Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2590
Views
0
Helpful
3
Replies

Cisco Umbrella Features and Issues

AhmedSoliman3804
Level 1
Level 1

‎08-23-2019 11:11 AM

In current customer scenario , customer have following.50 devices  ( laptop / mobile )
- All devices are independent with windows 10 and logging into Azure AD/ Office 365
- No Domain Controller onsite
- User travel with laptop / mobile / tablet
- Users are in 4 different countries and all independent with no server or firewall
- One Watchguard T30W firewall to route internet for everyone onsite
     - DHCP role
     - DNS role
     - gateway 
I have done following

- Changed the DNS On Firewall for Open DNS
- Added the external ID of firewall to Cisco Umbrella 
I want to achieve following:

- Track each user by PC Name or IP Address
- Ensure mobile / laptop / tablet protected even when they travel
- Ensure users cannot disable roaming clients
- Deep scan of URL if possible
- IPS / Antivirus

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎08-23-2019 11:32 AM

Hi,
If you use the AnyConnect Client with the Umbrella module or the Umbella Roaming Client, this will report the hostname/local IP address and protect the laptops when the users travel. If required you can implement umbrella policies just for the roaming computers in addition to a policy when connected to the local network.

If the laptops are independant and not joined to an Active Directory domain, I don't see how you can stop the users from disabling the client themselves.

You can use the Umbrella's Intelligent Proxy with SSL decryption to provide deeper inspection for URLs/Files and anti-virus protection. You'll need to ensure the users computer has the Cisco Umbrella's Root Certificate installed on the computers.

HTH
0 Helpful

AhmedSoliman3804
Level 1
Level 1
In response to Rob Ingram

‎08-28-2019 06:01 AM

Thx RJI

0 Helpful

opryluts
Cisco Employee
Cisco Employee

‎09-12-2019 11:37 PM

Hi Ahmed,

 

With regard to your requirements:

 

- Track each user by PC Name or IP Address:

For both onsite and mobile users, Anyconnect Roaming client or Umbrella ERC module would be the best. Both of them give you an extra layer of protection - IP layer enforcement to protect direct IP communication. With AnyConnect you'll be able to utilize SWG feature as well in future (full proxy mode, HTTP/HTTPS requests control and visibility)

 

Another option for onsite users would be Umbrella VM which gives you the internal IP address visibility, for PC name visibility AD integration is required.


- Ensure mobile / laptop / tablet protected even when they travel

 

Anyconnect Roaming client or Umbrella ERC for sure your choice.


- Ensure users cannot disable roaming clients

 

For Umbrella ERC it is possible with limiting users right in Windows. For AnyConnect Roaming client lockdown feature is available during deployment - https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect43/administration/guide/b_AnyConnect_Administrator_Guide_4-3/deploy-anyconnect.html#ID-1425-000002b3

 

- Deep scan of URL if possible

 

With AnyConnect will be possible soon


- IPS / Antivirus

 

All traffic passing through Umbrella cloud is scanned/inspected by multiple security engines like AV/Malware protection/etc.

 

Let me know if you have further questions. If you find the reply helpful please mark it accordingly.

0 Helpful
Customers Also Viewed These Support Documents