Secure Access Service Edge Cisco Umbrella

What is Cisco Umbrella?

Cisco Umbrella is a secure internet gateway (SIG) that protects all users and devices from threats on the internet, regardless of whether inside or outside the company, at headquarters or branch locations, while on the move, or with VPN turned on or off. Since a secure environment is built based on the DNS layer, it functions as a cloud-provided firewall regardless of whether or not there is a VPN connection, even when accessed from remote locations or mobile devices on the move. Since the user can build a secure environment by changing the DNS settings, there is no need to install software or install new equipment on the devices currently being used by the customer.


Can be installed without rebuilding the existing environment
Since the user only needs to set the DNS to connect to the security of the cloud service, there is no need to install new hardware or software for introducing security.

Provision at DNS layer
Since security measures can be taken at the DNS layer, secure communication is possible without introducing a VPN even when accessing systems and data from a remote location during telework.

Users can easily customize access policies to suit their company
Settings such as remote access, guest access control, and blocking of malware/phishing sites can be easily set on an intuitive screen.

Also possible to visualize the usage status of cloud applications
By visualizing shadow IT, users can evaluate the risk level of each application, check the reliability of application vendors, monitor existing applications, etc.

The service will solve problems such as the following:

  • Feeling uneasy when only using conventional perimeter-based security
  • Feeling uneasy regarding complete protection against external access when introducing telework, etc.
  • Time concerns with setting up VPN, etc., for security measures
  • Feeling uneasy regarding external threats due to increased usage of cloud services such as SaaS, etc.
  • Not knowing what kind of security is best for each device used for business
  • Time concerns with revising the existing environments for security
  • Cannot keep pace with countermeasures for unknown cyberattacks

Main Services

Functions of Cisco Umbrella

Security services of main package DNS Security Essentials DNS Security Advantage SIG Essential
DNS Layer Security Blocks phishing, malware, botnets, and domains in dangerous categories (such as mining and new domains)
Block domains based on custom lists with partner (Splunk, Anomali, etc.) integration and enforcement APIs
Block IP traffic directly as a countermeasure against C2 callbacks that bypass DNS -
Secure WEB gateway (SWG) Proxy for web traffic testing - Only dangerous domains
Decryption and testing of SSL (HTTPS) traffic - Only dangerous domains
Web filtering Category base
Domain base
Category base
Domain base
Category base
Domain base
Customizable block/permit list Domain base Domain base IP base
URL base
Blocks URLs based on feeds from Cisco Talos, etc., and blocks files based on antivirus engines and Cisco AMP data - Only dangerous domains
Use the Cisco Threat Grid cloud sandbox environment to analyze suspicious files (up to 200 files per day) - -
Retroactive security that can even identify harmless files when they turn into dangerous files - -
Cloud-provided firewall Blocks IPs, ports, and protocols designated in layer 3 and layer 4 policies - -
Supports IPsec tunnel termination - -
Cloud application security control Detect and block shadow IT Domain base Domain base URL base
Policy that enables detailed control for each application (prohibition of uploads, attached files, posting, etc.) - -