Whitelist Only Feature Added to Cisco Umbrella

Cisco has announced it has added a new whitelist only feature to Cisco Umbrella. The whitelist only option allows organizations to restrict Internet access to a small number of secure websites, and block access to the rest of the Internet.

User are able to access the whitelist only option via their Umbrella dashboard. When the whitelist only option is set, all domains will be blocked by default and will be inaccessible. Any attempt made by an end user to visit a website that has not been added to the whitelist will be blocked before a connection is made. Any individual that attempts to access an unauthorized website would be presented a block page or the user could be directed to a specific URL.

The setting can be applied to an existing rule or a new rule can be created. The whitelist only option can be set for the entire organization, for a particular network, for user groups, individual users or certain devices. The whitelist option will disable category lists and blocklists and will only allow sites to be added via allow lists. The whitelist can be used for domains or URLs.

While the whitelist only option is not often used by companies, it does provide an opportunity to increase security for the entire organization or certain users and devices. This level of control is ideal for organizations that want maximum protection from data leaks and malware. It gives them the opportunity to lock down their network – something which is necessary when the risk associated with Internet access is considered too great. Internet access can therefore be granted only for websites that have been approved by the IT department.

Since this level of control can cause headaches and prevent users from performing essential work duties, it is a control that is best applied to individual users or specific devices, for example, certain servers that only have Internet access for very limited functions.


Should I start filtering Internet access for employees?

Providing employees with unrestricted access to the Internet can cause productivity, legal, and compliance issues. A web filter can be used to carefully control the categories of website – or individual sites – that can be accessed by employees, whether they are on-site or working remotely. Web filters are also important for blocking web-based threats such as malware and phishing attacks.

How does a web filter protect against phishing?

Web filters use blacklists of known malicious websites and are usually updated with the latest threat intelligence and block access to phishing websites within seconds of URLs being identified as malicious. Instead of loading the web content, users will be directed to a local block page and told the URL cannot be accessed due to policy violations.

How much does Cisco Umbrella Cost?

Cisco Umbrella is sold as three packages, from a basic web filter for controlling content to a comprehensive web security solution. The price is variable depending on the package, level of support required, and number of users. The starting price for 100 users for the basic package is $2.25 per user per month, although many users will pay $2.70 per user per month to get the features they need.

What other web filtering products provide similar features?

There are many Cisco Umbrella alternatives that provide a similar level of features, often at a much lower cost. Some Cisco Umbrella alternatives that are worth comparing and adding to your shortlist include WebTitan from TitanHQ, Webroot DNS, ZScaler Internet Access, Forcepoint Web Security, and Barracuda Web Security Gateway.

What should I consider when choosing a web filtering solution?

Aside from the cost of a solution, consider how easy the solution is to use and the level of support provided. Check out reviews from business users to get a better idea of how the solutions and the solution providers perform. Capterra, GetApp, Software Advice, Expert Insights, and G2 are useful for getting insights from genuine business users of software solutions.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.