Blog | Orixcom | Colocation, Connectivity, Cybersecurity

Exploring Cisco Umbrella: Features & Pricing Decoded

Written by Mohamed El-Shayeb | January 2024

Cisco Umbrella is a cloud-based, DNS security platform designed to provide advanced threat protection and internet security for businesses. It serves as a first line of defence against cyber threats by blocking malicious activities at the DNS layer, before they reach an organisation's network or endpoints. Cisco Umbrella is part of the broader Cisco security ecosystem and plays a crucial role in enhancing cybersecurity posture.

Key features of Cisco Umbrella include:

  1. DNS-layer Security: Cisco Umbrella uses DNS (Domain Name System) to identify and block malicious domains, preventing users from accessing harmful websites and stopping threats at the initial stage of the attack.
  2. Intelligent Proxy: It offers a secure web gateway, inspecting and filtering web traffic to protect against malware, phishing and other internet-based threats. This is particularly important for remote users and branch offices.
  3. Integration with Cisco Security Solutions: Cisco Umbrella integrates seamlessly with other Cisco security products, creating a comprehensive and cohesive security infrastructure. This integration enhances threat intelligence and facilitates a unified response to cybersecurity incidents.
  4. Visibility and Reporting: Cisco Umbrella provides visibility into internet activity across the entire organisation. It offers detailed reports and analytics to help businesses understand their network traffic, identify potential threats and make informed security decisions.
  5. Global Threat Intelligence: Leveraging threat intelligence from Cisco Talos, one of the largest threat intelligence teams in the world, Cisco Umbrella stays updated on the latest cybersecurity threats and trends, ensuring proactive protection.

Understanding the features and pricing of Cisco Umbrella is crucial for effective implementation and cybersecurity management. Here's why:

  1. Customisation: Knowing the features allows enterprises to tailor their security policies based on their specific needs. This ensures that the solution aligns with the organisation's security objectives and operational requirements.
  2. Cost-Efficiency: Understanding the pricing structure helps organisations make informed decisions regarding the cost-effectiveness of Cisco Umbrella. It allows them to choose the right subscription model based on their budget and requirements.
  3. Scalability: Knowledge of features and pricing enables organisations to assess the scalability of the solution. This is essential for businesses that anticipate growth or have dynamic user and device requirements.
  4. Optimised Resource Allocation: By understanding the features, businesses can allocate resources effectively, focusing on the capabilities that matter most for their unique security challenges.

Cisco Umbrella Features and Benefits

Cisco Umbrella Features:

  • DNS-Layer Security -

    DNS-Layer Security is a fundamental feature of Cisco Umbrella that acts as a proactive defence mechanism against cyber threats. It operates by preventing users from connecting to malicious domains at the DNS level, before any actual connection is established. When a user attempts to access a website, Cisco Umbrella checks the requested domain against its threat intelligence database and blocks access if the domain is identified as malicious.

Benefits:

  1. Phishing Sites: Cisco Umbrella can block access to phishing websites by identifying suspicious domains hosting phishing content. This prevents users from falling victim to phishing attacks that attempt to steal sensitive information such as login credentials.
  2. Malware Distribution:
    If a website is known to distribute malware, Cisco Umbrella will prevent users from accessing it, mitigating the risk of malware infections that could compromise the security of the organisation's network.
  • Intelligent Proxy -

    The Intelligent Proxy feature of Cisco Umbrella serves as a secure web gateway, inspecting and filtering web traffic to ensure that users are protected from malicious content. It acts as an intermediary between users and the internet, analysing and blocking potential threats before they reach the user's device. By leveraging cloud-delivered intelligence, the Intelligent Proxy provides real-time protection against evolving web-based threats.

