Dec 10 2020

Review: Cisco Umbrella Adds Visibility to Higher Ed Security

This cloud-based security platform protects on-campus and remote users against internet threats.

Threats continue to increase in frequency and sophistication, and higher education institutions have become even more of a target during their shift to remote operations. Colleges must ensure consistent security for all users, especially today, which puts the pressure on IT leaders to bolster existing security capabilities.

One tool all colleges can leverage is a cloud-based platform that s­afeguards users from malicious and nefarious websites as they navigate the internet. Cisco Umbrella is touted as a first line of defense for such a purpose, and my testing revealed it does an outstanding job helping users avoid internet threats. It also can help colleges pinpoint compromised systems with real-time reporting.

Get Actionable Reports From Cisco Umbrella

Cisco Umbrella’s real-time security and activity reports are among the satisfying aspects of the software. They drive visibility and actionable intelligence — a big help if users bypass virtual private networks when working from home — and can help institutions avoid network security blind spots.

Priority Alerts Give IT Visibility Into Vulnerabilities

Immediate access to actionable data is key to fast incident response, which can lag when security teams don’t have enough information. Umbrella eliminates this problem by categorizing and retaining all internet activity. This capability simplifies the investigations process IT security teams often have to undertake to determine attack vectors and create vulnerability maps.

The Umbrella Investigate console provides the context to properly prioritize incidents, ultimately leading to faster incident response times. As a result, ­security analysts improve their ability to detect and remediate threats faster, particularly through the added use of Cisco Threat Response, which further automates integrations across Cisco security products and aggregates Umbrella intelligence with other sources.

With Cisco Umbrella, institutions can mitigate threats with additional layers of security to protect staff, students and faculty — whether they are working on campus or at home.

Cisco Umbrella

Cisco Umbrella Helps Colleges Fight Phishing Attacks

Cyberattacks are always increasing, with phishing emails and spam campaigns hitting almost every inbox. Phishing mail is especially insidious, as it’s designed to trick users into disclosing sensitive, personal information or organizational details. Now that institutions have significantly expanded remote work and learning, the threat has become even more pronounced.

Cisco Umbrella is a cloud-native platform that enforces security at the Domain Name System and IP layers built into the foundation of the internet. As a result, Umbrella is able to block malware, ransomware, phishing, botnets and malicious command and control servers. The block happens well before a connection is even established by the user device. This can help colleges stop threats over any port or protocol before they reach campus networks or endpoints.

Paired with Cisco’s selective proxy, colleges will receive deeper inspection of URLs and files looking for risky domains, while anti-virus engines and Cisco Advanced Malware Protection shut down threats. Umbrella even blocks direct IP connections from command and control callbacks for roaming users.

RELATED: See how one college leverages an integrated security ecosystem.

Umbrella also provides visibility into sanctioned and unsanctioned cloud services across an enterprise. This lets institutions uncover new services that are being activated and gain insights into who is using them. This can help identify potential risks and block specific applications easily. Umbrella has a highly resilient network environment that has boasted 100 percent uptime since 2006.

Last but not least, features such as Anycast routing let any of Cisco’s 30 or more data centers across the globe provide security services using a single IP address, so that requests are transparent and sent to the nearest, fastest data center. This also provides strong and automatic failover as Umbrella collaborates with more than 900 of the world’s top internet service providers along with content delivery networks and Software as a Service platforms.

All of that equates to a critical speed boost for network defenders looking to enhance their efforts discovering and remediating threats on normal days or whenever a crisis begins to stress operations.

Cisco Umbrella

ACTIONABLE: Retains and categorizes all activity
EXPANSIVE: Leverages threat intelligence service
PROACTIVE: Identifies new threats to protect users