How Cisco Umbrella Boosts Branch Security without Compromising Performance

Branch offices are critical to the operations, and bottom line, of many organizations. Most employees work from branch locations, and the average business relies on branches to generate most of its revenue. Because demand for productivity, efficiency, service availability and reliable Internet access are so high, the traditional IT architectural model for branches is no longer sustainable.

Traditionally, organizations backhauled all WAN traffic — including Internet traffic — from branch locations to the main data center. Today, however, that model creates complexity, latency issues and unnecessarily high costs.

Users need access to a growing array of Software-as-a-Service applications and multiple clouds. And with more devices connected to the network at more locations, organizations need a WAN architecture that provides high-performance, highly reliable Internet access. As a result, up to 60 percent of WAN traffic now travels over direct connections to the Internet.

The drawback of this decentralized architecture is that it increases security risks. In addition to dealing with an expanded attack surface, organizations need to protect branches from an array of threats, from malware infections and phishing attacks to denial-of-service attacks and unacceptable use of business applications.

 

Protecting Users Wherever They Go on the Internet

While traditional security focused on the data center edge, there are now more edges to worry about. Organizations need to defend the data center edge, the cloud edge and the branch edge to ensure a secure Internet connection without creating latency. This requires an integrated branch-to-cloud-edge network architecture with no security gaps.

Cisco Umbrella is a secure Internet gateway that delivers DNS-layer enforcement built into the foundation of the Internet. Umbrella protects users against threats on the Internet and stops malware before it gets to the endpoint or network. DNS provides protection at all ports and protocols, as well as direct-to-IP connections.

Rather than proxying all traffic, which can impact performance, requests to potentially dangerous sites are routed for deeper inspection. Even if a device is somehow compromised, Umbrella prevents connections with an attacker’s command-and-control servers so that malware can’t be executed and data can’t be exfiltrated.

As a cloud-delivered security service, Umbrella is easy to setup and use and always up-to-date with the latest threat intelligence. The browser-based interface provides visibility into Internet activity across the extended enterprise so that threats can be detected and contained quickly.

 

A Better Way to Protect Branches

Three in 10 advanced, targeted threats now go after branch location as an entry point, making branches susceptible to sophisticated attacks. Cisco Umbrella Branch brings the advanced security features of Umbrella to branch offices, offering a simpler, faster way to protect devices connected to the branch network. Umbrella Branch has the fastest, most reliable DNS, supporting more than 90 million daily active users and 175 billion daily Internet requests or connections.

Also delivered from the cloud, Umbrella Branch is a security service for the Cisco Integrated Services Router and the Cisco Small Business RV Series Routers. With full visibility and policy enforcement at the DNS layer, you can block requests to malicious websites and IP addresses before a connection is made and keep malware off network devices. That includes guest Wi-Fi networks, which are notorious for risky activity.

The traditional approach to branch security threatens to hamper productivity and leave gaps in protection that put your organization at risk. Let us show you Cisco Umbrella Branch simplifies branch security and provides a strong, first layer of defense against advanced threats.

Stop threats before they knock on your door

If branch locations are critical to your operations, you need a robust security solution that protects against Internet-borne attacks without impacting performance. Cerium’s Cisco-certified engineers can help you leverage Cisco Umbrella Branch to detect and block malicious activity across all ports, protocols and direct Internet connections.

Learn More

Related Articles

A sampling of other articles you may enjoy if you liked this one.

CISA Issues DNS Attack Emergency Directive
Feb 6, 2019

Failure to Implement Mandated DNSSEC Leaves Gaping Hole in Security Under the jurisdiction of Depar...

Read More
How a Cloud Access Security Broker Strengthens Cloud Security
Feb 5, 2019

Cloud adoption continues to increase, the cloud market is quickly maturing, and more organizations a...

Read More
Rethinking Security for the Mobile and Cloud Era
Jan 31, 2019

Medieval security might seem primitive by today’s standards, but it was quite effective in its day...

Read More
Stay in the Know

Stay in the Know

Don't miss out on critical security advisories, industry news, and technology insights from our experts. Sign up today!

You have Successfully Subscribed!