Benefits:

  1. Malware and Threat Prevention: The Intelligent Proxy scans web content for malware, preventing users from unknowingly downloading or accessing malicious files or websites.
  2. Content Filtering: It allows organisations to enforce policies for acceptable internet usage, blocking access to inappropriate or non-compliant content, thus ensuring a secure and compliant web browsing experience for users.
  • Threat Intelligence -

    Cisco Umbrella incorporates robust threat intelligence capabilities by integrating with Cisco Talos Intelligence, one of the largest and most advanced threat intelligence teams globally. This integration ensures that organisations have access to real-time, up-to-date information on emerging threats and can proactively defend against new and evolving cybersecurity risks.

Benefits:

Cisco Umbrella continuously receives threat intelligence updates from Cisco Talos, allowing it to identify and block the latest threats. This integration enhances the platform's effectiveness in countering both known and unknown threats.

  • Secure Access Anywhere -

    Secure Access Anywhere is a critical feature that addresses the modern workforce's need for remote connectivity. With the increasing prevalence of remote work, securing user access beyond the traditional perimeter is essential. Cisco Umbrella ensures that remote users can connect securely to the internet and corporate resources, regardless of their location.

Benefits:

  1. Encrypted Traffic Inspection: Cisco Umbrella can inspect encrypted traffic, ensuring that even secure connections are screened for potential threats.
  2. Cloud-Delivered Security: By being cloud-delivered, Cisco Umbrella provides consistent protection for users, whether they are in the office, at home or on the go.

In summary, Cisco Umbrella's features, including DNS-Layer Security, Intelligent Proxy, Threat Intelligence and Secure Access Anywhere, collectively contribute to a robust cybersecurity posture by preventing threats at multiple levels and ensuring secure connectivity for users, regardless of their location.

Cisco Umbrella Benefits: 

  1. Simplifies Security

    Cisco Umbrella simplifies security by providing a cloud-delivered, comprehensive security solution. By consolidating multiple security functions into a single, integrated platform, it streamlines the complexity of managing various security tools. The centralised management simplifies policy enforcement, threat detection and incident response, allowing businesses to maintain robust cybersecurity without the burden of intricate configurations.

  2. Protects your Remote Users

    In an era where remote work is only increasing, Cisco Umbrella stands out for its ability to extend protection to remote users. Through its cloud-based architecture, it safeguards users wherever they are, ensuring consistent security measures whether employees are in the office, working from home, or on the go. This seamless protection helps organisations maintain strong security regardless of their users' locations.

  3. Prevents Attacks

    Cisco Umbrella is a proactive defence against cyber threats. It leverages threat intelligence and advanced analytics to identify and block malicious activities before they can reach your network. By enforcing security policies at the DNS and IP layers, it prevents users from accessing malicious domains and stops threats at the earliest stage, thwarting attacks and minimising the risk of compromise.

  4. Detailed Reporting and Data Analytics

    Cisco Umbrella goes beyond protection by offering detailed reporting and data analytics. It provides valuable insights into network traffic, user behaviour and security events. The platform's analytics capabilities enable businesses to understand the threat landscape, identify potential vulnerabilities and make informed decisions to enhance their overall security strategy.

  5. Reduces Response Time

    The speed of response is critical in cybersecurity and Cisco Umbrella excels in reducing response time. With its real-time threat intelligence and automated enforcement of security policies, the platform ensures swift identification and containment of threats. This rapid response capability is instrumental in minimising the impact of cyber incidents and mitigating potential damages to an organisation's IT infrastructure and data.

Read more on how Cisco Umbrella can benefit your organisation here.

