January 24, 2022
Cisco Secure Edge (Umbrella) DNS Security Integration With Cisco SD-WAN
Traditional methods of backhauling Internet-bound traffic from branches to a data center for traditional security services is expensive and latency intensive. Many organizations are improving their network infrastructure by adopting a SASE (Secure Access Services Edge) architecture. Cisco SD-WAN and Cisco Secure Edge (formerly Umbrella) SASE integrations give organizations the ability to leverage cloud-delivered security in minutes. This demonstration is designed to give an overview of the integration between Umbrella DNS Layer Security and Cisco SD-WAN.
Below is a summary of the configuration used in this video demonstration. Always consult the product documentation to ensure your configuration settings are correct for your deployment.
1. Generate an Umbrella Network Devices API/Secret Key pair from the Umbrella Dashboard.
2. Configure Cisco Umbrella Registration in vManage
You can manually enter the registration information or you can add your Smart Account credentials to vManage to enable automatic retrieval of Umbrella Organization ID, (Registration) API Key, and Secret.
3. Configure a DNS security policy in vManage.
4. Configure a DNS security policy in vManage.
5. Confirm in the Umbrella Dashboard that your network device is active.
DNS Layer Security is the first line of defense within the security stack. Securing traffic at the DNS and IP Layers and blocking requests to malicious and unwanted destinations before a connection is even established is a key step to protect the network. Umbrella delivers these capabilities as part of their security offerings and, along with the easy management and deployment of Cisco's SD-WAN solution, it creates a very streamlined integration that can scale to the deployment of hundreds or thousands of sites within minutes.
Explore more in the Cisco SD-WAN and Umbrella integration self-guided lab.