Cisco Umbrella

Enterprise network security

Product

Cisco Umbrella breaks new ground in SASE convergence

By Nada MacKinney

Exploding SaaS usage. Proliferating remote locations. Swelling ranks of roaming workers. It’s neither new nor surprising anymore. It’s the new normal. It’s business as usual.

Ensuring security for this cloud-centered reality is paramount. Yet, how to achieve this goal isn’t business as usual. Traditional security models come up short. Success demands a new approach to networking and security.

What’s in a name?

What do we call this new approach? Lots of terms are circulating: secure internet gateway (SIG), edge security, elastic cloud gateway, secure access service edge (SASE), and more. Regardless of terminology, the core meaning is relatively consistent. There’s not much debate about that.

Multiple security capabilities are converging into single, cloud-delivered solutions, and they are being joined with ­­edge-networking functions like SD-WAN. Gartner calls it secure access service edge (SASE) and describes it as “…an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions (such as secure web gateway, firewall as a service, cloud access security broker, and more) to support the dynamic secure access needs of digital enterprises.”1 And furthermore, “…demand for cloud-based SASE capabilities…will redefine enterprise network and network security architectures.”1

At the forefront

This isn’t new for Cisco. We have been advancing in this direction for years, leveraging our innovation leadership in networking and security to make real the approach that Gartner describes. And Cisco is forging ahead at a rapid clip. Case in point: Cisco’s recent announcement breaks new ground with a SASE solution that delivers a rich set of security functions from one cloud-native service and provides a unified SD-WAN and cloud security offer. Cisco’s announcement primes the pump in three major areas.

Expanded security functionality in one cloud-native service

Cisco Umbrella provides expansive security functionality and streamlined management via a single dashboard. Multiple security capabilities unified in one cloud service simply and flexibly secure direct-to-internet access, cloud app usage, and roaming users. It’s built on a microservices cloud architecture, where we disaggregate functions into components and re-envision them for scalability and reliability. On this agile, flexible, and function-rich foundation, Cisco is launching substantial new functions, including:

  • SD-WAN + cloud security single offer: A new automated process for connecting Cisco SD-WAN + cloud security (Umbrella) speeds time-to-value by making security deployment and management simple across your SD-WAN
  • Cloud-delivered firewall, layer 7 application visibility & control: Identify and block high risk, non-web applications / protocols (orderable summer 2020)
  • Secure web gateway – AnyConnect integration: Enforce more granular web controls for remote workers using Umbrella’s secure web gateway
  • Secure web gateway – granular app controls and file type blocking: Block specific actions such as uploads/posts/shares or block the download of specific file types
  • Cloud-delivered firewall & secure web gateway – 250 to 500 Mbps tunnels: Increased tunnel bandwidth for customers with high capacity requirements
  • Cloud access security broker – SaaS app tenant restrictions: Only allow the use of specific instances of SaaS applications (i.e. block personal accounts)
  • DNS Security – Android client support: Protect roaming Android mobile device users with DNS-layer security protection
  • Cisco SecureX integration: Combine threat intelligence from Umbrella, other Cisco security solutions and third-party tools to speed threat detection and automate action to protect your environment
  • And much more

Simplified security for remote sites

We are excited to unveil an industry-first — SD-WAN and cloud security in one offer. This greatly eases security deployment for remote locations with direct internet access. Automated provisioning and set-up makes a security rollout for remote locations simple, with fast deployment and easy management.

Graphic showing secure SD-WAN fabric for Cisco Umbrella

The one-click integration of Cisco Umbrella with SD-WAN has been great. It makes deployment and configuration much easier in a distributed environment. This is a big step forward in simplifying the distribution and management of edge security.

Joshua Mudd, senior network engineer, Presidio

Here are some highlights of the Cisco SD-WAN and cloud security single offer:

  • Hands-off automation: Deploy cloud security across thousands of branches in minutes
  • Top notch protection: Defend against threats at the branch with the leader in security efficacy
  • Simplified management: Simplify management with the Umbrella single pane of glass across all offices and users
  • Deeper inspection & controls: Use secure web gateway and cloud-delivered firewall with IPSEC tunnels for greater inspection and control

#1 in cybersecurity efficacy

In exchange for the value of integration, sometimes we accept slightly less in individual elements. For example, a swiss army knife is a multi-function tool with a knife, screwdriver, scissors, and more. The knife isn’t the highest grade blade, but we accept this in exchange for many functions in one convenient tool. But, is there always a tradeoff?

The answer is no! There’s no tradeoff with Cisco Umbrella.

Cisco Umbrella provides expansive functionality in one cloud-native service and the industry’s highest cybersecurity efficacy at the same time.

Lots of network security providers claim they are the best at threat detection and prevention, but can they prove it? New research from AV-TEST, the 2020 DNS-Layer Protection and Secure Web Gateway Security Efficacy report, reveals that Cisco Umbrella is the industry leader in security efficacy.

AV-TEST rated Cisco Umbrella first place in threat detection

When it comes to rating the effectiveness of security solutions, efficacy is king. The more malicious activity you can block, the less chance there is for a damaging breach to take place.

Stride with confidence toward SASE

Cloud adoption is a given, yet one can’t predict its trajectory in any specific organization. Will a new company strategy or new leader dramatically alter SaaS strategy? Will remote locations proliferate overnight with an acquisition? Will the number of roaming workers balloon overnight as has happened lately in many organizations?

Cisco enables you to adapt with confidence to whatever the future holds. With its extensive portfolio of security, networking, and access technology, Cisco is best positioned to help you connect users globally with a secure, cloud-native network architecture.

For more information on these announcements and Cisco’s SASE strategy:

Join the Cisco Umbrella June 2020 launch webinar

Read the blog post, Cisco is Building a Bridge to Secure Access Service Edge

See presentations, demos and more about Cisco Umbrella at Cisco Live

1 Gartner, The Future of Network Security is in the Cloud: 30 August 2019; Lawerence Orans, Joe Skorupa, Neil MacDonald.