Cisco Umbrella

Cisco Umbrella, formerly known as OpenDNS, is a cloud-based domain name resolution service. The Netsurion Open XDR platform offers a solution for configuring and monitoring both events involving single organizations and managed service providers (MSPs).

Netsurion's Open XDR platform seamlessly combines SIEM that facilitates monitoring events retrieved from Cisco Umbrella. Its dashboard, category, alerts, and reports benefit in detecting any suspicious activities analyze the activity logs such as, DNS, proxy, firewall, or IP address.

Once you have configured Cisco Umbrella to deliver events to Netsurion's Open XDR platform, configure the alerts, dashboards, and reports.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Cisco Umbrella - Threat has been blocked This alert is triggered when an event, such as DNS, IP address, firewall, or proxy, is blocked by Cisco Umbrella.

Reports

Type Name Description
Security Cisco Umbrella - Proxy activities This report provides a summary of all the proxy entries by Cisco Umbrella. It contains information such as the URL access by the user, URL category, threat name, timestamp of activity, threat score, action taken on the event, and more.
Security Cisco Umbrella - DNS activities This report provides a summary of all the DNS entries by Cisco Umbrella. It contains information such as the URL access by the user, URL category, timestamp of activity, action taken on the event, and more.
Security Cisco Umbrella - Firewall activities This report provides a summary of all the Firewall entries by Cisco Umbrella. It contains information such as the source IP address, destination IP address, source port, destination port, timestamp of activity, action taken on the event, and more.
Security Cisco Umbrella - IP activities This report provides a summary of all the IP address entries by Cisco Umbrella. It contains information such as the source IP address, destination IP address, source port, destination port, timestamp of activity, action taken on the event, and more.

Documentation

The configuration details are consistent with Netsurion's Open XDR platform version 9.3 or later, and Cisco Umbrella.

Download Integration Guide, and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept