SIG Advantage: Advanced security, simplified
With the Cisco Umbrella Secure Internet Gateway (SIG) Advantage package, organizations can go about their business, protected from the evolving threat landscape. Through a broad set of features— namely a cloud access security broker (CASB), cloud-delivered firewall, a secure web gateway (SWG), DNS-layer security, and advanced threat intelligence — organizations can stay secure, end-to-end.
With each of these features packaged inside a single cloud-delivered service and dashboard, Cisco Umbrella SIG offers simplified security management and maximized security efficacy.
Adaptable, scalable security
As organizations become more scattered and as cloud applications become more prevalent, organizations are looking for scalable solutions. These hybrid work shifts have, in many ways, weakened centralized security policies, leading to increased risk of cyberattack.
SIG Advantage unifies secure web gateway, cloud access security broker, DNS-layer security, cloud-delivered firewall, data loss prevention, and other advanced security capabilities into a single cloud-delivered service. This consolidated software-as-a-service (SaaS) approach saves time to implement and maintain, freeing up time for businesses to get actual work done.
Top three reasons companies look for a SIG product
Frost & Sullivan applauds
Market research firm recognizes Cisco Umbrella’s leadership in Secure Web Gateway (SWG) solutions. Discover what key market differentiators set our SWG solution apart from the competition, prompting a Frost & Sullivan leadership award.
Embrace SASE with SIG Advantage
Today’s hybridized working environment, paired with other factors such as high cloud application usage, has facilitated a shift for security teams. With these shifts, centralized security policy enforcement diminishes, and the risk of successful cyberthreats increases. Many organizations use separate points solutions to handle these escalating threats, but this approach can be difficult to integrate and manage.
This is where SASE — secure access service edge — can be a game-changer. SASE is the convergence of several disparate security technologies into a single cloud-delivered platform, simplifying deployment and management of threat prevention.
SIG Advantage can help you cut complexity, reduce risk exposure, and improve performance using a single cloud-delivered dashboard. It deploys seamlessly and easily and is built to scale with your business.
SIG Advantage components
By enforcing security at the DNS and IP layers, Umbrella blocks requests to malicious and unwanted destinations before a connection is even established — stopping threats over any port or protocol before they reach your network or endpoints.
- The visibility needed to protect internet access across all network devices, office locations, and roaming users
- Detailed reporting for DNS activity by type of security threat or web content and the action taken
- Ability to retain logs of all activity as long as needed
- Fast rollout to thousands of locations and users to provide immediate return on investment
This level of protection is enough for some locations and users, yet others need additional visibility and control to meet compliance regulations and further reduce risk.
Secure web gateway (full proxy)
Umbrella includes a cloud-based full proxy that can log and inspect all of your web traffic for greater transparency, control, and protection. IPsec tunnels, PAC files and proxy chaining can be used to forward traffic for full visibility, URL and application-level controls, and advanced threat protection.
- Content filtering by category or specific URLs to block destinations that violate policies or compliance regulations
- The ability to efficiently scan all uploaded and downloaded files for malware and other threats using the Cisco Secure Endpoint (formerly Cisco AMP) engine and third-party resources
- Cisco Secure Malware Analytics (formerly Threat Grid) rapidly analyzes suspicious files (unlimited samples)
- File type blocking (e.g., block download of .exe files)
- Full or selective SSL decryption to further protect your organization from hidden attacks and time-consuming infections
- Granular app controls to block specific user activities in select apps (e.g., file uploads to Dropbox, attachments to Gmail, post/shares on Facebook)
- Detailed reporting with full URL addresses, network identity, allow or block actions, plus the external IP address
Data loss prevention (DLP)
Cisco Umbrella data loss prevention analyzes sensitive data in-line to provide visibility and control over sensitive data leaving your organization.
- Easy enablement as part of Umbrella secure web gateway
- 80+ built-in content classifiers including PII, PCI, and PHI
- Customizable built-in content classifiers with threshold and proximity to tune and reduce false positives
- User-defined dictionaries with custom phrases (such as project code names)
- Detection and reporting on sensitive data usage and drill-down reports to help identify misuse
- Inspection of cloud app and web traffic content and enforcement of data policies
Cloud-delivered firewall (CDFW)
The Umbrella cloud-delivered firewall provides visibility and control for traffic that originated from requests going to the internet, across all ports and protocols.
