Secure access anytime, anywhere
After the massive shift to remote work, more organizations are moving to a model where networking and security converge together in the cloud. Gartner coined the term secure access service edge (SASE) to describe this concept.
Today, we announced how we’re delivering on our vision of SASE by combining networking, security, and observability components into a single offer, which will be orderable in May 2021. In the future, we will deliver it all as a single subscription service. There’s plenty that you can take advantage of today! We are rapidly delivering new functionality — across networking and security — that helps you unlock the power of SASE. Let me walk you through a deeper dive on the new security features we announced in Cisco Umbrella.
Rapidly delivering new functionality
Cisco Umbrella is one of the core components of Cisco’s SASE architecture. It integrates multiple components that were once standalone security services and appliances in a single, cloud-native solution. If you look back a few years ago, Cisco Umbrella was known for delivering DNS-layer security. We have rapidly added capabilities including secure web gateway, firewall, cloud access security broker, and more to our cloud service. We’re not stopping there!
Today, we’re excited to announce limited availability of new functionality including remote browser isolation, data loss prevention, and cloud malware detection.
Remote browser isolation (RBI)
Think about how much of your day is spent online. And here’s a fun game — how many browser tabs do you have open right now? I have 21 (yikes). With so many people working remotely, the need for fast, secure access to the internet, online documents, SaaS apps, etc. has never been greater. But existing security may not be able to protect against malicious, browser-based zero-day threats. Enter remote browser isolation.
Cisco Umbrella’s remote browser isolation gives an added layer of defense against browser-based attacks — without compromising the end user experience or burdening the IT staff. It isolates web content in a remote surrogate browser in the cloud, essentially think of it as a secure container, separate from the endpoint. All risky code and dynamic content runs in the surrogate browser, and only safe content is rendered to the user’s browser. Remote browser isolation allows users to safely browse websites, while protecting devices and corporate networks from browser-based exploits. And, you can deploy it rapidly without changing existing browser configurations or needing additional plug-ins. It’s a win-win-win — improve security without impacting end users or IT staff.
Data loss prevention (DLP)
The concept of data protection is certainly not new, but has become more complex as users connect directly to the internet and cloud apps, and bypass traditional on-premises security. Cisco Umbrella’s data loss prevention helps to simplify that complexity. It sits in-line and inspects web traffic, so you can monitor and block sensitive data in real time with flexible controls. More than 80 pre-built policies can be enabled to detect specific types of information such as credit card numbers or personally identifiable information. You can also create custom data classifiers for more specific policies.
Cloud malware prevention
Where is malware lurking? Hello cloud apps. As more business-critical data moves to cloud-based applications, you not only need to control access and use of the data, but you also need to make sure those cloud applications are not compromised by malware. With cloud malware protection, Cisco Umbrella detects and removes malware from cloud file storage apps to prevent the spread of malware infections laterally on your network. You can scan cloud file storage repositories for malware and detect potentially malicious files that are uploaded or edited. Once identified, you can take corrective action to quarantine or delete malicious files, and generate reports on usage, potentially compromised accounts, and potential threats within the network.
Invest in a long-term security strategy
Aside from these new Cisco Umbrella features, we’ve made additional investments to help you on your SASE journey. We have a new integration with Meraki MX devices and Cisco Umbrella license portability for Cisco Secure Web (formerly WSA).
Simplified cloud security deployment with Meraki MX
Previously, we announced integration between Cisco Umbrella and SD-WAN powered by Viptela. Now, we’re expanding support for Meraki MX. This integration makes it simpler and faster to deploy Cisco Umbrella’s cloud security across distributed locations that use Meraki MX devices. For some organizations, DNS-layer security may be sufficient. Or you may wish to deploy via IPsec tunnels for advanced inspection and control of web and non-web traffic on all ports and protocols to secure users at the edge, from any device, with consistent, highly effective protection.
Protecting on-prem investments as you move to the cloud
It’s challenging to manage a transition from on-prem toward hybrid or cloud environments while still protecting your existing investments. With new flexible license options, new or renewing Secure Web (formerly WSA) customers can convert licenses from Cisco Secure Web to Cisco Umbrella. You can buy Cisco Secure Web and Cisco Umbrella licenses together or convert licenses from Cisco Secure Web to Cisco Umbrella to support your cloud or hybrid deployment at every point in the journey.
I’m excited about the future of security at Cisco and the promise of SASE. To learn more about the new Cisco Umbrella features and how we’re working hard to help our customers and future customers simplify their complex security stacks in the cloud, watch the on-demand video from Cisco Live. You can also read more about Cisco Umbrella and SASE here.