• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Contact Sales
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Search
Search
  • Why Us
    • Why Cisco Umbrella
      • Why Try Umbrella
      • Why DNS Security
      • Why Umbrella SASE
      • Our Customers
      • Customer Stories
      • Why Cisco Security
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Global Cloud Network Activity
    • Unmatched Intelligence
      • A New Approach to Cybersecurity
      • Interactive Intelligence
      • Cyber Attack Prevention
      • Umbrella and Cisco Talos Threat Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco Security for Chromebook
  • Products
    • Cisco Umbrella Products
      • Cisco Umbrella Cloud Security Service
      • Recursive DNS Services
      • Cisco Umbrella SIG
      • Umbrella Investigate
      • What’s New
    • Product Packages
      • Cisco Umbrella and Cisco Secure Access Packages
      • – DNS Security Essentials Package
      • – DNS Security Advantage Package
      • – SIG Essentials Package
      • – SIG Advantage Package
      • Umbrella Support Packages
      • Cisco Umbrella for Government Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Cloud Data Loss Prevention (DLP)
      • Cloud-Delivered Firewall
      • Cloud Malware Protection
      • Remote Browser Isolation (RBI)
    • Man on a laptop with headphones on. He is attending a Cisco Umbrella Live Demo
  • Solutions
    • SASE & SSE Solutions
      • Your SSE journey with Cisco
      • Cisco Umbrella SASE
      • Secure Access Service Edge (SASE)
      • What is SASE
    • Functionality Solutions
      • Web Content Filtering
      • Secure Direct Internet Access
      • Shadow IT Discovery & App Blocking
      • Fast Incident Response
      • Unified Threat Management
      • Protect Mobile Users
      • Securing Remote and Roaming Users
      • Umbrella and Duo Layered Protection
    • Network Solutions
      • Guest Wi-Fi Security
      • SD-WAN Security
      • Off-Network Endpoint Security
    • Industry Solutions
      • Government and Public Sector Cybersecurity
      • Financial Services Security
        • – FTC Safeguards Rule Compliance 2023
      • Cybersecurity for Manufacturing
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
  • Resources
    • Content Library
      • Top Resources
      • Research Reports
      • Case Studies
      • Videos
      • Datasheets
      • eBooks
      • Solution Briefs
      • Cybersecurity Webinars
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Security Definitions
      • What is DNS Security
      • What is a Secure Web Gateway
      • What is a Cloud Access Security Broker (CASB)
      • What is Security Service Edge (SSE)
      • What is Secure Access Service Edge (SASE)
      • Cyber Threat Categories and Definitions
    • For Customers
      • Support
      • Customer Success Webinars
      • Free Trial Quick Start Guide
      • Free Trial Help and Tips
  • Trends & Threats
    • Market Trends
      • Generative AI Cybersecurity Risks and Rewards
      • Hybrid Workforce
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
    • Security Threats
      • How to Stop Phishing Attacks
      • Malware Detection and Protection
      • Ransomware is on the Rise
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
      • Global Cyber Threat Intelligence
    •  
    • Woman connecting confidently to any device anywhere
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Person looking down at laptop. They are connecting and working securely
  • Blog
    • News & Product Posts
      • Latest Posts
      • Products & Services
      • Customer Focus
      • Feature Spotlight
    • Cybersecurity Posts
      • Security
      • Threats
      • Cybersecurity Threat Spotlight
      • Research
    •  
    • Register for a webinar - with illustration of connecting securely to the cloud
  • Contact Us
  • Umbrella Login
  • Cloudlock Login
  • Free Trial
Clearing search keywords
Security

SASE Breakdown: Securing Cloud Services With a Cloud Access Security Broker (CASB)

Author avatar of Chloe WhitakerChloe Whitaker
Updated — February 28, 2023 • 5 minute read
View blog >

A cloud access security broker (CASB) is a cybersecurity solution that serves as an intermediary between users and the cloud services that they rely on for day-to-day activities. It allows security or IT teams to enforce policies that govern users’ access to and use of cloud services. This can prevent data loss, ensure regulatory compliance, and reduce the risk of cyberattacks on the company network.

