Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
1142
Views
1
Helpful
0
Comments

Cisco Umbrella Policy Flow

Meddane
VIP
VIP

on ‎03-09-2023 05:05 AM

Umbrella offers a broad set of security functions that until now required separate firewall, web gateway, threat intelligence, and cloud access security broker (CASB) solutions.

Umbrella DNS is resolved first. It is the first check for malicious or unwanted domains and is based on the defined DNS policies. This reduces the quantity of traffic that is sent to the CDFW and SWG, improving responsiveness and performance

All traffic that has made it through DNS checks will be inspected by the CDFW. The firewall provides visibility and control for outbound internet traffic across all ports and protocols (L3/L4) as well as L7

The SWG will inspect any traffic that is destined for 80/443 after it has been permitted by the CDFW to provide a deeper security inspection. It will also apply application, visibility and control policies.

Umbrella’s cloud access security broker (CASB) detects and reports on cloud applications in use across your environment while Umbrella data loss prevention (DLP) analyzes sensitive data to provide visibility and control over sensitive data to avoid data exfiltration.

Umbrella Demystified.PNG

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents