• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Contact Sales
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Search
Search
  • Why Us
    • Why Cisco Umbrella
      • Why Try Umbrella
      • Why DNS Security
      • Why Umbrella SASE
      • Our Customers
      • Customer Stories
      • Why Cisco Security
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Global Cloud Network Activity
    • Unmatched Intelligence
      • A New Approach to Cybersecurity
      • Interactive Intelligence
      • Cyber Attack Prevention
      • Umbrella and Cisco Talos Threat Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco Security for Chromebook
  • Products
    • Cisco Umbrella Products
      • Cisco Umbrella Cloud Security Service
      • Recursive DNS Services
      • Cisco Umbrella SIG
      • Umbrella Investigate
      • What’s New
    • Product Packages
      • Cisco Umbrella and Cisco Secure Access Packages
      • – DNS Security Essentials Package
      • – DNS Security Advantage Package
      • – SIG Essentials Package
      • – SIG Advantage Package
      • Umbrella Support Packages
      • Cisco Umbrella for Government Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Cloud Data Loss Prevention (DLP)
      • Cloud-Delivered Firewall
      • Cloud Malware Protection
      • Remote Browser Isolation (RBI)
    • Man on a laptop with headphones on. He is attending a Cisco Umbrella Live Demo
  • Solutions
    • SASE & SSE Solutions
      • Your SSE journey with Cisco
      • Cisco Umbrella SASE
      • Secure Access Service Edge (SASE)
      • What is SASE
    • Functionality Solutions
      • Web Content Filtering
      • Secure Direct Internet Access
      • Shadow IT Discovery & App Blocking
      • Fast Incident Response
      • Unified Threat Management
      • Protect Mobile Users
      • Securing Remote and Roaming Users
      • Umbrella and Duo Layered Protection
    • Network Solutions
      • Guest Wi-Fi Security
      • SD-WAN Security
      • Off-Network Endpoint Security
    • Industry Solutions
      • Government and Public Sector Cybersecurity
      • Financial Services Security
        • – FTC Safeguards Rule Compliance 2023
      • Cybersecurity for Manufacturing
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
  • Resources
    • Content Library
      • Top Resources
      • Research Reports
      • Case Studies
      • Videos
      • Datasheets
      • eBooks
      • Solution Briefs
      • Cybersecurity Webinars
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Security Definitions
      • What is DNS Security
      • What is a Secure Web Gateway
      • What is a Cloud Access Security Broker (CASB)
      • What is Security Service Edge (SSE)
      • What is Secure Access Service Edge (SASE)
      • Cyber Threat Categories and Definitions
    • For Customers
      • Support
      • Customer Success Webinars
      • Free Trial Quick Start Guide
      • Free Trial Help and Tips
  • Trends & Threats
    • Market Trends
      • Generative AI Cybersecurity Risks and Rewards
      • Hybrid Workforce
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
    • Security Threats
      • How to Stop Phishing Attacks
      • Malware Detection and Protection
      • Ransomware is on the Rise
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
      • Global Cyber Threat Intelligence
    •  
    • Woman connecting confidently to any device anywhere
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Person looking down at laptop. They are connecting and working securely
  • Blog
    • News & Product Posts
      • Latest Posts
      • Products & Services
      • Customer Focus
      • Feature Spotlight
    • Cybersecurity Posts
      • Security
      • Threats
      • Cybersecurity Threat Spotlight
      • Research
    •  
    • Register for a webinar - with illustration of connecting securely to the cloud
  • Contact Us
  • Umbrella Login
  • Cloudlock Login
  • Free Trial
Clearing search keywords

Cisco Umbrella
Free trial quick start guide

Helping you make the most of your 14-day free trial

This quick start guide is meant to help you get up and running with Umbrella DNS protection quickly and easily with a simple installation and policy setup.

There are many additional options and configurations that can be deployed depending on how in-depth you want to go during the free-trial period.  You can learn more in the Cisco Umbrella DNS User Guide in our support documentation.

Before you start

Make sure you communicate to the appropriate people or teams that you will be making DNS changes and get permission to make these changes before you start.

Check that you are not already pointing to Umbrella DNS by going to welcome.umbrella.com. You will see a message that tells you if your device is or is not already using Umbrella DNS servers.

The basic steps

There are three core components of a simple deployment of Cisco Umbrella DNS:

1. Register a network by adding a Network identity
An identity is an entity that you enforce policy against and report on.

