惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Simon Willison's Weblog
Simon Willison's Weblog
Help Net Security
Help Net Security
P
Privacy International News Feed
T
Threat Research - Cisco Blogs
C
Cisco Blogs
C
CERT Recently Published Vulnerability Notes
NISL@THU
NISL@THU
L
LINUX DO - 热门话题
Security Latest
Security Latest
A
Arctic Wolf
G
GRAHAM CLULEY
月光博客
月光博客
S
Securelist
D
Docker
J
Java Code Geeks
T
Troy Hunt's Blog
T
Tenable Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
SecWiki News
SecWiki News
S
Security @ Cisco Blogs
量子位
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
L
LINUX DO - 最新话题
Recent Commits to openclaw:main
Recent Commits to openclaw:main
aimingoo的专栏
aimingoo的专栏
博客园 - 【当耐特】
H
Heimdal Security Blog
The Hacker News
The Hacker News
博客园 - 三生石上(FineUI控件)
Application and Cybersecurity Blog
Application and Cybersecurity Blog
N
Netflix TechBlog - Medium
Vercel News
Vercel News
Forbes - Security
Forbes - Security
B
Blog RSS Feed
H
Hackread – Cybersecurity News, Data Breaches, AI and More
IT之家
IT之家
B
Blog
MongoDB | Blog
MongoDB | Blog
博客园 - 聂微东
Google DeepMind News
Google DeepMind News
S
Secure Thoughts
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
Check Point Blog
云风的 BLOG
云风的 BLOG
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
T
The Blog of Author Tim Ferriss
L
Lohrmann on Cybersecurity
F
Full Disclosure
D
Darknet – Hacking Tools, Hacker News & Cyber Security
P
Proofpoint News Feed

Cisco Umbrella

Where Do I Start With SASE Evaluations? - Umbrella Blog Cisco Umbrella: A Leader in the GigaOm Radar for DNS Security Go Big & Go Chrome: Strengthen Cybersecurity in Education, the Enterprise & Beyond Millions of Cisco Umbrella Roaming Client Users to Benefit From Upgrading to Cisco Secure Client Marriott Leads the Way in the Fight to Protect Children Online Your Free Upgrade to Cisco Secure Client Awaits The Perfect Blend: Qdoba’s SASE Transformation Controlling ChatGPT Security Risks: Keeping Your Users Productive & Your Data Safe Cisco Umbrella for Government: Advanced Public Security
Cisco Umbrella for Gov't: DNS Security & CISA Protective DNS
Christina Hausman, Michael Sikillian · 2024-08-29 · via Cisco Umbrella

Cisco Umbrella for Government has achieved FedRAMP Moderate authorization*. Eligible customers can now leverage Cisco Umbrella for Government for robust DNS security and to meet the mandate for CISA’s Protective DNS with enhanced protection for on-premises and roaming client users.

Cisco Umbrella DNS-layer security proactively protects against malware and phishing attacks by blocking access to malicious websites before the browser connection is established. Umbrella for Government uniquely offers a differentiated recursive DNS-powered intelligence that quickly blocks threats, protecting users and devices, no matter where they are located, in the office or remote.  

Protective DNS is mandated by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to detect and prevent cyberattacks targeting Federal Civilian Executive Branch agencies (FCEB). U.S. Federal Civilian agencies must integrate with Protective DNS as part of the Department of Homeland Security’s mandate under Title 6 of the United States Code (USC) 663: Federal Intrusion Detection and Prevention System. It also aligns with DNS-related requirements and guidance contained in OMB M-21- 31 and M-22-09.

Cisco Umbrella for Government integrates directly with CISA Protective DNS. Developed in collaboration with CISA and Federal agencies, Umbrella supports both on-premises customers through our Virtual Appliance and hybrid/remote users running Windows, Mac, Chromebooks, iPhone and Android running the Cisco Secure Client. Umbrella customers benefit from Cisco’s industry-leading security that enhances and extends the benefits of Protective DNS while ensuring customers meet the Protective DNS mandate.

What are the benefits of the Umbrella for Government integration with Protective DNS?

