Cisco Umbrella - Protected, in as little as 15 minutes

We have seen a significant uptake of Cisco Umbrella, primarily because businesses are recognising the risks and prevalence of malware, viruses and ransomware – the recent press is evidence to that. We wrote a brief article about how to defend against Wanna Cry – Umbrella is part of our advice. For small businesses, Cisco Umbrella is a fantastic and relatively inexpensive service that provides a great level of protection. For larger enterprises with antivirus and existing firewalls, Umbrella significantly enhances the existing defence systems. In all cases, the service is straight forward to configure and use.

We set out the steps below:


Small business – 15 minutes

Umbrella for Small BusinessEnvironment

Steps

  • MTG create the demo account on our servers (same day)
  • Configure the DNS forwarders on the router or server to use Umbrella (<5 minutes)

Protection

  • Your business is now protected.
  • You can block Cloud Applications, inappropriate websites and other categories of websites (i.e. gambling, gaming)
  • The service will block high-risk destinations, identify indications of compromise, botnets and C&C callbacks.
  • (Optional – the Umbrella appliance can be installed to see user-level activity)

Enterprise / SME – 1 hour

Umbrella in the EnterpriseEnvironment

  • 25 – 1,000+ users
  • Enterprise firewalls
  • Several sites
  • Multiple Windows Servers, Domain Controllers and DNS servers
  • VMWare/Hyper-V Environment

Steps

  • MTG create the demo account on our servers (same day).
  • Understand the existing network topology, DNS & DHCP in each site (<1 hour).
  • Install the Umbrella Appliance(s) in your VMWare/Hyper-V environment, MTG can assist (1 hour).
  • Configure the Appliance to recognise your internal domains + IP address space.
  • Reconfigure DHCP scope for each site.
  • Lock down your firewalls to only permit outbound DNS to Umbrella. Log exceptions.

Protection

  • Your business is now protected.
  • You can block Cloud Applications, inappropriate websites and other categories of websites (i.e. gambling, gaming)
  • Policies can be applied to different user groups
  • The service will block high-risk destinations, identify indications of compromise, botnets and C&C callbacks.
  • You have per-user visibility and attribution (i.e. malware traffic originating from Domain\User @ IP 192.168.200.2)
  • Any non-Umbrella DNS traffic needs investigated, reconfigured or it may indicate a rogue device/software.

Summary

Configuring Umbrella is straight forward, low-risk and takes no time at all. Even for large enterprises, for the purposes of a trial – there is no requirement to install the Virtual Appliances and protection can happen in as little as 15 minutes. If you want to learn more about Umbrella or our trial, please view the Cisco Umbrella Trial Page or get in touch.

 

 

 

 

Related Posts