Cisco Umbrella Pricing Plans

Cisco Umbrella DNS Pricing

Cisco Umbrella DNS Security Essential Pricing:

  • Cost: AED 12.00 per month per user for 1 to 99 users. 
  • Inclusions: The pricing is on a per-user basis and is applicable to a range of users from 1 to 99.
Features Included in the Essentials Plan:
  1. Malicious Domain Blocking: Cisco Umbrella blocks access to malicious domains both on and off the network. This helps prevent users from accessing potentially harmful websites.
  2. Shadow IT Discovery and Blocking: The Cloud Access Security Broker (CASB) feature helps in discovering and blocking shadow IT. This is crucial for identifying and controlling the use of unauthorised cloud applications and services.
  3. Umbrella APIs: The inclusion of key Umbrella APIs allows for integration with other systems or applications. This can enhance the overall security stance and streamline security management.
  4. Log Exporting: The ability to export logs is crucial for monitoring and analysis. Log exporting enables organisations to review and analyse security events, helping them understand the threat landscape and respond effectively.
  5. Identity-Based Policies: This feature likely allows businesses to create and enforce policies based on user identities. Identity-based policies can help tailor security controls to specific user roles or departments, providing a more granular level of security.
  6. Orixcom Managed Services: Opting for a Managed Services plan allows businesses to concentrate on their operations and let our security experts look after the digital security of the organisation. It includes free installation, policy configuration, reporting and 24x7x365 monitoring and support.
Who is it suitable for?
  1. Target Audience: The Essentials plan is suitable for small businesses with 1 to 99 users.
  2. Basic Security Needs: It covers fundamental security needs by blocking malicious domains, discovering and blocking shadow IT and providing identity-based policies.
  3. Managed Services Inclusion: Orixcom Managed Services is particularly beneficial for small businesses that don’t have the internal expertise required to manage a comprehensive security infrastructure.

Cisco Umbrella DNS Security Advantage Pricing:

  • Cost: AED 17.96 per month per user for 1 to 99 users.
  • Inclusions: User-based pricing model ensures cost-effective scalability.
Features included in the Advantage Plan:
  1. Enhanced Security Framework: Includes DNS Security Essentials, forming a robust foundation for advanced security measures.
  2. Selective Web Proxy: Incorporates a selective web proxy, allowing a detailed examination of domains, especially those deemed risky. This feature enhances threat detection and mitigation.
  3. Investigate Console and API Access: Provides access to the Investigate Console and API, empowering mid-sized enterprises with advanced tools for thorough threat investigation and analysis.
  4. On-demand Enrichment API: Offers an On-demand Enrichment API, facilitating real-time data enrichment. This capability contributes to a proactive security posture, keeping organisations ahead of emerging threats.
  5. Orixcom Managed Services: Managed services by Orixcom are included, ensuring comprehensive support for the implementation and ongoing management of security measures. This support is particularly valuable for mid-sized enterprises with complex security requirements.
Benefits:
  1. Tailored for Mid-Sized Enterprises: The plan is specifically designed to cater to the advanced security needs of mid-sized enterprises, offering a solution that aligns with their scale and complexity.
  2. Proactive Threat Mitigation: The selective web proxy and On-demand Enrichment API empower businesses to proactively identify and mitigate potential threats, preventing security incidents before they occur.
  3. Advanced Threat Visibility: Access to the Investigate Console and API provides advanced threat visibility, allowing organisations to analyse and respond to security incidents with a higher level of detail and precision.
  4. Cost-Effective Scalability: The user-based pricing model ensures cost-effective scalability, allowing mid-sized enterprises to adjust their security investment based on user growth and evolving security requirements.
  5. Efficient Security Operations: Orixcom Managed Services contribute to efficient security operations by providing comprehensive support. This allows internal resources to focus on strategic security initiatives rather than routine management tasks.

