Cisco now offers OpenDNS Umbrella Web Filtering. Cisco acquired OpenDNS in August 2015, and rebranded the product as Cisco Umbrella.
N/A
Microsoft Sentinel
Score 8.2 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs.
Well suited to networks that include Active directory, as you can hook it into the directory to allow you to target specific users and computers. Not particularly well suited to personal users due to the price point, and also not well suited to organisations with disorganised IT, since the system can be bypassed simply by changing the DNS server of the device. You need a dedicated IT department to ensure these sorts of settings are locked down
Azure Sentinel is an excellent option like SIEM. It has cool, smart features and functionality, and is quite powerful in terms of processing information in the cloud. I recommend it to colleagues because it is very easy to deploy and configure, and learn to use it on a daily basis. The panel is super intuitive and rich in details. When opening Sentinel, it is already possible to analyze the indices that happened and those that deserve further attention and treatment.
Umbrella Virtual Appliances have been buggy in resolving local domain hosts.
Integration between other Cisco and Meraki products is complicated.
Reporting is not always accurate; for example, if you configure a Meraki access point to use an Umbrella Virtual Appliance, you lose device reporting. All reporting shows up under the AP's IP.
First off I never give anything a "10" unless it's perfect. LOL - I grade on the curve. I think OpenDNS/Umbrella is a very good product. I think that fact that Cisco absorbed them is one of the proofs of that. I have used the product back when it was free for companies our size. I have not always appreciated the cost - but in the post pandemic cyber chaos, I believe the cost benefit ratio is still very high. I have honestly not looked at other products because Umbrella continues to work to my satisfaction. I consider Umbrella to be one of the key layers in my cyber security strategy.
The product was easy to install and get running. To maintain the product is also a simple matter of maintaining lists of wanted and unwanted domains or URLs. The basic and advanced security features all do what they are intended to do with no known erroneous outcomes
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Cisco Umbrella's availability was great, they got back to me in less than an hour to get my problem solved.
We needed to get our Meraki AP's hooked up to Cisco Umbrella to monitor that specific traffic and they got back to me promptly, they guided me and explained every question I had.
Accessibility to support executives those are having great product knowledge and able to resolve most of the issues related to configuration or operation at their level only and in very few cases it need to be escalated to next level and most of the issues were resolved at first level itself.
The implementation just required us a bit of study because there are a lot of options and configurations available. I believe that the interface could be a bit better, but it works fine. We did an initial setup and only need to do changes when a new demand appears. Other than that, we just keep it running.
We used a product before this called iPrism by EdgeWave and also briefly tried Barracuda Web Security in the cloud. We were having such a large influx of service desk calls about proxy-based layer 7 web filters that we wanted to step back and pick something more at the DNS level, to protect our employees but not hover over their social media use, etc. Cisco will also employ a layer 7 proxy if a site is suspicious, which does require us to push a certificate out should we want that feature. For most policies we have it enabled.
Saved us lots of technician time dealing w/ Malware and virus issues, I don't think we've had a malware incident this year for example. This was the main reason we bought the product in the first place. We've renewed 2 times because we see the value.
Umbrella helped us reduce the risk of CryptoLocker variants infecting our clients.
