We’ve already talked in detail (in our previous post), about how Cisco Umbrella blocks malware, ransomware, botnets and phishing threats, while containing advanced attacks before they can cause damage. These threats can typically be delivered to one of your organisation's PCs when a user clicks on an innocent looking link, that actually turns out to be malicious, or by visiting an infected website.This article goes into further detail about another very important feature of Umbrella – Roaming Security.With Roaming Security you can protect your users when they are away from the office, for example when working in their hotel room, at home, during that flight delay at an airport, or just browsing for some relaxation time in a café somewhere in the world.Businesses usually load their laptops with Virtual Private Network (VPN) connectivity which allows users to create a secure connection back to the corporate network over the Internet. This means they can access all their usual things like file shares and email, and it also brings a consistent level of protection as the security on the corporate network is extended to this out of office scenario.Unfortunately, with over 45% of workers now classed as mobile and over 80% admitting to not always using the secure VPN, this leaves a significant gap in your organisations security. This is usually because they are also using their work laptops for personal use, and sometimes corporate web browsing restrictions may mean that they can’t get to that sports website or TV programme that they want to watch, or maybe they are not allowed to access personal email accounts like Gmail.So in reality, not every connection goes through the secure VPN, but as your workers activity extends beyond the workplace environment, your security must too, and while security may never stop 100% of the threats, it must work 100% of the time.Cisco Umbrella continues to protect employees in these ‘off network / VPN’ situations by blocking malicious domain requests and links as soon as they are requested. This early security at the DNS-layer means that connections are never established, and malicious files are never downloaded.This means that malware will not infect laptops and data will not be sent out to any third parties. And what’s more your Umbrella administrators will have real-time visibility of infected laptops and will be able to identify devices that have become infected.
In order to enable Roaming protection for your users, you first need to deploy a very lightweight Umbrella Roaming Client.
Or alternatively, you can activate the Umbrella Roaming Security module, if you already use Cisco AnyConnect for your corporate VPN connectivity.
When a devices connects to the internet, the Roaming client (and AnyConnect module) builds a secure DNS tunnel from the client device to the Umbrella service. Any external DNS requests for website domains etc. are then sent directly to Umbrella, where the request is analysed, before returning a good or bad response to the client. If the response is good the user is allowed to the connect to the requested site; if it is bad the request is redirected to the configured Umbrella block page, preventing the user for connecting to the malicious site.
Umbrella and other Cisco Security products use Cisco Talos global threat intelligence to identify threats at the earliest possible time in the threat cycle. It’s unique to Cisco and is the world’s largest and most accurate hub of global threat intelligence available today.
Talos is staffed by a team of leading threat researchers and supported by advanced analytical technology, it gathers information about cyber-attacks, surveys a large swath of the public internet to learn how these threats operate, and develops solutions to prevent them in the future.The scale of this operation cannot be overstated, Talos handles:
If you are interested in learning more about Umbrella Roaming Security, why not get in touch or even register to request a FREE 21 Day Trial of Cisco Umbrella, and try it out for yourself.Ironshare can get you up and running with the Umbrella Free trial within hours of receiving your request. So don't delay click here to Register Now!WHAT’S INCLUDED?
For more information on Cisco products or our services please get in touch by Clicking here.Ironshare – Security, Simplified
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
