Cisco Umbrella Alternatives

Cisco Umbrella is the name of the former OpenDNS Enterprise service that was acquired by Cisco in 2015. Like its predecessor, Cisco Umbrella has multiple security features to help businesses better protect their networks, data, and employees from web-borne threats such as malware, ransomware and phishing.

Cisco Umbrella typifies the evolution of network security in the last decade. In 2009, OpenDNS Enterprise was launched – an enterprise-grade network security platform that had grown from the original free-to-use OpenDNS web filter for personal and family use. Features were added over time to enable businesses to integrate OpenDNS Enterprise with management tools such as Active Directory and Threat Intelligence Programs such as PhishMe and Splunk.

OpenDNS Umbrella was launched in 2012 to enforce web filtering policies beyond the corporate network. This product was incredibly popular among larger enterprises due to the growth of BYOD policies as it enabled IT admins to apply security policies to mobile employees and those who used their personal devices for both work and personal activities. Now, IT admins could define policies, provision devices, and view reports across users, sites, networks, groups, and devices.

Cisco Acquires OpenDNS

In 2015, Cisco acquired OpenDNS in a deal worth a reported $635 million and rebranded OpenDNS Umbrella as Cisco Umbrella (the free-to-use Home and Family versions of OpenDNS retained their existing names). Cisco also restructured the product to provide three levels of service to customers – the first (“Professional”) being equivalent to the former OpenDNS Enterprise service, with more advanced security features packaged into the “Insights” and “Platform” services.

Professional Insights Platform
Block malware, ransomware, phishing, and C2 callbacks Block direct IP connections at the IP-layer Deploy pre-built integrations that work with 10+ security providers
Protect users anywhere they go, on and off the corporate network Identify targeted attacks by comparing local vs. global activity Leverage custom API to easily integrate with other systems
Stop malicious domain requests and IP responses at the DNS-layer Identify cloud, shadow IT, & IoT usage risks by reporting on 1800+ services Gain context about what Umbrella is blocking and why
Real-time, enterprise-wide activity search & scheduled reports Enforcement & visibility per internal network or AD user/group See attacks as they form and prioritize incident investigations
Enforce acceptable use policies using 80+ content categories Proxy risky domains for URL and file inspection using AV engines and Cisco AMP Note 1: A customized package is available for schools and universities.
Create custom block/allow lists (blacklists/whitelists) Retain client-managed or Cisco-managed logs with AWS integrated S3 bucket Note 2: Customer Support packages have to be purchased separately.

The Benefits of Cisco Umbrella

At the basic “Professional” level, Cisco Umbrella is easy to set-up, configure and administer. Filtering policies can be applied universally, by group, or by individual user in order to block access to undesirable websites and those known to harbor malware and ransomware. At the “Insights” and “Platform” levels, Cisco Umbrella integrates easily with other security solutions to deliver live threat intelligence.

Depending on your organization´s specific security requirements, you can chose which of the three levels best suits your requirements. Customers who choose the “Insights” level also benefit from the features of the “Professional” level, while customers who opt for the “Platform” level of service benefit from the features of both the “Insights” level and the “Platform” level.

Cisco Umbrella Alternatives

Cisco Umbrella isn´t for everyone and there are Cisco Umbrella Alternatives. Some customers feel Cisco´s prices are too high at the “Professional” level compared to alternative web filtering solutions that also include some of the features of the “Insights” and “Platform” levels. Other customers are unhappy with having to purchase a support package in order to get telephone support rather than email support.

Costs aside, there are some known issues with regard to “safesearch” and Cisco Umbrella´s use of the AnyCast network for routing web traffic – the latter issue possibly affecting businesses in regulated industries when data crosses different cloud regions. There is also no option for businesses to host Cisco Umbrella locally, or for Managed Service Providers to rebrand Cisco Umbrella as their own product.