Cisco Umbrella (formerly known as OpenDNS) is a cloud-delivered secure internet gateway that stops current and emergent threats over all ports and protocols. It blocks access to malicious domains, URLs, IPs, and files before a connection is established or a file is downloaded.
The BlueApp for Cisco Umbrella provides functional support to easily ingest data from Cisco Umbrella to USM Anywhere for analysis, and to enable orchestration for triggering actions within Cisco Umbrella based on risks identified in USM Anywhere.
The BlueApp leverages two features from Cisco Umbrella:
- Amazon Simple Storage Service (S3) log management: The BlueApp collects Cisco Umbrella logs through an Amazon S3 bucket.
- Enforcement API: The BlueApp sends response actions to Cisco Umbrella based on the malicious records identified by USM Anywhere.
Note: As the BlueApp for Cisco Umbrella relies on Amazon S3 buckets, it is only compatible if your sensor is deployed in an AWS environment.
All three new Cisco Umbrella packages, DNS Security Essentials, DNS Security Advantage, and Secure Internet Gateway (SIG) Essentials, support both features. Therefore, BlueApp for Cisco Umbrella should work regardless which package you have. See the vendor website for more information about the Cisco Umbrella product packages.
Note: If you are using the old Cisco Umbrella packages (Professional, Insights, and Platform), only the Platform package supports both features. The Insights package does not support Enforcement API, while the Professional package does not support either. Therefore, to fully integrate with the BlueApp, you need to have the Platform package.
Edition: The BlueApp for Cisco Umbrella response actions are available in the Standard and Premium editions of USM Anywhere.
See the Affordable pricing to fit every budget page for more information about the features and support provided by each of the USM Anywhere editions.
Warning: If the BlueApp fails and you receive a message informing you that it has not been loaded, please contact LevelBlue Technical Support to solve the problem.
This topic discusses these subtopics: