5. Business apps
Salesforce, Office 365,
DocuSign, etc.
Branch office
Critical infrastructure
Amazon, Rackspace,
Windows Azure, etc.
Roaming laptops
Workplace
desktops
Business
apps
Critical
infrastructure
Internet
IT today
6. By 2018, Gartner estimates:
25% of corporate
data traffic will bypass
perimeter security.
7. Your security challenges we can solve
Malware and
ransomware
Gaps in visibility
and coverage
Cloud apps
and shadow IT
Difficult to
manage security
9. Cisco Umbrella
Cloud security platform
Built into the foundation of the internet
Intelligence to see attacks before launched
Visibility and protection everywhere
Enterprise-wide deployment in minutes
Integrations to amplify existing investments
Malware
C2 Callbacks
Phishing
208.67.222.222
10. Where does Umbrella fit?
Malware
C2 Callbacks
Phishing
HQ
Sandbox
NGFW
Proxy
Netflow
AV AV
BRANCH
Router/UTM
AV AV
ROAMING
AV
First line
Network and endpoint
Network and endpoint
Endpoint
It all starts with DNS
Precedes file execution
and IP connection
Used by all devices
Port agnostic
11. Built into foundation of internet
Umbrella provides:
Connection for safe requests
Prevention for user- and malware-
initiated connections
Proxy inspection for risky URLs
Safe
request
Blocked
request
12. Prevents connections before and during the attack
Command and control callback
Malicious payload drop
Encryption keys
Updated instructions
Web- and email-based infection
Malvertising / exploit kit
Phishing / web link
Watering hole compromise
Stop data exfiltration and ransomware encryption
13. Malware doesn’t just happen
Intelligence to see attacks before launched
Ransomware Web server
Email delivery Domain/IP
ATTACK 1
www
Malware Web server
Malvertising Domain/IP
ATTACK 2
www
Build. Test. Launch. Repeat.
14. Our view of the internet
80Brequests
per day
12Kenterprise
customers
65Mdaily active
users
160+countries
worldwide
15. Intelligence
Statistical models
Co-occurrence model
Identifies other domains looked up in
rapid succession of a given domain
Natural language processing model
Detect domain names that spoof terms
and brands
Spike rank model
Detect domains with sudden
spikes in traffic
Predictive IP space monitoring
Analyzes how servers are hosted
to detect future malicious domains
Dozens more models
2M+ live events per second
11B+ historical events
16. Our efficacy
3M+daily new
domain names
Discover
60K+daily malicious
destinations
Identify
7M+malicious destinations
while resolving DNS
Enforce
17. Visibility and protection for all activity, anywhere
HQ
Mobile
Branch
Roaming
IoT
ALL PORTS AND PROTOCOLS
ON-NETWORK
OFF-NETWORK
Umbrella
All office locations
Any device on your network
Roaming laptops
Every port and protocol
18. IDENTITY REPORTS
Quickly spot and
remediate victims
Top activity and categories
per device or network
Allowed, blocked, and proxied
traffic per device or network
20. CLOUD SERVICES REPORT
Effectively combat
shadow IT
Total and newly seen
cloud services
Cloud apps by classification
and traffic volume
21. Enterprise-wide deployment in minutes
ANY DEVICE
ON NETWORK
ROAMING
LAPTOP
On-network coverage
With one setting change
Integrated with Cisco ISR 4K series
Off-network coverage
With AnyConnect VPN client integration
Or with any VPN using lightweight
Umbrella client
BRANCH
OFFICES
22. Integrations to amplify existing security
Block malicious domains from partner or custom systems
Umbrella
YOUR CURRENT SECURITY STACK
Appliance-based detection + Others
Threat intelligence platform + Others
AMP Threat GridThreat analysis feed + Others
Python Script Bro IPSCustom integrations + Others
IOCs
24. “As FireEye sees a threats, it immediately
updates Umbrella, which then protects all users
on and off the network...we have seen a 4-5 fold
decrease in alerts.”
Ron Keyser
CIO
ATS Automation
“Deployed to 7 facilities in 5 countries
in less than 3 hours. The ability to onboard
with no client and no new physical appliance
to manage...was a big advantage.”
Markus Schwaiger
IT Security Analyst
Hirschvogel Automotive
“As soon as we turned Umbrella on,
we gained visibility into the traffic flows
across our environment.”
Mark Arnold
Director of Information Security
PTC
“Saved thousands of remediation hours with
70% decrease in virus-related tickets…
saved thousands of dollars in ransom costs
when it blocked a CryptoLocker callback.”
Eric Rockwell
President and CIO
centrexIT
“As we assessed our security posture,
we quickly realized that visibility was a
major challenge and that most of our
attacks started with DNS.”
Henry Duong
Infrastructure Security Manager
University of Kansas Hospital
Integrations to extend security
Enterprise-wide deployment in minutes
Visibility everywhere
Intelligence to see attacks before launched
Built into the foundation of the internet
Real world results from five customers
25. Number of users and locations protected:
2.5K users across 7 facilities in Germany, Poland,
India, China and the U.S.
Challenge:
Secure a globally distributed network against
potential threats.
Solution:
Umbrella
Impact:
• Up to 50% reduction in alerts from IPS and AV
• Over 20% reduction in remediation time
AUTOMOTIVE SUPPLIER CASE STUDY
“Now that Umbrella has helped us become
much more proactive, we’ve been able to invest
resources in work that has more strategic value
to the organization.”
Markus Schwaiger
IT Security Analyst
26. Number of users and locations protected:
8K end users across 7 major hubs worldwide, including
U.S., South America, India, Singapore, and the U.K.
Challenge:
Reduce malware infections, increase insight of potential
threat sources, improve reporting.
Solution:
Umbrella and Investigate
Impact:
• Prevent malicious connections and data exfiltration
• Extend protection with FireEye integration
• Obtain intelligence on threat sources before attacks
• Reduced reporting from hours to minute
SOFTWARE CASE STUDY
“It took less than ten minutes for us to point
our DNS traffic to the Umbrella Global Network.
We could protect our remote offices around the
world in less than an hour and a half.”
Mark Arnold
Director of Information Security
27. Enterprises worldwide use Umbrella
IT services Legal Manufacturing Retail Technology Telecom
Education Finance Government Healthcare InsuranceEnergy
28. Umbrella
Start blocking in minutes
Easiest security product
you’ll ever deploy
Signup1
2 Point your DNS
3 Done