How To Strengthen Your Organization’s Malware Defense Program
Security Solutions Architect Michael O’Connell provides an overview of how to strengthen your organizations’ Malware Defense Program with Cisco Umbrella Secure Internet Gateway
By Michael O’Connell, Security Solutions Architect at Aspire Technology Partners
Today’s threat landscape is a dynamic, ever-expanding, formidable challenge for businesses of every kind. This has been exacerbated by the COVID-19 pandemic with many of us still have a fully remote or hybrid workforce. Few of us are in the office full-time, five days a week, 50+ weeks out of the year. That’s changed everything about the way we work — including the need to strengthen our organizations’ defense against malware, cyber-attacks and other hazards.
Cisco Umbrella Secure Internet Gateway (SIG) can reduce your exposure to risk and improve the performance of both your technology and your teams — all without complex management or overhead.
Secure Internet Gateway (SIG) is a single, cloud-delivered service that deploys easily and scales according to your business needs. On a recent episode of the Digital Aspirations in Business podcast, I shared five reasons why SIG can take your organization to the next level.
1. Full proxy functionality: Protect your assets, no matter where they are (or where they’re accessed from).
With today’s hybrid workforce, you need a way to guarantee you can protect your corporate assets from malicious activity, no matter where users access them.
Cisco Umbrella gives you the ability to protect internet access across your network devices, whether your team members are connecting from your corporate headquarters, branch offices, their homes or Starbucks locations around the world.
Specifically, the Secure Internet Gateway (SIG) feature built into Umbrella gives you an additional layer of security. You can block requests to and from malicious or unwanted destinations even before a connection is established. That’s because SIG provides advanced, secure, web gateway full proxy functionality.
That gives you the ability to filter content by category or even specific URLs. You can even scan all uploaded and downloaded files for malware using Cisco Secure Endpoint (formerly known as Cisco AMP Engine), which gives you a backend integration into Cisco’s Threat Grid.
The Threat Grid analyzes any suspicious files and allows you to block certain file types from being downloaded by remote users not logged in via VPN. Plus, you can block executable files from being pulled down and run on any remote device. And you can manage it all via a single pane of glass.
2. Add-on capability for each remote user: Customize features for legacy appliances (or any individual device).
Do you maintain legacy firewall appliances that can’t handle next-gen Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) functionalities? Maybe you’re dealing with appliances that don’t have URL features or an end-of-life device that doesn’t have any next-gen protection. You need a solution you can implement side-by-side with your existing architecture.
Because Umbrella SIG can be deployed as an add-on for individual remote users, you can tailor its features and license levels to specific devices. And you can connect them all to your cloud infrastructure (which can replace that end device firewall, while you’re at it). There are as many use cases as there are customers.
Here’s one scenario: Many legacy infrastructures don’t have the ability for us to see what’s encrypted on an HTTPS site. With the full proxy capability of Cisco’s Umbrella SIG, I can conduct full or selective SSL decryptions to further protect my organization from cyber-attacks, viruses and other risks. That’s what today’s security landscape demands.
3. PCI/PII compliance made easy: Prevent data loss with a single click.
I often help organizations prepare to become Personal Confidential Information (PCI) and Personal Identifiable Information (PII) compliant. Because Cisco Umbrella SIG has Data Loss Prevention enabled, it can analyze sensitive data in line to prevent it from leaving an organization.
That data might be social security numbers, full names or billing information. It’s vital to safeguard that information to protect both organizations and their employees from (knowingly or unintentionally) transferring it outside the corporate threshold.
One such client was a grocery chain with several branch offices. The company had multiple different storage appliances with end-of-life, end-of-support, Layer 1 through 4 firewalls. They needed to streamline their IT staff. We were able to set up Umbrella SIG’s cloud-delivered firewall alongside their infrastructure.
Now, their management and reporting are done through a single pane of glass. Their engineers can deploy multiple, customizable policies via IP, port, protocol, the SIG application, or an Intrusion Protection System (IPS). They can push those policies to eight different remote sites with a simple click — no need to log into each individual one and repeat the same process over and over every time.
4. Higher level detection and full visibility: Talos and SNORT 3 integration.
The Umbrella SIG cloud-delivered firewall option offers full-layer, seven application visibility and control, which enables you to identify thousands of applications and block or allow them. SIG also includes Cisco’s version of the new SNORT 3 technology, an updated IDS/IPS signature-based detection agent — built right into the platform.
What does that mean for our clients?
For one, their engineers can sleep through the night. If there’s a bad actor making a malicious threat on the other side of the globe, Telos will automatically update their cloud-delivered firewall to prevent the attack.
The firewall is sound, and no engineers get a 3 a.m. wake-up call. After all, few organizations have a dedicated team member sitting on their firewall 24/7, 365.
5. Next-gen protection means you can do… just about anything else.
Our grocery-chain client was able to simplify and reduce their IT overhead. If that’s your goal too, you can absolutely achieve it.
But you’ll most likely find, like many of our clients do, that Umbrella SIG and its suite of tools streamlines everything. Their engineers are freed up to do additional tasks. Gone are the days when each employee has a dedicated job (like “firewall guru”). Now, they can make the most of their most precious resources — their people — because the protection Umbrella SIG offers has changed the game.
While every enterprise is unique, they all share a common need to secure and protect their human and digital resources.
If you’d like to learn more about what Cisco Umbrella SIG can do for you and your company, contact us at Aspire Technology Partners. We’re a four-time Cisco master specialized partner, and we can build you a custom proof-of-concept environment with a full demo. Please send an email to Cybersecurity@aspiretransforms.com.
Aspire Technology Partners is a Cisco Gold Certified Partner engrained in solution pillars that set us apart as a true Cisco solutions provider. We are committed to the continuous improvement of expertise and skillsets around Cisco initiatives that enable us to help and guide customers in the adoption and management of technology architectures designed to transform their organization. We hold Cisco Master Specializations in Collaboration, Security, Cloud & Managed Services and is one of only 25 partners in the US to receive the Cisco Advanced Customer Experience Specialization.