Given the prevalence of cloud-delivered services and the security benefits provided by a CASB, it should come as little surprise that Gartner lists cloud access security brokers as essential components in any Secure Access Service Edge (SASE) or Security Service Edge (SSE) solution. But for enterprises just now embarking on their SASE journey, evaluating the CASB security functionality offered by vendors can feel a bit daunting. What should one look for in a cloud access security broker? How can IT or security teams make the most of an integrated CASB?

We set out to answer the second question in our ebook Secure Shadow IT, which digs into practical ways that teams can use cloud app discovery functionality to mitigate the risk of unsanctioned cloud services use. But in this blog post, we’re focusing on the first question. We’ll unpack what a CASB is and how to choose a solution that will help you on your SASE journey.

What Does a Cloud Access Security Broker Do?

A graphic that reads: "90% of companies are on the cloud" with a stylized image of a cloud beneath it.

Most modern enterprises rely on cloud services for day-to-day operations. These services, and the apps associated with them, allow on-premises, remote, and roaming employees to connect to the software, infrastructure, platforms, and data they need to accomplish even the most basic of tasks. Because of this, having a designated cybersecurity solution that mitigates risks caused by cloud usage is a must.

You can think of a CASB as the security station in front of an office building. Every time users engage with cloud-based applications – every time someone enters or exits our metaphorical office building – a CASB can inspect the traffic and:

  • Identify the specific cloud service being used, regardless of whether it has or hasn’t been sanctioned by the IT team
  • Determine whether the data being sent from the company network to the cloud application is permitted by existing security policies
  • Prevent unauthorized app usage or data transfer
  • Flag any files containing malicious programs that could lead to a security incident

The security policies created and implemented using a CASB can be either broad or granular. For example, security teams can prevent the usage of risky cloud applications or apps that might not be compliant with industry regulations. U.S. schools looking to maintain CIPA compliance could block apps related to adult content. Medical facilities looking to maintain HIPAA compliance could block cloud data storage apps with a history of compromises.

But a cloud access security broker doesn’t just block apps. It can also control how employees use them. For example, the policies created in a CASB can govern whether employees can use file sharing apps to send files to users outside of the company. Or, these policies can allow employees to view files in certain apps, but not download or upload files from them. Nuanced policies allow employees to engage with popular apps used by individuals outside of your organization without running a heightened risk of data loss.

Because of this functionality – and the prevalence of cloud services in most modern enterprises – a cloud access security broker is a crucial tool for threat protection and data loss prevention. The enhanced app visibility provided by a CASB can also help businesses optimize cloud service usage, as it shines a light on overlapping SaaS, PaaS, and IaaS subscriptions.

How to Choose a CASB Security Solution That Fits Into Gartner’s SASE Model

Remember, the goal of Gartner’s SASE model is to provide comprehensive functionality with a simplified interface. While most enterprises can’t upgrade to that Jetsons-esque, converged and cloud-delivered infrastructure overnight, thinking through your CASB security solution in light of your SASE journey is still worthwhile. That’s because a cloud access security broker features prominently in Gartner’s SASE model, as well as their newer Security Service Edge (SSE) concept that exclusively focuses the requirements for an integrated, cloud-delivered cybersecurity service.

A graphic showing the different components of Cisco Umbrella: DNS-layer security, interactive threat intel, secure web gateway, remote browser isolation, cloud-delivered firewall, data loss prevention, cloud access security broker (CASB), and cloud malware detection. The graphic indicates that all of this is integrated into the Secure X integrated security platform, and it protects both on and off network devices connected to a SD-WAN.
Fig. 1: The Security Functionality in Cisco Umbrella’s SASE Solution

When the time comes to invest in a new cloud access security broker, you’ll get the biggest return on your investment by partnering with a SASE vendor that:

Integrates CASB Functionality With Other Cybersecurity Solutions

An integrated cloud access security broker will be designed to easily share logs with other cybersecurity solutions in your stack, like a secure web gateway (SWG) or data loss protection (DLP) tool. This integration and log sharing gives security teams a more comprehensive view of what’s happening on a network regardless of whether employees are accessing the Internet directly or using cloud-based applications.