Cisco Umbrella Secure Internet Gateway (SIG) Pricing

Cisco Umbrella SIG Essentials Pricing:

  1. Cost-Effective Pricing:
    • AED 23.96 per month per user for 1 to 99 users.
    • Cost-effective pricing model suitable for small to mid-sized enterprises.
  2. Recommended Plan: This plan is the most popular among SME’s because it offers a well-balanced set of features for comprehensive internet security.
  3. Integrated DNS Security Advantage: Includes DNS Security Advantage, providing advanced DNS-layer security and additional features beyond essentials.
Features included in SIG Essentials Plan:
  1. L3-L4 Firewall: The plan incorporates a Layer 3 to Layer 4 firewall, adding network security measures to protect against unauthorised access and data breaches.
  2. Cloud Malware Detection (2 apps): It offers cloud-based malware detection for two applications, enhancing protection against malicious software delivered over the internet.
  3. Secure Malware Analytics (500 samples a day): Provides access to Secure Malware Analytics with a daily allowance of 500 samples. This feature allows for in-depth analysis of malware to improve threat intelligence.
  4. Orixcom Managed Services: Managed services by Orixcom are included, providing comprehensive support for the implementation and ongoing management of security measures. It includes free installation, policy configuration, reporting and 24x7x365 monitoring and support.
Benefits of Secure Internet Gateway Essentials Plan:
  1. Comprehensive Internet Security: The plan combines DNS Security Advantage, firewall protection and cloud malware detection to offer a comprehensive solution for internet security.
  2. Advanced Threat Protection: The integrated DNS Security Advantage and malware analytics contribute to advanced threat protection, ensuring proactive defence against evolving cyber threats.
  3. Cost-Effective Scalability: With user-based pricing and features suitable for 1 to 99 users, the plan allows for cost-effective scalability to meet the changing needs of small to mid-sized enterprises.

Cisco Umbrella SIG Advantage Pricing:

  • AED 36.73 per month per user for 1 to 99 users.
  • User-based pricing for cost-effective scalability.
Features included in SIG Advantage Plan:
  1. Integrated Secure Internet Gateway Essentials: Includes all features of the Secure Internet Gateway Essentials plan, serving as a foundation for more advanced security measures.
  2. Firewall (L7 AVC; IPS): Incorporates a Layer 7 Application Visibility and Control (AVC) firewall along with Intrusion Prevention System (IPS) for comprehensive network security.
  3. Inline Data Loss Protection: Offers inline Data Loss Protection (DLP) to prevent sensitive data leakage and enhance confidentiality.
  4. Cloud Malware Detection (all supported apps): Provides cloud-based malware detection for all supported applications, offering robust protection against a wide range of malicious software.
  5. Secure Malware Analytics (3 admin users; unlimited sample submissions):
    Access to Secure Malware Analytics with privileges for 3 admin users and unlimited sample submissions. This feature enhances malware analysis and threat intelligence.
  6. Orixcom Managed Services: Managed services by Orixcom are included, ensuring expert support for the efficient implementation and ongoing management of advanced security measures.  It includes free installation, policy configuration, reporting and 24x7x365 monitoring and support.
Benefits of Secure Internet Gateway Advantage Plan:
  1. Advanced Network Security: The plan builds upon the essentials by incorporating a Layer 7 firewall and IPS, providing advanced network security measures.
  2. Comprehensive Data Protection: Inline Data Loss Protection enhances data security, preventing sensitive information from unauthorised disclosure and ensuring comprehensive data protection.
  3. Extensive Malware Protection: Cloud malware detection for all supported applications offers extensive protection against a broad spectrum of malware, enhancing the organisation's resilience against cyber threats.
  4. Enhanced Malware Analysis: Secure Malware Analytics with privileges for 3 admin users and unlimited sample submissions allows for more in-depth malware analysis, contributing to improved threat intelligence.
  5. Cost-Effective Scalability: User-based pricing ensures cost-effective scalability, enabling organisations to adapt their security investment to user growth and changing security requirements.
  6. Expert Managed Services Support: Orixcom Managed Services are included, providing organisations with expert support for the implementation and ongoing management of advanced security measures. This ensures efficient security operations.

Cisco Umbrella Case Studies

Hadef & Partners LLC is a leading independent UAE law firm, with more than 100 lawyers based across offices in Abu Dhabi and Dubai. The full-service business law firm has over 40 years of experience and supports local, regional and international clients as well as government entities.

