the secure internet gateway- a new frontier in the cloud
TRANSCRIPT
A New Frontier in the Cloud The Secure Internet GatewayJune 2017
Workplace desktops
Business apps
Critical infrastructure
How we worked beforeInternet
HeadquartersBranch
Workplace desktops
Sandbox
Replacement Box
SIEM
DLP
Web Security
Email Security
IDS
Firewall
VPN
Router
InternetSecuring the perimeter before the cloud
Headquarters Branch
Web Security
Router/UTM
Sandbox
...
Workplace desktops
Critical infrastructure
Business apps
Workplace desktops
Workplace desktops
Business apps
Critical infrastructure
Internet
Critical infrastructureAmazon, Rackspace, Windows Azure, etc.
The way we work changed
Business appsSalesforce, Office 365,
G Suite, etc.
68% of workloads in public cloud
datacenters
70% increase in SaaS usage
Business appsSalesforce, Office 365,
DocuSign, etc.
Workplace desktops
Business apps
Critical infrastructure
Internet
Critical infrastructureAmazon, Rackspace, Windows Azure, etc.
The way we work changed
82% admit to not using the VPN
49% of the workforce is mobile
Roaming laptops
Roaming laptops
Business appsSalesforce, Office 365,
DocuSign, etc.
Workplace desktops
Business apps
Critical infrastructure
Internet
Critical infrastructureAmazon, Rackspace, Windows Azure, etc.
30% of advanced threats target branch offices
70% of branch offices have direct
internet access
Branch office
The way we work changed
Security must evolve tooHow can the cloud
change our approach to security?
MalwareC2 CallbacksPhishing
SIG
Safe access anywhere users go, even off VPN
Secure onramp to the internet
First line of defense and inspection
Protect anywhere users connect
First line
On and off the corporate network
All ports and protocols
Open platform
Live threat intelligence
Proxy and file inspection
Discovery and control of SaaS
Your secure onramp to the internet, anywhere users go
SecureInternet Gateway
Visibility and protection for all activity, anywhere
HQ
Mobile
Branch
Roaming
IoT
ALL PORTS AND PROTOCOLS
ON-NETWORK
OFF-NETWORK
Umbrella
All office locations
Any device on your network
Roaming laptops
Every port and protocol
Enforcement built into the foundation of the internet
It all starts with DNS
• DNS is the main mechanism used to get traffic to Umbrella
• DNS is the first step in internet connections and is used by all devices
• Simple to deploy — just point DNS to Umbrella!
MalwareC2 CallbacksPhishing
208.67.222.222
Intelligent proxyDeeper inspection
for risky URLs
...Continued
SafeOriginal destinations
Security controls§ DNS and IP enforcement
§ SSL decryption available
BlockedModified destination
Internet trafficOn and off-network
DestinationsOriginal destination or block page
Intelligence to see attacks before launched
Data
§ Cisco Talos feed of malicious domains, IPs, and URLs
§ Umbrella DNS data —100B requests per day
Security researchers
§ Industry renown researchers § Build models that can
automatically classify and score domains and IPs
Models
§ Dozens of models continuously analyze millions of live events per second
§ Automatically uncover malware, ransomware, and other threats
Intelligence Statistical models
Co-occurrence modelIdentifies other domains looked up in rapid succession of a given domain
Natural language processing modelDetect domain names that spoof terms and brands
Spike rank modelDetect domains with sudden spikes in traffic
Predictive IP space monitoringAnalyzes how servers are hosted to detect future malicious domains
Dozens more models
2M+ live events per second
11B+ historical events
Integrations to amplify existing securityBlock malicious domains from partner or custom systems
Umbrella
YOUR CURRENT SECURITY STACK
Appliance-based detection + Others
Threat intelligence platform + Others
AMP Threat GridThreat analysis feed + Others
CloudlockCloud Access Security Broker + Others
IOCs
Custom integrations + OthersPython Script Bro IPS
What sets Umbrella apart
Easiestconnect-to-cloud
deployment
Fastest and most reliable
cloud infrastructure
Broadestcoverage of malicious destinations and files
Most open platform for integration
Most predictiveintelligence to stop
threats earlier
UmbrellaStart blocking in minutes
Easiest security product you’ll ever deploy
http://signup.umbrella.com1
2 Point your DNS:208.67.222.222
3 Done
