45. Where does Umbrella fit?
Malware
C2 Callbacks
Phishing
HQ
Sandbox
NGFW
Proxy
Netflow
AV AV
BRANCH
Router/UTM
AV AV
ROAMING
AV
First line
Benefits
Block malware before
it hits the enterprise
Contains malware
if already inside
Internet access is faster
Provision globally in minutes
46. Cisco Talos feeds
Cisco WBRS
Partner feeds
Custom URL block list
Requests for “risky” domainsIntelligent proxy
URL inspection
File inspection
AV Engines
Cisco AMP
ENFORCEMENT
47. Visibility challenge
CIO
“I know about ~40 cloud
apps but there are others
that we aren’t aware of…
maybe double that number.”
Expectations Reality
“We use 3 or 4
collaboration apps.”
~1,200 cloud apps in use
> 20 collaboration apps in use
48. Shadow IT - App Discovery
Visibility
Optimization
and
enablement
App and risk
insight
55. Cisco Cloudlock addresses organizations’ most critical
cloud security use cases
Discover and Control
User and Entity
Behavior Analytics
Cloud Data Loss
Prevention (DLP)
Apps Firewall
OAuth Discovery and
Control
Shadow IT
Data Exposures
and Leakages
Privacy and
Compliance Violations
Compromised
Accounts
Insider Threats
56. Example: Protect Data in Office 365
See what users are
uploading
See what users are sharing
Prevent data loss via
outgoing email
Protect sensitive
content in transit
Do I know what my
users are uploading to
Office 365?
Do I know how sensitive
information is being
shared?
Is sensitive data
inadvertently
getting out?
Are my users encrypting
emails appropriately?
58. Automatically Remove Risky Files: Auto-remediation
Combat stealthy malware that evades initial detection
Cisco Email Security
Cisco
AMP Cloud
Office 365
Is the attachment malicious?
Clean - deliver the email
Malicious
Auto-remediate
59. Superior Threat Intelligence with Cisco Talos
Monitors 600 billion emails per day to provide more broad visibility
Sender analysis File analysis URL analysis