Background

As a legal and compliance firm, Hadef & Partners wanted to ensure a highly secure network to prevent against data loss The business had a number of solutions already in place however, for absolute protection they required a secondary level of defence for ultimate security.

The Solution

Orixcom proposed Cisco Umbrella to give Hadef & Partners network wide visibility of every single device, in every location. Cisco Umbrella also gave the business the ability to detect and prevent any malicious activity, even if their other security coverage has missed the threat

Outcome

Cisco Umbrella comes with the ability to highlight which applications are being used across the business network Outcomes and ROI Ability to detect rogue devices. It allows policies to be put in place around which applications can be used in a business context e.g Sharepoint vs Drop box. This curbs potential data loss and protects reputational damage.

Integration and Compatibility

Cisco Umbrella is designed with a focus on seamless integration and compatibility with various security solutions, making it a versatile choice for businesses looking to bolster their cybersecurity. The integration capabilities of Cisco Umbrella extend to both Cisco's own security ecosystem and third-party tools, ensuring a holistic and collaborative approach to security.

Integration with Cisco Security Solutions:

  1. Cisco Security Platform:

    Cisco Umbrella is part of Cisco's broader security platform, providing integration with other Cisco security products. This includes solutions such as Cisco SecureX, a cloud-native security platform that enables visibility, automation and orchestration across the entire security infrastructure.

  2. Cisco Talos Intelligence:

    Leveraging threat intelligence from Cisco Talos, one of the largest threat intelligence teams globally, Cisco Umbrella integrates real-time insights to enhance its ability to detect and block malicious activities effectively.

  3. Secure Endpoint Integration:

    Integration with Cisco Secure Endpoint allows for a coordinated response to threats. Events detected by Secure Endpoint can trigger actions within Umbrella, ensuring a synchronised and proactive defence.

Compatibility with Existing Infrastructure:

  1. Cloud-Delivered Model:

    Cisco Umbrella operates as a cloud-delivered service, making it inherently compatible with existing infrastructure. Its DNS-layer security doesn't require on-premises hardware, ensuring a smooth transition and minimal disruption to current setups.

  2. Endpoint Compatibility:

    Compatible with various endpoint protection solutions, Cisco Umbrella extends its protection to a wide range of devices and platforms, including Windows, macOS and mobile devices.

  3. Third-Party Integration:

    Cisco Umbrella supports integration with third-party security solutions through open APIs. This interoperability allows organisations to leverage their existing investments in security technologies, creating a cohesive and comprehensive security ecosystem.

  4. SIEM Integration:

    Cisco Umbrella can integrate with Security Information and Event Management (SIEM) systems, providing businesses with centralised visibility into security events and simplifying the incident response process.

  5. APIs for Custom Integrations:

    Cisco Umbrella offers a set of APIs that enable custom integrations with specific tools and applications. This flexibility allows enterprises to tailor their security architecture to meet unique requirements.

How to choose the right Cisco Umbrella plan for your business?

Choosing the right Cisco Umbrella plan for your business involves careful consideration of various factors to ensure that the selected plan aligns with the organisation's size, industry-specific requirements and overall security needs. Here are key factors to consider when making this crucial decision:

1. Organisation Size:

  • Small Business vs. Enterprise: Evaluate whether the organisation is a small business or an enterprise. Cisco Umbrella offers plans tailored to different sizes, with features and pricing structures designed to meet the distinct needs of each.
  • Scalability: Consider the growth trajectory of the organisation. Choose a plan that allows for scalability, ensuring that the selected solution can adapt as the business expands.

2. Industry Compliance:

  • Regulatory Requirements: Different industries have varying compliance standards. Ensure that the selected Cisco Umbrella plan aligns with the specific regulatory requirements of the industry, such as healthcare (HIPAA), finance (PCI DSS), or others.
  • Data Sensitivity: Assess the sensitivity of the data handled by the business. Plans with advanced security features may be essential for industries dealing with highly sensitive information.

