Cisco now offers OpenDNS Umbrella Web Filtering. Cisco acquired OpenDNS in August 2015, and rebranded the product as Cisco Umbrella.
N/A
Darktrace
Score 8.6 out of 10
N/A
Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
It is good for whole network protection, and individual PCs with the client. Provide good reporting on where your network is going on the net. One thing I would like is a longer history with the logs 14 and 30 days are too short some times.
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
So for example, we had the problem in the past. We are connecting users to our own managed data centers. We had seven locations around the world, put them with Cisco, any connect to our on-prem data center and let them out to the internet. So that's causing some high latency bad experiences with teams and so on. And with Umbrella we can directly connect the user to the cloud and to the internet so the users have a good experience with speed with latency and it's much better than back hauling the traffic to their own company and then processing them there.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
The smart search feature in Cisco Umbrella is great addition for sure which helps us to identify malicious domain just by searching the URL and there is scoring system of Cisco Umbrella which mark the URL in low, medium and high risk. Sometimes Cisco Umbrella mark well known and good domain as malicious whether sometimes they mark malicious sites/domain as low risk. So, it's something that they should focus on, I think.
The live activity search is great for checking internet activities, but the filtering options could be improved. It would be helpful if we could filter by multiple parameters at once like combining username, destination IP and time range.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
First off I never give anything a "10" unless it's perfect. LOL - I grade on the curve. I think OpenDNS/Umbrella is a very good product. I think that fact that Cisco absorbed them is one of the proofs of that. I have used the product back when it was free for companies our size. I have not always appreciated the cost - but in the post pandemic cyber chaos, I believe the cost benefit ratio is still very high. I have honestly not looked at other products because Umbrella continues to work to my satisfaction. I consider Umbrella to be one of the key layers in my cyber security strategy.
Better features and easy to manage system with great customer support and overall usability is great as it works for hybrid environment with ease as it is having features for on prem users as wells as cloud users with great customer support and great team of trained engineers to support our opeartions.
The Darktrace toolset is very expansive, allowing it to handle many different tasks, but this leads to a user interface that is sometimes not at all intuitive. Icons don't always make sense visually, and the associated tool tips do not always provide enough detail on what action the button performs
Cisco umbrella services in the cloud are always available. However, the weakness is the VM installed in the data center that are the first resolvers. If the VMs become unavailable for any reason or the vSphere goes down, then all DNS is affected
our experience with cisco products has always been awesome and same is the case with cisco umbrella .Under umbrella cisco provides flexible and scalable software solution to use across different dept and sites . These softwares are very user friendly ,pages load quickly as these applications are designed for minimum latency and reports are also provided quickely
Whilst the support is good once you get through to them, it's email only and the response is slow. This is a issue, because its a core system that needs to work. We have had issues in the past where several of our companies have gone down due to Umbrella and support is nowhere to be seen. It is very difficult to know whether Umbrella is having service issues, since they do not regularly update customers on the status of their services, such as is seen by providers such as Microsoft (status.umbrella.com just seems to show up all of the time, I'm not sure it's even updated)
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
Quite easy to understand training modules prepared by knowledgeable trainers. Training modules have included all the desired features of these softwares and the content delivery is very good from the respective module trainers and it explains in details the features and apart from that further training material support is also provided if needed.
At the time we were forced to move from Cloud Web Security to Cisco Umbrella, Cisco Umbrella was far from being a direct replacement. It was frustrating and difficult to migrate due to the lack of functionality. This has since been addressed, however we now have legacy rulesets that were built as bandaids that cannot be removed. Hopefully the migration to Secure Access will address this.
Different products in different spaces. The Z3 was more of a VPN endpoint so that users didn't have to worry about a client. If they are at home, they are on their corporate network and able to access resources. Cisco Umbrella can be used then to serve corporate DNS across the VPN tunnel to the Z3 device and extend the capabilities of Cisco Umbrella.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
Cisco umbrella provides fleaxible and scalable software solutions which are easy deploy across multiple departments and sites wherever needed and this softwares are very easy to use and provides the best interface along with cisco support for other devices apart from cisco infrastructure but still there is scope for improvement on the inclusion of latest features
So it's always very hard to calculate return on investment, especially on security and especially in a physical product. So it's not like I'm going to be selling a lot more plastic or a lot more aviation fuel because I implemented Cisco Umbrella. What I know is that definitely, the return on investment is on the ability of the business to continue to run and give the assurance that our users are safe.
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
