Enabling Cloudlock via WSA (11.5)
Figure 8-8 illustrates Cisco Cloudlock enablement workflow using WSA.
Figure 8-8 Cisco Cloudlock enablement workflow using WSA
Figure 8-9 shows the Cisco Cloudlock onboarding page for signing in and signing up.
Figure 8-9 Cisco Cloudlock onboarding page (sign-in and sign-up)
The new radio button for Cloudlock log subscription has the following features:
• It is preselected when it is triggered from the Cloudlock settings page.
• Preselected fields and parameters are sent to Cloudlock.
• The admin enters SCP-related information and clicks Submit.
Figure 8-10 illustrates Cisco Cloudlock log subscription configuration.
Figure 8-10 Cisco Cloudlock log subscription configuration
Figure 8-11 shows the Cisco Cloudlock settings configuration page.
Figure 8-11 Cisco Cloudlock settings configuration
Figure 8-12 shows the Cisco Cloudlock “Add a New Log Source” process.
Figure 8-12 Cisco Cloudlock “Add a New Log Source” process
Figure 8-13 shows the Cisco Cloudlock “Add a New Log Source” SCP configuration process.
Figure 8-13 Cisco Cloudlock “Add a New Log Source” SCP configuration process
The Evolution of Cloud Security Service
Figure 8-14 illustrates the timeline of Cisco Cloudlock and Umbrella integration.
Figure 8-14 Cisco Cloudlock and Umbrella integration
To help organizations embrace direct Internet access, in addition to DNS-layer security and interactive threat intelligence, Cisco Umbrella now includes secure web gateway, firewall, and CASB functionality, plus integration with Cisco SD-WAN, delivered from a single cloud security service. Figure 8-15 illustrates multiple security functions in a single cloud security service Cisco Umbrella.
Figure 8-15 Multiple security functions in a single cloud security service Cisco Umbrella
DNS-Layer Security
Umbrella’s DNS-layer security provides the fastest, easiest way to improve your security. It helps improve security visibility, detect compromised systems, and protect your users on and off the network by stopping threats over any port or protocol before they reach your network or endpoints.
Secure Web Gateway
Umbrella’s secure web gateway logs and inspects web traffic for full visibility, URL and application controls, and protection against malware. Use IPsec tunnels, PAC files, or proxy chaining to forward traffic to our cloud-based proxy to enforce acceptable use policies and block advanced threats.
Firewall
Umbrella’s firewall logs all activity and blocks unwanted traffic using IP, port, and protocol rules. To forward traffic, simply configure an IPsec tunnel from any network device. As new tunnels are created, policies are automatically applied for easy setup and consistent enforcement everywhere.