3. Security Needs:

  • Threat Landscape: Analyse the organisation's threat landscape. A comprehensive understanding of potential threats will guide the selection of a plan with the appropriate security features, such as advanced threat protection and malware detection.
  • Comprehensive Protection: Consider whether the business needs a basic level of protection or requires more advanced features. Plans like the Cisco Secure Internet Gateway Advantage may be suitable for organisations with heightened security needs.

4. Budget Considerations:

  • Cost vs. Features: Evaluate the budget constraints of the business and compare them with the features offered in each plan. Opt for a plan that strikes the right balance between cost and the required level of security.
  • Value for Investment: Assess the overall value that each plan brings to the organisation. Look beyond the initial cost and consider the long-term benefits and return on investment.

5. Integration with Existing Infrastructure:

  • Compatibility: Ensure that the selected plan integrates seamlessly with the organisation's existing IT infrastructure. Compatibility with current security solutions, networks and applications is crucial for a smooth implementation.
  • Third-Party Integrations: If the business relies on specific third-party security tools, verify that the chosen Cisco Umbrella plan supports integration with these tools through open APIs.

6. Support and Managed Services:

  • Level of Support: Consider the level of support provided with each plan. Some plans may include managed services, offering additional expertise for implementation and ongoing management.
  • Expert Assistance: Assess whether the organisation requires expert assistance in configuring and managing the Cisco Umbrella solution. Plans with Managed Services can provide valuable support in optimising security operations.

FAQs

1. What makes Cisco Umbrella different from other cybersecurity solutions?

Cisco Umbrella sets itself apart in the cybersecurity landscape with a global infrastructure and strategically positioned data centres, ensuring low-latency DNS resolution globally. Leveraging threat intelligence from Cisco Talos, one of the largest threat intelligence teams, Umbrella offers advanced protection against evolving cyber threats. Its cloud-delivered security model eliminates the need for on-premises hardware, providing a cost-effective and scalable solution suitable for businesses of all sizes. Notably, the introduction of the Cisco Umbrella API enhances integration capabilities, allowing seamless incorporation into existing security infrastructures and enabling automated workflows. With DNS-layer security as its foundation, Cisco Umbrella's comprehensive approach, continuous innovation and commitment to staying ahead of emerging threats make it a standout choice in the cybersecurity landscape.

2. Can Cisco Umbrella protect against evolving and emerging threats?

Cisco Umbrella stands at the forefront of cybersecurity, demonstrating a robust capability to protect against evolving and emerging threats. By leveraging advanced threat intelligence from Cisco Talos, one of the industry's largest threat intelligence teams, Cisco Umbrella maintains a proactive defence against a dynamic threat landscape. Its cloud-delivered security model, coupled with a global infrastructure and strategically positioned data centres, enables rapid response to emerging threats with low-latency DNS resolution worldwide. Continuous innovation and a commitment to staying ahead of the curve ensure that businesses who buy Cisco Umbrella benefit from cutting-edge protection against the latest cybersecurity challenges. In essence, investing in Cisco Umbrella is akin to fortifying your digital defences with a solution specifically designed to combat the ever-changing nature of cyber threats.

3. How does the pricing structure accommodate scalability for growing businesses?

The pricing structure of Cisco Umbrella is designed with a keen understanding of the evolving needs of growing businesses, providing a flexible and accommodating model for scalability. Cisco Umbrella employs a user-based pricing approach, allowing businesses to align their investment with their growth trajectory. This model ensures that as the number of users within the organisation expands, the cost scales proportionately, offering a cost-effective solution for businesses of various sizes. This adaptability is particularly advantageous for growing enterprises, enabling them to seamlessly integrate additional users without incurring substantial financial burdens. Cisco Umbrella's pricing structure empowers businesses to scale their cybersecurity measures in tandem with their organisational development, ensuring that the protection it provides remains both comprehensive and accessible throughout the growth journey.