Umbrella offers a broad set of security functions that until now required separate firewall, web gateway, threat intelligence, and cloud access security broker (CASB) solutions.
Umbrella DNS is resolved first. It is the first check for malicious or unwanted domains and is based on the defined DNS policies. This reduces the quantity of traffic that is sent to the CDFW and SWG, improving responsiveness and performance
All traffic that has made it through DNS checks will be inspected by the CDFW. The firewall provides visibility and control for outbound internet traffic across all ports and protocols (L3/L4) as well as L7
The SWG will inspect any traffic that is destined for 80/443 after it has been permitted by the CDFW to provide a deeper security inspection. It will also apply application, visibility and control policies.
Umbrella’s cloud access security broker (CASB) detects and reports on cloud applications in use across your environment while Umbrella data loss prevention (DLP) analyzes sensitive data to provide visibility and control over sensitive data to avoid data exfiltration.