Overall Satisfaction with Cisco Umbrella
Cisco Umbrella is a security product that redirects DNS traffic to OpenDNS servers (Cisco bought OpenDNS a few years ago and rebranded the product). This product then filters the traffic at the DNS level. This differs from firewalls because the traffic is filtered away from the local network. Why is this useful? Because it's more reliable, easier to configure, and less effort to maintain. Think of it much like you'd think of outsourcing your servers to the cloud; It's one less resource that you have to worry about going wrong.
In a defence in depth approach, DNS filtering is an important tool to add. I've found it to be a much more effective defence than typical firewalls, because its much more dynamic in it's blocking. We use it in our own network and in customers networks, and we have very few issues.
In a defence in depth approach, DNS filtering is an important tool to add. I've found it to be a much more effective defence than typical firewalls, because its much more dynamic in it's blocking. We use it in our own network and in customers networks, and we have very few issues.
- Effective prevention of ransomware and malware by blocking CNC traffic. rendering the malware useless.
- Good reports, which are readable by non technical users
- Using Talos for its threat database means that it rarely misses anything
- Very good knowledgebase available which means that it is easy to learn how to use and implement the product
- Very clunky implementation of bypass users
- Not a very intuitive system when you want to whitelist sites
- Accounts department has complained that the purchasing system is difficult, because it is a manual process. They have to ask for quotes each time we add new seats.
- I've had several issues with the roaming agent which has quite a few bugs
Do you think Cisco Umbrella delivers good value for the price?
Not sure
Are you happy with Cisco Umbrella's feature set?
Yes
Did Cisco Umbrella live up to sales and marketing promises?
Yes
Did implementation of Cisco Umbrella go as expected?
Yes
Would you buy Cisco Umbrella again?
Yes
- It's a very easy sell that requires very little support when set up correctly. It pretty much just sits there and makes money.
- Security incidents have reduced noticeably since its introduction, which means less work required on these incidents.
- The reporting gives the customers a real view of what their IT system is doing, making it easy to justify the use of such systems that would otherwise be difficult to sell to bean counters.
I found the filtering system from within the corporate network much better than outside. This is because the system with the Umbrella virtual machines is much more stable and reliable than the roaming client. I've had a lot of issues with roaming agents breaking, going offline, being easy to circumvent with things such as browsers that use their own DNS servers. It requires a lot more maintenance than internal system. You can set this up on your DHCP server and force clients to use Umbrella DNS.
I've used Umbrella with Cisco AnyConnect and this was a powerful integration. It was easy to set up and makes your life as an IT worker easier.
It also has a lot of good API integrations, such as with VirusTotal.
It's integration into Active Directory is very good and this is how I recommend implementing the system most of the time.
It also has a lot of good API integrations, such as with VirusTotal.
It's integration into Active Directory is very good and this is how I recommend implementing the system most of the time.
Meraki MX is the only other system that uses a system similar to Cisco Umbrella. The other systems use DNS filtering on the device themselves, which is more vulnerable than exporting this filtering service to the DNS provider.
I believe Meraki MX actually uses Cisco Umbrella as of 2022, but this was a recent change and their previous service was not as effective.
I believe Meraki MX actually uses Cisco Umbrella as of 2022, but this was a recent change and their previous service was not as effective.