Cisco Umbrella Secure Internet Gateway Essentials package

By enforcing security at the DNS and IP layers, Umbrella blocks requests to malicious and unwanted destinations before a connection is even established — stopping threats over any port or protocol before they reach your network or endpoints.
Highlights include:

• The visibility needed to protect internet access across all network devices, office locations, and roaming users
• Detailed reporting for DNS activity by type of security threat or web content and the action taken
• Ability to retain logs of all activity as long as needed
• Fast rollout to thousands of locations and users to provide immediate return on investment

This level of protection is enough for some locations and users, yet others need additional visibility and control to meet compliance regulations and further reduce risk.

Umbrella includes a cloud-based full proxy that can log and inspect all of your web traffic for greater transparency, control, and protection. IPsec tunnels, PAC files and proxy chaining can be used to forward traffic for full visibility, URL and application-level controls, and advanced threat protection.
Highlights include:

• Content filtering by category or specific URLs to block destinations that violate policies or compliance regulations
• The ability to efficiently scan all uploaded and downloaded files for malware and other threats using the Cisco Secure Endpoint (formerly Cisco AMP) engine and third-party resources
• Cisco Secure Malware Analytics (formerly Threat Grid) rapidly analyzes suspicious files (unlimited samples)
• File type blocking (e.g., block download of .exe files)
• Full or selective SSL decryption to further protect your organization from hidden attacks and time-consuming infections
• Granular app controls to block specific user activities in select apps (e.g., file uploads to Dropbox, attachments to Gmail, post/shares on Facebook)
• Detailed reporting with full URL addresses, network identity, allow or block actions, plus the external IP address

Cisco Umbrella data loss prevention analyzes sensitive data in-line to provide visibility and control over sensitive data leaving your organization.
Highlights include:

• Easy enablement as part of Umbrella secure web gateway
• 80+ built-in content classifiers including PII, PCI, and PHI
• Customizable built-in content classifiers with threshold and proximity to tune and reduce false positives
• User-defined dictionaries with custom phrases (such as project code names)
• Detection and reporting on sensitive data usage and drill-down reports to help identify misuse
• Inspection of cloud app and web traffic content and enforcement of data policies

The Umbrella cloud-delivered firewall provides visibility and control for traffic that originated from requests going to the internet, across all ports and protocols.
Highlights include:

• Deployment, management and reporting through the Umbrella single, unified dashboard
• Customizable policies (IP, port, protocol, application and IPS policies)
• Layer 3 / 4 firewall to log all activity and block unwanted traffic using IP, port, and protocol rules
• Layer 7 application visibility and control to identify thousands of applications and block/allow them
• Intrusion prevention system (IPS)* to examine network traffic flows and prevent vulnerability exploits with an added layer of threat prevention using SNORT 3 technology and signature-based detection.
• Detection and blocking of vulnerability exploitation

Umbrella helps expose shadow IT by detecting and reporting on cloud applications in use across your environment. Insights can help manage cloud adoption, reduce risk and block the use of offensive or inappropriate cloud applications.
Highlights include:

• Reports on vendor category, application name, and volume of activity for each discovered app
• App details and risk information such as web reputation score, financial viability, and relevant compliance certifications
• Cloud malware detection to detect and remove malware from cloud-based file storage applications and ensure that applications remain malware-free.
• Ability to block/allow specific apps
• Tenant restrictions to control the instance(s) of SaaS applications that all users or specific groups/individuals can access

Available as an optional add-on
By isolating web traffic from the user device and the threat, Umbrella remote browser isolation (RBI) delivers an extra layer of protection to the Umbrella secure web gateway so that users can safely access risky websites.
Highlights include:

• Isolation of web traffic between user device and browser-based threats
• No performance impact on end users
• Protection from zero-day threats
• Granular controls for different risk profiles
• Rapid deployment without changing existing browser configuration
• On-demand scale to easily protect additional users on all devices, browsers, and operating systems