- Deployment, management and reporting through the Umbrella single, unified dashboard
- Customizable policies (IP, port, protocol, application and IPS policies)
- Layer 3 / 4 firewall to log all activity and block unwanted traffic using IP, port, and protocol rules
- Layer 7 application visibility and control to identify thousands of applications and block/allow them
- Intrusion prevention system (IPS)* to examine network traffic flows and prevent vulnerability exploits with an added layer of threat prevention using SNORT 3 technology and signature-based detection.
- Detection and blocking of vulnerability exploitation
Cloud access security broker (CASB)
Umbrella helps expose shadow IT by detecting and reporting on cloud applications in use across your environment. Insights can help manage cloud adoption, reduce risk and block the use of offensive or inappropriate cloud applications.
- Reports on vendor category, application name, and volume of activity for each discovered app
- App details and risk information such as web reputation score, financial viability, and relevant compliance certifications
- Cloud malware detection to detect and remove malware from cloud-based file storage applications and ensure that applications remain malware-free.
- Ability to block/allow specific apps
- Tenant restrictions to control the instance(s) of SaaS applications that all users or specific groups/individuals can access
Cisco Secure Malware Analytics
Cisco Secure Malware Analytics (formerly known as Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. By leveraging Cisco Umbrella Investigate, included in the SIG Advantage package, and Cisco Secure Malware Analytics, security analysts can uncover malicious domains, IPs, ASNs and files to get the most complete view of an attacker’s infrastructure, tactics, and techniques.
- Ability to detect hidden attack methods and report on malicious files
- Single, correlated source of intelligence to speed threat hunting and incident response
- Simple APIs to integrate with SecureX and your SIEM for enriching security data
- Ability to predict unknown threats using real-time threat intelligence
- Automated alerts for retrospective events
Remote browser isolation (RBI)
Available as an optional add-on
By isolating web traffic from the user device and the threat, Umbrella remote browser isolation (RBI) delivers an extra layer of protection to the Umbrella secure web gateway so that users can safely access risky websites.
- Isolation of web traffic between user device and browser-based threats
- No performance impact on end users
- Protection from zero-day threats
- Granular controls for different risk profiles
- Rapid deployment without changing existing browser configuration
- On-demand scale to easily protect additional users on all devices, browsers, and operating systems
Backhauling internet bound traffic from remote sites is expensive and adds latency. Many organizations are upgrading their network infrastructure by adopting SD-WAN and enabling direct internet access (DIA). Eighty percent of organizations extensively or selectively use SD-WAN today.
Umbrella and SD-WAN are core elements of Cisco’s secure access service edge (SASE) architecture that consolidate networking and security functions. With the Umbrella and Cisco SD-WAN integration, you can simply and rapidly deploy Umbrella across your network and gain powerful cloud-delivered security to protect against threats on the internet and secure cloud access. This market-leading automation makes it easy to deploy and manage the security environment over tens, hundreds or even thousands or remote sites. Umbrella offers flexibility to create security policies based on the level of protection and visibility you need — all in the Umbrella dashboard.
Cisco Umbrella SIG Advantage: Key features
- The highest level of Cisco Umbrella protection in a single service
- Includes 7-layer firewall, data loss prevention, other features exclusive to this package
- Seamlessly helps block cyberattacks at the DNS-layer across SASE environments
- Value-focused subscription covers all features: CASB, advanced malware analytics, and more
The Cisco Umbrella SIG Advantage package
The SIG Advantage package offers tighter security within organizations while using less time and fewer resources. Cisco Umbrella boasts a growing community of over 100 million global users that experience secure, fast, and dependable internet connections every single day.
The results confirm the Umbrella promise: Post-implementation, 78% of Umbrella customers see value in a week or less, and over half of users report reduced malware by 50% or greater.
Ready to get started?