ADMUMB: Administering and Positioning Cisco Umbrella Operations

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the Internet. Administering and Positioning Cisco Umbrella Operations v2.1 training (ADMUMB) teaches students how Cisco Umbrella works and what the key features are. Students who enter the course with a basic understanding of Cisco products and IT solutions will be able to describe the Cisco Umbrella, understand Secure Internet Gateway and Ransomware Protection, discuss Threat Intelligence, use Cisco Roaming Client.

Upcoming Dates

Apply
Class Date Class Hours Location GTR Price  

Prerequisites

  • Basic understanding of Cisco products and solutions

What's Included

  • Comprehensive study materials and official Cisco courseware
  • Remote lab access

Course Objectives

After completing this course, you will be able to:

  • How to describe and position Cisco Umbrella
  • Discuss Secure Internet Gateway and Ransomware Protection
  • Learn about DNS & IP layer enforcement & Intelligent Proxy
  • Describe Command and control callback blocking
  • Discuss Threat Intelligence
  • Compare Umbrella Packages
  • Understand Roaming Security
  • Basic understanding of Cisco Roaming Client
  • Understand how to use Cisco Umbrella Virtual Appliance
  • Explain the ease of Integrating Cisco Umbrella into Active Directory
  • Discuss Umbrella Reporting
  • Understand Utilize Multi-Organization Tools

Course Outline

Module 1: Describe Cisco Umbrella

  • What is Umbrella
  • Enforcement
  • DNS Overview
  • Why DNS?
  • Co-occurrence Model
  • Spike Rank Model
  • Predictive IP Space Monitoring
  • Connecting to Umbrella

Module 2: Umbrella Deployment Options

  • DHCP Server
  • DNS Server Forwarders
  • Recursive DNS
  • DNS Forwarders

Module 3: Configure Policy Components – Part 1

  • Destination Lists
  • Content Categories
  • Application Settings
  • Tenant Controls
  • Security Settings

Module 4: Configure Policy Components – Part 2

  • Block Page Appearance
  • Integrations
  • Selective Decryption Lists
  • Bypass Users
  • Bypass Codes

Module 5: Umbrella Policies-DNS, Firewall and Web

  • Umbrella Policies
  • Umbrella Policies – DNS
    • SSL Decryption
    • Identities
    • Security Categories
    • Content Access
    • Control Applications
    • Destination Lists
    • File Analysis
    • Block Page
    • Bypass Users and Bypass Codes
    • Policy Summary
  • Umbrella Policies: Web
    • PAC File and SAML
    • HTTPS Inspection
    • File Analysis
    • File Type Control
  • Umbrella Policies: Firewall
    • Firewall Rule
    • IPSec Parameters
    • Network Tunnel Requirements
    • Network Tunnel Configuration
    • Policy Tester

Module 6: Integrating Umbrella with Active Directory

  • Benefits
  • Umbrella Virtual Appliances (VAs)
  • Virtual Appliance Requirements
  • Firewall/ACL Requirements
  • Virtual Appliance with a HTTP/HTTPS Proxy
  • Virtual Appliance Deployment
  • Configure Virtual Appliance
  • Active Directory (AD) Integration
  • Active Directory Prerequisites
  • Umbrella AD Components
  • Connect Active Directory to Umbrella

Module 7: Umbrella Roaming Security-Roaming Client

  • Umbrella Roaming Security-Roaming Client
  • Prerequisites
  • Downloading the Umbrella Roaming Client
  • Umbrella Status
  • Identity Support
  • Prerequisites for Active Directory Integration

Module 8: Umbrella Roaming Security-AnyConnect Roaming Security

  • Supported Operating Systems
  • Deployment Steps

Module 9: Cisco Umbrella DNS Mobile Security

  • Apple iOS Devices
    • Requirements
    • Installation
    • Android OS Devices
    • Prerequisites
    • Download the Umbrella Android Configuration
  • Push the Umbrella Certificate to Devices

Module 10: User Account Management

  • Manage Accounts
  • Manage User Roles

Module 11: Umbrella Reporting

  • Umbrella Built-in Reports
  • Overview Page
    • Report Scheduling
    • Security Activity Report
    • Activity Search Report
    • Admin Audit Log

Module 12: Umbrella Investigate

  • Domain Summary View
  • Umbrella Risk Score
  • Timeline Section
  • DNS Resolution Table
  • WHOIS Record Data
  • GeoIP Section
  • Investigate Sample View
  • Security Features
  • IP Addresses Section
  • Subdomain Section
  • Co-occurrences Features

    Module 13: Umbrella Multi-Organization

    • Multi-org Console
    • Centralized Reports
    • Centralized Settings
    • Org Management
    • Admins and Delegated Admins

    Module 14: Integrating Umbrella within Cisco SecureX

    • Cisco SecureX Ribbon
    • Create Cisco SecureX Account
    • Add an Integration Module
    • Cisco SecureX Dashboard

    Labs

    • Lab 1: Deploying Cisco Umbrella
    • Lab 2: Configuring Umbrella Policy Components
    • Lab 3: Configuring Umbrella DNS Policy
    • Lab 4: SIG Integration
    • Lab 5: Cloud Firewall Integration
    • Lab 6: Active Directory Integration using the Virtual Appliance
    • Lab 7: Deploying Umbrella Roaming Client
    • Lab 8: Deploying AnyConnect Roaming Security
    • Lab 9: Umbrella User Account and Roles Management
    • Lab 10: Umbrella Reporting
    • Lab 11: Leveraging Umbrella Investigate
    • Lab 12: SecureX Integration Walk Through Demo