Cisco Umbrella Deployment Options

Deployment without internal domain

For customers that manage internal domains

Uses built-in DHCP server on router, switch, firewall, or Windows Server

DNS IP address is changed to Umbrella

Policy control and visibility is limited to the network’s public facing IP address

Deployment with internal domain

For customers that manage internal domains

DNS server is configured to forward all external

DNS requests for Internet domains to Umbrella

Policy control and visibility is still limited to the network’s public facing IP address.

Deployment Umbrella Virtual Appliance

For customers that require local IP granularity

Supported on VMware and Hyper-V

Internal/external requests sent to VA

VA embeds local IPs for DNS

Deployment Virtual Appliance + AD Connector

For granular control and visibility with AD sync.

Connector service is installed on one DC:

1.Syncs group memberships of users and computers with Umbrella

2.Sends IP to user mapping to VA

VA embeds unique identifiers that Umbrella uses for control & visibility.

Deployement with roaming client

Provide Umbrella’s experience called OFF-Network, the corporate machine is protected no matter where they are.

Captures all DNS traffic locally transparently and redirects from to Umbrella

Supported when on and off VPN

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s