Our First Line of Defense: Cisco Umbrella (Formerly OpenDNS)
Cisco Umbrella is the first line of defense for attacks on the internet. It will protect users that are connecting from many locations and devices. Umbrella can uncover current and emerging threats, provides visibility for activity across all devices and ports, and will stop attacks earlier.
How Does it Work?
Umbrella uses the internet’s infrastructure to block malicious destinations before a connection is ever established. If you are using the internet, you are using DNS (Domain Name System) – whether you are a 20-person non-profit or a chain of retail stores across the nation. With Umbrella, you can leverage DNS for security and protection across all your users, networks and devices.
DNS is the phonebook to the internet. It allows us to communicate with domain names (i.e. gmail.com or facebook.com) as opposed to IP addresses (i.e. 22.214.171.124 or 126.96.36.199). Just as you don’t have all your contacts’ phone numbers memorized but can still call them from your phone, DNS allows us to “phone” sites and access them without memorizing IP addresses. OpenDNS started in 2006 as a recursive DNS service that allowed for filtering content and blocking sites. Think blocking phone numbers from reaching your phone.
With this offering, OpenDNS gained over 50 million daily users by 2011. As a result, OpenDNS had visibility into over 50 billion daily DNS requests, second to only Google. By leveraging this massive amount of data, OpenDNS can map out the infrastructure of the internet and get an idea of how bad actors behave. From there, OpenDNS can proactively block any connections to those malicious actors before they ever launch an attack. This DNS security protection became known as OpenDNS Umbrella.
With this Umbrella offering, OpenDNS took off as an enterprise-security company. In 2015 Cisco acquired OpenDNS and rebranded it as Cisco Umbrella. Over the last 3 years, Cisco has made amazing strides in not only improving Umbrella as a DNS and IP layer of security and protection but really leveraging the cloud as a linchpin to deliver more security and protection in a holistic and intelligent manner. All via the cloud, all by simply changing DNS settings.