Cisco Umbrella & Meraki: Working together to defeat ransomware (and other threats) Cisco Umbrella & Meraki: Working together to defeat ransomware (and other threats)
When paired with Umbrella, Meraki becomes even more versatile. Cisco Umbrella & Meraki: Working together to defeat ransomware (and other threats)

Malware is not a new problem for IT professionals, however it is still a serious one; even now, in 2018, malware continues to plague businesses, governments, and individuals. Not being sufficiently protected is an invitation for disaster.

Data and identity theft, the loss of valuable IP, even direct theft of money from bank accounts are all possible in today’s ever-more-connected world. And thanks to the rise of “ransomware”, it’s even possible to lose all data on a valuable piece of equipment entirely to a criminal’s clever use of encryption. Furthermore, paying the demanded ransom for the decryption key is no guarantee you’ll get it.

The good news is that although cyber criminals have become more sophisticated, so too have the security experts. Cisco, one of the world’s biggest vendors of networking equipment, has developed a good number of technologies designed to thwart increasingly more sophisticated malware, and protecting any organisation, regardless of size, is a matter of choosing the right one(s) for your needs and deploying it/them.

Introducing Meraki

One of the newer technologies is called Meraki. It’s a cloud-managed security appliance for businesses with branch offices that secures them against cyberattacks with intelligent firewall technologies, advanced malware protection, policy-based routing, and more.

This is important, as branch offices that aren’t closely monitored can make it more challenging to secure the organisation’s network against cyber threats. With Meraki, it’s possible to oversee branch office networks remotely, and make the necessary adjustments to ensure those locations remain protected.

Under One Umbrella

When paired with Umbrella, another Cisco security technology, Meraki becomes even more versatile.

Umbrella is a cloud-delivered network security service that protects Mac OS X and Windows roaming users on and off the company network, regardless of where they go, and even when they aren’t using the company VPN. It offers protection at both the DNS and IP layers, and is able to block malware, phishing attempts, and even command & control callbacks over any port or protocol.

Being able to detect command & control callbacks at the DNS level is particularly useful, as it means Umbrella can block ransomware attacks even when no IP connection is established. That level of protection is like having a burglar caught and arrested even before he’s reached your home.

Umbrella also blocks malicious destinations before Meraki learns of them and complements its other capabilities by adding SSL-decrypted file inspection for risky domains.

And with the increase in the success of ransomware attacks in 2017 and its commensurate growth in popularity, anti-ransomware technology is essential protection to have in 2018.

Cisco AMP

If you’re super serious about protection, Cisco’s AMP – Advanced Malware Protection – is one more anti-malware mechanism that can be added to the Umbrella/Meraki mix.

As we discussed back in January, Cisco AMP can address the “point-in-time limitations of malware detection”, providing insight into network activity that can catch advanced malware that somehow made it past your network’s perimeter defences.

AMP does this by continuously monitoring network activity, comparing it against a benchmark of acceptable behaviour, and flagging up any files that do anything outside of that norm. It’s able to isolate those files, too, preventing them from doing damage while an admin checks them out.

Better together

Individually, each of these protective technologies can help to secure your organisation’s IT infrastructure. But, as you’d expect, they are far better together.

For more information on Cisco’s security technologies or a demo (or both), head over to this page and fill in your details, and a Cisco expert from Tarsus Distribution will contact you directly.

Leave a Reply