It also makes it easier for security teams to design and implement effective policies. Your team won’t have to move data to or from a siloed CASB to make it actionable. And instead of trying to create coordinated policies across siloed solutions – which is often frustrating at best and can lead to gaps in coverage at worst – your team will be able to create policies that utilize different security functionalities from a single dashboard.

Provides a Simple and Scalable Cybersecurity Solution

If your organization is like most, odds are that cloud app usage on your network fluctuates depending on current remote work policies or technology developments. As you cycle cloud services out of your organization’s workflow or roll out cloud services across large numbers of users, you need a cloud access security broker capable of ranking and interfacing with a wide variety of cloud apps.

You also need your vendor to be able to provide consistent and reliable service as your business grows. This is where partnering with a SASE vendor for your CASB security needs comes in handy – these solutions are designed with scalability in mind, so adding more users to tenant-based security policies shouldn’t meaningfully interrupt quality of service.

How Does the CASB Functionality of Cisco Umbrella Fit Into Your SASE Journey?

Designed to be an all-in-one, cloud-delivered security solution, Cisco Umbrella offers users a simple, efficient, and effective cybersecurity experience. Because of this, the CASB functionality included in the Cisco Umbrella SIG Essentials and SIG Advantage packages integrates seamlessly with the additional security functionality required in a SASE or SSE solution.

The CASB security functionality included in Cisco Umbrella also empowers security or IT teams to:

  • Perform cloud app discovery at scale, cutting down on shadow IT across an organization
  • Create granular security policies that manage cloud app usage via tenant controls or activity restriction
  • Prevent data loss with in-band DLP functionality – available to all Cisco Umbrella SIG Essentials and SIG Advantage customers 

With more than 250,000 cloud applications discovered, more than one billion files monitored daily, and 10 million users under management, the cloud access security broker functionality of Cisco Umbrella boasts an exceptional track record. Because of this, enterprises starting their SASE journey by upgrading their cybersecurity stack won’t find a smoother onramp.

Are You Ready to See What a Cloud Access Security Broker Is Capable Of?

Download our ebook Secure Shadow IT to dig into how your team can use the CASB security functionality of Cisco Umbrella to gain app visibility, analyze risks, and optimize or secure app usage.

Or, if you’re ready to see Cisco Umbrella in action, request a free demo today! 

See security in action

Let one of our experts show you how Cisco Umbrella can simplify your security and protect your users everywhere.

Request a demo

1 Gartner. “Cloud Access Security Brokers (CASBs).”

The CASB security functionality included in Cisco Umbrella also empowers security or IT teams to perform cloud app discovery at scale, create granular security policies, and prevent data loss – available to all Cisco Umbrella SIG Essentials and SIG Advantage customers.

Post this quote

Additional Resources

  • Ebook: 3 Steps to Managing Shadow IT
  • Schedule a personalized demo

Suggested Blogs

  • Cisco Umbrella Delivered Better Cybersecurity and 231% ROI February 21, 2023 2 minute read
  • Cisco Listed as a Representative Vendor in Gartner® Market Guide for Single-Vendor SASE January 26, 2023 3 minute read
  • How to Evaluate SSE Vendors: Questions to Ask, Pitfalls to Avoid June 23, 2022 5 minute read

Share this blog

FacebookTweetLinkedIn
Subscribe to the Cisco Umbrella blog Subscribe

Follow Us

Facebook X LinkedIn Youtube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2025 Cisco Umbrella