind umbrella and then in November 2016 Open DNS umbrella was rebranded to Cisco umbrella so let's get into umbrella you can think of umbrella as a cloud security platform that provides the first line of defense against threats on the internet anywhere users go by analyzing and learning from Internet activity patterns umbrella automatically uncovers attacker infrastructure that stays for current and emerging threats and proactively blocks requests to malicious destinations and that enables us to block threats before they reach a customer's network or endpoints with Cisco umbrella a customer can stop phishing and malware infections earlier identify already and affected devices faster and prevent data exfiltration because umbrella is built into the foundation of the Internet and delivered from the cloud it provides complete visibility into Internet activity across all locations and users and is one of the simplest security products to deploy and manage let's now take a more detailed look at the key differentiators highlighted on the right when we say umbrella is built into the foundation of the Internet that's because we use the domain name System DNS as one of the main mechanisms to get traffic to our cloud platform and then use it to enforce security to DNS is a core part of how the internet works and umbrella uses it to block requests to malicious domains IPS and URLs before a connection is ever established which means we can stop threats before they reach your network or endpoints the umbrella global network which is the network that a recursive DNS service was built on resolves billions of Internet requests from millions of users around the world every day we analyze this massive amount of data to detect patterns and uncover attacker infrastructure although threats continue to increase in sophistication attackers often reuse the same Internet infrastructure like web servers IP addresses and domains in multiple attacks leaving behind cyber fingerprints what if an organization could use those fingerprints to identify emerging attacks as they are staged and block them before they launch this is where Cisco umbrella comes into play we ingest all of that Internet activity data from our global network in real time into our massive graph database and then continuously run statistical models against it this information is also constantly analyzed by the umbrella security researchers to using this combination of human intelligence and machine learning we identify malicious sites whether its domains IPS or URLs all across the internet not only do we uncover current threats but similar to Amazon learning from shopping patterns to suggest the next purchase we learned from Internet activity patterns to automatically identify attacker infrastructure being staged for the next threat our intelligence even identifies attackers before they launch so you can proactively block malware ransomware and other threats earlier your customers users and apps have left the perimeter and they need visibility for all activity everywhere but you also need to block threats over any port or protocol not just web ports 80 and 443 umbrella gives you that and more umbrella not only provides protection wherever users access the Internet but it also provides administrators with visibility into Internet activity across all devices on the corporate network and even extends that visibility when laptops are off the corporate network we have many out-of-the-box reports that help our customers to quickly investigate malicious domains and IPS attempted to be accessed from their users we often hear from customers that umbrella is the simplest security solution they've ever deployed many state that it took less than 30 minutes to deploy enterprise-wide because umbrella is delivered from the cloud there is no hardware to install or software to manually update and the browser-based interface provides quick setup and ongoing management by changing one setting with their network server access point or router customers can protect all devices on their network even those they don't manage they can protect laptops when the VPN is off with umbrellas lightweight roaming client or built-in cisco anyconnect integration and the umbrella dashboard provides both central and local administration and reporting for customers who have already invested in security appliances or threat Intel sources umbrella has an API that enables integration with these tools to extend or amplify protection customers can automatically enrich the data in their sim threat protection platform or incident workflow to speed up investigation and response by security analysts these key differentiators create the following key benefits for customers lowered remediation costs and mitigated breach damage because Cisco umbrella is the first line of defense security teams will have fewer mail wear infections to remediate and threats will be stopped before they cause damage plus customers often see a reduction in alerts from other systems like their firewall ISP or anti virus which frees up time for security analysts increased visibility into Internet activity across all locations and users umbrella provides crucial visibility for incident response and also gives an organization confidence that they're seeing everything visibility into cloud apps used across the business umbrella provides visibility into sanctioned and unsanctioned cloud services in use across the enterprise so customers can uncover new services being used see who is using them and identify potential risks reduce time to detect and contain threats Cisco umbrella contains command and control callbacks over any port or protocol and provides real-time reports on that activity that concludes the umbrella overview congratulations on completing this lesson to continue your learning journey we encourage you to explore the additional lessons in this course

Info

Channel: work oholic

Views: 14,272

Rating: undefined out of 5

Keywords:

Id: Yfwi26mOlKg

Channel Id: undefined

Length: 7min 59sec (479 seconds)

Published: Thu Apr 27 2017