2. Point your DNS to Cisco Umbrella
You need to explicitly point your operating system or hardware firewall/router DNS settings to Umbrella’s name server IP addresses and turn off the automatic DNS servers provided by your ISP. Umbrella supports both IPv4 and IPv6 addresses.

3. Add a policy
Through policies, you are able to define how security and access controls are applied to identities, determining whether traffic is inspected and either blocked or allowed.

1. Register your network

To use Umbrella, you need to point the DNS settings in your operating system or hardware firewall/router to Umbrella’s IP addresses and turn off the automatic DNS servers provided by your ISP. Umbrella supports both IPv4 and IPv6 addresses. Several systems allow you to specify multiple DNS servers. We recommend that you only use the Cisco Umbrella servers.

The Umbrella IPv4 addresses are:
208.67.222.222
208.67.220.220

The Umbrella IPv6 addresses are:
2620:119:35::35
2620:119:53::53

Determine the IP address of your network

Go to http://www.whatismyip.com.
Your IP address and location are displayed. Both IPv4 and IPv6 IP addresses are displayed.

— or —

In Umbrella, navigate to Deployments > Core Identities > Networks.
You’ll find your IP address listed at the top of the page. If you don’t see your IP address, click the i(Information) icon.
 

Set up the Network Identity

Screen captures showing how to add a network
Navigate to Deployments > Core Identities > Networks and click Add.

Give your Network identity a meaningful Network Name. Giving your identity a good network name will help you find it easily when you later add a policy against it through the Policy wizard.

Note:
 Dynamic IP addresses are only supported for IPv4. For more information on the different steps needed if you have a Dynamic IP address, see Networks with Dynamic IP Addresses.

Select an internet protocol: IPv4, IPv6, or Mixed IPv4 & IPv6.
Select a protocol based on the Umbrella IP address to which you have configured your router.

Add the network’s IP address and choose a subnet mask.
The network must be unique within Umbrella. If Umbrella displays the Network already exists error message, create a support case here.

Click Save.
Once the service validates your IP address, the network is listed at Deployments > Core Identities > Networks.

Initially, Umbrella lists your new network identity’s status as Inactive. Network status only changes to Active when DNS traffic is sent to Umbrella from the network.

The policy applied to your new identity depends on your policy configurations. If you have a policy configured that includes network identities, Umbrella applies that policy; otherwise; Umbrella applies the Default policy.

2. Point your DNS to Umbrella

Change the DNS Settings on Your Relevant Network Device

You need only do this on your edge DNS equipment, typically a DNS or DHCP server, or a router—this could be your DSL router or cable modem if that’s the only router in your network.

For instructions on how to configure computers (including laptops) or routers, see Point Your DNS to Cisco Umbrella.

Note: The client on which you test must have either retrieved a new set of DNS servers from the DNS/DHCP server or router, or have had its DNS settings changed manually for you to be able to verify successfully.

Watch the point DNS video

Test Your Network

Verify that your DNS connections are routed through Cisco Umbrella’s global network by navigating to the following page in your client’s browser: https://welcome.umbrella.com/. You should see the “Welcome to Umbrella” page below.

Welcome to Umbrella success message

Note: You may need to restart your client’s network interface or your computer.

To test your security settings, navigate to http://examplemalwaredomain.com/.

3. Add and configure a Security Policy

Add a policy

Navigate to Policies > Management > All Policies and click Add.

When the All Policies page opens for the first time, it only lists the Default policy. You can add a new policy or edit the Default policy. If you edit the Default policy, the Summary page opens, from which you can edit the Policy.

Note: The Default policy applies to all identities. You cannot remove identities from the Default policy.

Watch the policy video

Select Identities

The Select Identities window

Select the identities you wish to apply this policy to and then click Next.
This can be any combination of identities available to you. Identity categories, such as AD Computers or Roaming Computers, can be clicked through to choose identities more selectively.

If you have created tags, you can also select these. While listed under identities, a tag is not an identity, but rather a grouping of roaming computer identities. For more information about tags, see Best Practices for Policy Creation.

Determine what you want this policy to do

Policy components

Select the policy components you’d like to enable, then click Next.

Selecting an option here makes that component available for configuration in the Policy wizard’s later steps. However, selecting an option here does not necessarily activate that feature as some features require additional configuration.

