topic Re: Firesight security intelligence vs umbrella in Cloud Security

Firesight security intelligence vs umbrella

Massimo Baschieri — Fri, 21 Feb 2020 05:04:56 GMT

Anyone knows if Firesight security intelligence feeds from talos are the same maliciuos dns/url/ip lists used by umbrella?

In other words, can we say that a user under umbrella and a user under a firesight sensors with security intelligence applied have the same level of backlisting protection?

Re: Firesight security intelligence vs umbrella

evan.chadwick1 — Mon, 16 Apr 2018 02:06:59 GMT

If the firesight is configured with a dns policy (default one has no blacklists in it) and firesight is configured with URL filtering then yes.

But if the user goes off site, they'd have to vpn into the network to maintain the firesight protection.

The umbrella option would also require 'Insight' not 'professional' in order to receive Proxy protection and not just dns.

Re: Firesight security intelligence vs umbrella

Marvin Rhoads — Mon, 16 Apr 2018 11:31:03 GMT

I believe Firepower's URL categorization is still using the Brightcloud backend data source and not Talos intelligence.

Blacklists etc. should both be from Talos.