The dual-protection model brings the following benefits, in addition to single-stage Protective DNS integration:

  • User-level granularity: Umbrella for Government identifies DNS traffic from individual users when they are on-premises and roaming anywhere in the world. By itself, Protective DNS can only enable policies for on-premises networks. Umbrella maintains that capability and extends it to allow fine-grained policies based on groups and individuals.
  • Policy creation: User-level granularity enables security personnel to create policies and pinpoint the source of suspicious behavior to the exact user and device anywhere in the world, enhancing Protective DNS beyond the capability to identify suspect behavior on individual on-premises networks.
  • Seamless mobile deployment: Every device running Cisco Secure Client (which includes Cisco AnyConnect VPN (Virtual Private Network)) can be integrated with Umbrella for Government, leveraging our Protective DNS integration without having to install a separate endpoint package. Protective DNS alone does not directly support mobile devices, which are required to be protected per the DHS mandate.
  • Enhanced policies, including AI (artificial intelligence): Umbrella for Government incorporates the full suite of Cisco’s commercial threat intelligence capabilities which provide a wider range of policy types than the Protective DNS service. These include AI-based policies to gate employee access to these new technologies — enhancing control while still enabling innovation.
  • Centralized reporting: The Umbrella for Government logging service has been updated to capture information on user access that was blocked by Protective DNS. These logs are available directly in the user interface (UI) and can be filtered for enhanced analysis and comparison.
  • Landing pages for blocked content: When user activity that is blocked by Umbrella for Government, users are redirected to a custom block page explaining the reason for restricting access, with a custom page built to identify Protective DNS-based policy restrictions.
Protective DNS reports in the Umbrella UI
Protective DNS reports in the Umbrella UI (underlined in red)

How does this help the customer enhance security?

Cisco Umbrella for Government simplifies the deployment, management and response to protecting on-premises and mobile devices through granular, user-based policies and reporting for security, content and application control. DNS-layer security offers proactive threat protection, reducing the number of infections and alerts seen from other security products by stopping threats at the earliest point. With threat intelligence backed by Cisco Talos, and features like resolver-native, machine learning-based and real-time DNS Tunneling protection, Umbrella for Government provides an integrated security platform.

Umbrella provides the security of encrypted DNS using DoH (DNS Over HTTPS), DoT (DNS over TLS) and DNSCrypt without added latency or the operational complexity of a VPN tunnel. Umbrella serves over 715 billion DNS requests per day to more than 30,000 enterprise customers and leverages experience of operating at scale, longevity and expertise in the DNS-layer security space since 2015.

How does the Cisco Umbrella-Protective DNS integration work?

Umbrella for Government’s approach to meet the CISA requirement uses a purpose-built integration mechanism that secures customer DNS traffic using the inspection capabilities of both Umbrella and Protective DNS.

Protective DNS-Umbrella integration flow
Umbrella-Protective DNS Integration Flow

How does the customer access the integration?

The integration with Protective DNS is a configuration option set both within the customer’s Protective DNS configuration and Umbrella’s cloud-based management. It is available at no additional charge for customers of Cisco Umbrella for Government (both DNS and the future SIG (Secure Internet Gateway) and Secure Access / Zero Trust offerings).

Selecting the Umbrella resolvers inside the PDNS page
Selecting Umbrella resolvers inside the Protective DNS page

Learn more about Cisco Umbrella for Government

Cisco Umbrella for Government reflects Cisco’s commitment to provide comprehensive, reliable cloud-native cybersecurity solutions to enable SASE (Secure Access Service Edge). In hyper-decentralized, hybrid work environments, Umbrella for Government is a crucial milestone in a long-term holistic cloud security strategy. Cisco has a full SSE (Security Services Edge) product family of Cisco Umbrella and Cisco Secure Access to address the challenging security reality of managing connectivity from anything to anywhere while simultaneously protecting against sophisticated, motivated threat actors.

Looking for more information? Check out the following resources:

*Please Note: Cisco Umbrella for Government has been granted FedRAMP Moderate ATO (Authority to Operate) as of 8/1/2024.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。