Listed options correspond to policy features:

  • Enforce Security at the DNS Layer—These are settings related directly to the blocking of domains based on whether they are malicious and provides a base level of security protection. Recommended.
  • Inspect Files—Selectively inspect files in the cloud, not on-premise, so there is no need for additional hardware. The inspection is done with Cisco AMP and an antivirus. Unavailable, if the intelligent proxy is disabled. For more information, see Manage File Inspection.
  • Limit Content Access—These settings filter types of content. Recommended.
  • Control Applications—These settings block access to applications. Recommended.
  • Apply Destination Lists—If you have particular domains you’d like to allow or block, add them to a destination list. There are two by default, blockor allow, and you can create more to organize groups of domains. The two defaults are the Global lists, meaning they apply to any

Note: A Global Destination List, whether Block or Allow, applies to all policies and all identities. It is ‘global’ across all your organization’s configurations. To define a specific list, create a new list and add domains only to that list, then apply that list to individual sets of identities.

Advanced Settings: Expand this section to configure the intelligent proxy and related features, SafeSearch, Allow-Only mode, and logging. Click for information about advanced settings.

The Policy Wizard

Policy steps

Next the Policy Wizard will open and you’ll see a progress meter with the number of steps remaining until you’ve fully configured the policy. Available steps correspond to your policy component selections.

 

Configure Security Settings

Security settings in the policy wizard

These settings determine which categories of security threat Umbrella blocks. For more information about security category, see Manage Security Settings.

When you first access Security Settings, default settings are applied. The blue shield icon indicates a selected and enabled security category.

You can leave the security settings as is, select different settings, or edit settings and create a new one if needed. When done click Next.

 

Content Category Settings

Content Category Settings

Content categories organize destinations—in this case, websites—into categories based on the type of information served by the website; for example, gambling, social networking, or alcohol. Select content categories to block identity access to destinations that serve up content of that type. When an identity attempts to access a destination that is blocked because of a DNS content setting, an Umbrella block page appears. For a list of all categories and a definition for each, see Content Categories.

Select a category level of High, Moderate, or Low. Low categories are included with Moderate and both Moderate and Low category presets are included in High.

As with security settings, you can add a new content setting and modify an existing one directly from within the wizard.

When done click Next.

Other Configuration Settings

Depending on your initial policy selections you may have other settings to configure. Learn more about them below:

  • Configure Application Settings
  • Configure Destination Lists
  • Configure File Analysis

Configure Block Pages

Block page settings

Block Page Settings let you configure a block page that appears when a request is made to access a blocked page. You can also create a bypass so that access can be granted to the block page. You can customize the block page’s appearance and redirect to a custom domain.

Note: Not all categories can be bypassed. If a user is blocked for a Security or Malware category, the site is considered malicious and should not be accessed under any circumstances.

If you do not wish to change anything, just use the Umbrella Default Appearance, and click Next.

The Policy Summary

Policy Summary

Last, you’ll reach the Policy Summary. It covers all the modifications to the policy you just made. If you want to change anything, click the relevant Edit button and you’ll jump right back to that step, or you can disable the feature directly from the Summary screen. When you’ve made the change, you can jump back to the summary directly without having to click through all the other steps.

Give your policy a meaningful name. Click Save. Your policy is complete.
 

Get started with Reports

Now that you’ve pointed your DNS to Cisco Umbrella and set a policy, you can check your Cisco Umbrella reports to gain insights into your company’s internet and cloud application activities and see the risks Umbrella has blocked.

Depending on the amount of your network traffic, you may need to wait a few days to see results.

Learn how to use Umbrella’s built-in reports and get detailed information on reports and schedules.

 
Watch the reports video

How to purchase an Umbrella subscription

You can purchase a subscription at any time during your Umbrella free trial. Reach out to your Cisco Umbrella sales rep or partner to learn how to convert your trial to an Umbrella subscription.

Extend your trial: If you haven’t had enough time to see everything Umbrella has to offer, please contact your sales rep and ask to extend your trial.

After 14 days: If you do nothing you will lose Umbrella’s robust protection against malware, phishing, and other cyber threats. Don’t miss out on modern, seamless cybersecurity that can safeguard your network and data. Contact us before your trial ends.

Follow Us

Facebook X LinkedIn Youtube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2025 Cisco Umbrella