cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2477
Views
10
Helpful
4
Replies

Umbrella to stop VPN in a school environment

AndreasKvist
Level 1
Level 1

Hi, 

 

Do you know if Umbrella is able to stop VPN connections on a school network. Question came up in a discussion with a customer considering Umbrella as an additional security layer. 

If you have any useful docs I´m to take a look at them. 

 

BR

 

Andreas

1 Accepted Solution

Accepted Solutions

Yes, ideally permit outbound DNS to the Umbrella server only. From experience I'd do that with caution, there are probably a load of legitimate systems pointing to public DNS servers.

 

Relavant useful link:

https://support.umbrella.com/hc/en-us/articles/230904088-Preventing-Circumvention-of-Cisco-Umbrella-with-Firewall-Rules

 

As it's a school you might want to consider blocking (DoH) DNS over HTTPS.

 

FYI, If you are deploying a VA (Virtual Appliance) you would also need to open a load of other ports as well.

View solution in original post

4 Replies 4

Hi @AndreasKvist 

You can block "Personal VPN" using Umbrella DNS Content Categories

https://docs.umbrella.com/umbrella-user-guide/docs/manage-dns-content-categories

 

HTH

Hi, I got recommended to also change port 53 to only accept Umbrella IPs. 

 

What do you think?

 

BR

 

Andreas

Yes, ideally permit outbound DNS to the Umbrella server only. From experience I'd do that with caution, there are probably a load of legitimate systems pointing to public DNS servers.

 

Relavant useful link:

https://support.umbrella.com/hc/en-us/articles/230904088-Preventing-Circumvention-of-Cisco-Umbrella-with-Firewall-Rules

 

As it's a school you might want to consider blocking (DoH) DNS over HTTPS.

 

FYI, If you are deploying a VA (Virtual Appliance) you would also need to open a load of other ports as well.

Thanks a million Rob, most helpful!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: