We’ve all heard the saying: You can’t teach an old dog new tricks. But have you ever tried?

I know, I know, you didn’t come here for canine training tips. Stay with me, there’s a point to all this. Anyways, it’s super hard. I tried, and all the dog wanted to do was sleep. Your best bet? You guessed it — getting a new dog.

The same thing was happening in security. New problems were arising — more roaming workers, apps and infrastructure moving to the cloud, and branch offices connecting directly to the internet — and the old tricks weren’t cutting it.

Enter new dog

Cisco Umbrella is the industry’s first Secure Internet Gateway (SIG) in the cloud. What is a SIG, you ask? Good question. A SIG provides safe access to the internet anywhere users go, even when they are off the VPN. Before you connect to any destination, a SIG acts as your secure onramp to the internet and provides the first line of defense and inspection. Regardless of where users are located or what they’re trying to connect to, traffic goes through the SIG first. Once the traffic gets to the SIG cloud platform, there are different types of inspection and policy enforcement that can happen.


You’re probably thinking “Hey! that sounds like the stuff you guys have been doing for years!” and you’re not entirely wrong. We’ve taken the functionality and proven platform from OpenDNS and used it as the starting point for designing our SIG. But here’s where things get taken to a new level. We’ve taken other technology from across the Cisco portfolio and reimagined how it could be integrated together in order to deliver an even broader range of coverage of malicious destinations and files and better intelligence, while maintaining and improving our openness and simplicity.

Stop more threats

To prevent more threats, we’ve added the ability to inspect files. Using a combination of AV engines and Cisco Advanced Malware Protection (AMP), Umbrella now inspects files that are attempted to be downloaded from risky domains — providing additional protection for your organization. Our intelligent proxy was also re-architected using microservices to automatically scale for even better performance.

Making our intelligence more intelligent

We know the bad guys will try new methods, so we are constantly tuning and developing new statistical models to help uncover attacks before they launch. We’ve added two more, including one that predicts domains that will be used in future spam campaigns, and one that automates the reverse engineering of domain generation algorithms (DGAs) to predict thousands of future malicious domains. We’ve created additional security categories to give organizations the flexibility to block potential threats sooner. And you can now create custom URL blacklists based on your local intelligence for more granular control and the ability to extend protection beyond your perimeter.

Keep it simple, keep it open

We want every interaction between you and our technology to be intuitive, meaningful, and ultimately, a delight. We know some of your biggest needs in the Umbrella dashboard revolve around setting up policies, finding infected devices, and identifying security trends within your organization. We’re revamping our user interface to improve policy configuration and provide more extensive reporting options. We’re introducing a new policy wizard that dynamically updates depending on what type of policy you want to create or change.

When you’re creating new policies, not only does it walk you through every step of the policy configuration with a simple question-based flow, but you can also use our policy tester before implementing to ensure it will be applied as you intended. For reporting, we’ve revamped the design to help you find key information faster and make reports easier to share. Now, it’s even easier to know what to focus on.

Since day one, we’ve built Umbrella to be a product that integrates and works closely with all types of technologies and platforms — including security appliances, intelligence platforms or feeds, and custom, in-house tools. Now, Umbrella integrates with Cisco Wireless LAN Controllers to gain broad visibility and protection across your wireless environment. Additionally, Umbrella together with CloudLock offers discovery and control for use of SaaS apps.

If you’ve been with us awhile, we’re excited for you to experience all the new features and functionality we’re adding to Umbrella. If you’re new (welcome!), we encourage you to try Umbrella, and see first-hand the power of simple and effective cloud security.

For more information, check out Secure Internet Gateway.


Kevin Rollinson

Product Marketing Manager

Security - Cisco Umbrella