TechWiseTV Workshop: Q&A OpenDNS and AnyConnect

2
Q&A © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 2 Simplifying Security: An In-Depth Look into How OpenDNS and AnyConnect Protect Better Together August 30, 2016 Q. Can you talk about if/how Cisco plans to integrate OpenDNS with the other security tools Cisco has recently acquired (i.e., SourceFire, Lancope Stealthwatch), etc. For example, is the DNS information being integrated into SLIC threat feeds for StealthWatch? A. In addition to AnyConnect, we've released integrations with Threat Grid and the ISR 4k series devices. We are actively working on other integrations and will announce them from time to time. Q. Can OpenDNS be configured to blackhole URLs based on GEO location? A. Umbrella does not provide direct control over blocking destinations based on geo location. However we have several geo-based models that automatically identify destinations as suspicious based on geography, including Requestor Geo-Diversity, Sum Geo Distance and Mean Geo Distance. Q. What does one have to purchase to use all of this (hardware/software/subscriptions)? A. No hardware is needed. Software: For remote protection you'll need AnyConnect 4.3.01095 minimum or the Umbrella Roaming Client. For on-network protection there's no software required. Subscriptions: You'll need AnyConnect Plus (if using the integration) and an OpenDNS Umbrella or Cisco Umbrella subscription. Q. What does OpenDNS have to offer to clients who have other VPNs (Pulse Secure, Juniper, Palo Alto, etc.)? A. You can deploy our standalone Umbrella roaming client, which will redirect DNS requests to our global network. We have customers who use many different VPNs along with the Roaming Client. But please note there are many things that AnyConnect provides over and above 3rd party VPN clients (e.g. Network Visibility Module). Q. Will the OpenDNS integration be available for the mobile AnyConnect clients for iPhone, Android and Chrome? A. This is something that is being explored. Q. Just to clarify, if we have a Plus or Apex subscription, the Umbrella license is included? A. AnyConnect Plus and Apex subscriptions include the module but not the Umbrella subscription, so you'll need to purchase a separate Umbrella subscription in order to use the integration.

Transcript of TechWiseTV Workshop: Q&A OpenDNS and AnyConnect

Page 1: TechWiseTV Workshop: Q&A OpenDNS and AnyConnect

Q&A

© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 2

Simplifying Security: An In-Depth Look into How OpenDNS and AnyConnect Protect Better Together

August 30, 2016

Q. Can you talk about if/how Cisco plans to integrate OpenDNS with the other security tools Cisco has recently acquired (i.e., SourceFire, Lancope Stealthwatch), etc. For example, is the DNS information being integrated into SLIC threat feeds for StealthWatch? A. In addition to AnyConnect, we've released integrations with Threat Grid and the ISR 4k series devices. We are

actively working on other integrations and will announce them from time to time.

Q. Can OpenDNS be configured to blackhole URLs based on GEO location? A. Umbrella does not provide direct control over blocking destinations based on geo location. However we have

several geo-based models that automatically identify destinations as suspicious based on geography, including Requestor Geo-Diversity, Sum Geo Distance and Mean Geo Distance.

Q. What does one have to purchase to use all of this (hardware/software/subscriptions)? A. No hardware is needed. Software: For remote protection you'll need AnyConnect 4.3.01095 minimum or the

Umbrella Roaming Client. For on-network protection there's no software required. Subscriptions: You'll need AnyConnect Plus (if using the integration) and an OpenDNS Umbrella or Cisco Umbrella subscription.

Q. What does OpenDNS have to offer to clients who have other VPNs (Pulse Secure, Juniper, Palo Alto, etc.)? A. You can deploy our standalone Umbrella roaming client, which will redirect DNS requests to our global network.

We have customers who use many different VPNs along with the Roaming Client. But please note there are many things that AnyConnect provides over and above 3rd party VPN clients (e.g. Network Visibility Module).

Q. Will the OpenDNS integration be available for the mobile AnyConnect clients for iPhone, Android and Chrome? A. This is something that is being explored.

Q. Just to clarify, if we have a Plus or Apex subscription, the Umbrella license is included? A. AnyConnect Plus and Apex subscriptions include the module but not the Umbrella subscription, so you'll need to

purchase a separate Umbrella subscription in order to use the integration.

Page 2: TechWiseTV Workshop: Q&A OpenDNS and AnyConnect

© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 2

Q. Is the AnyConnect Plus or Apex License available for the ASA Service Modules? Currently we just have the essentials license. A. AnyConnect Plus replaces Essentials while Apex replaces Premium/Shared. See

http://www.cisco.com/c/dam/en/us/products/collateral/security/anyconnect-og.pdf for more info.

http://www.cisco.com/c/dam/en/us/products/collateral/security/anyconnect-og.pdf

TechWiseTV Workshop: Firepower Next Generation Firewall

TechWiseTV Workshop: Firepower Next Generation Firewall

Building OpenDNS Stats

Building OpenDNS Stats

TechWiseTV Workshop: Cisco ONE

TechWiseTV Workshop: Cisco ONE

Docker with BGP - OpenDNS

Docker with BGP - OpenDNS

OpenDNS Cloud-Security & Threat Intelligence - Cisco · OpenDNS Cloud-Security & Threat Intelligence . 2 CONFIDENTIAL AUTHORITATIVE DNS Owns and publishes ... SporB_OpenDNS_Advanced

OpenDNS Cloud-Security & Threat Intelligence - Cisco · OpenDNS Cloud-Security & Threat Intelligence . 2 CONFIDENTIAL AUTHORITATIVE DNS Owns and publishes ... SporB_OpenDNS_Advanced

OpenDNS presenter pack

OpenDNS presenter pack

OpenDNS Enterprise Dashboard Tour

OpenDNS Enterprise Dashboard Tour

OpenDNS - a biztos alap

OpenDNS - a biztos alap

TechWiseTV Workshop: Cisco Developer Program

TechWiseTV Workshop: Cisco Developer Program

Anyconnect guide

Anyconnect guide

Securerank ping-opendns

Securerank ping-opendns

TechWiseTV Workshop: Cisco CloudCenter (CliQr)

TechWiseTV Workshop: Cisco CloudCenter (CliQr)

TechWiseTV Workshop: Encrypted Traffic Analytics

TechWiseTV Workshop: Encrypted Traffic Analytics

Configuring Home Network With OpenDNS .

Configuring Home Network With OpenDNS .

Simulating Networks Using Cisco Modeling Labs (TechWiseTV Workshop)

Simulating Networks Using Cisco Modeling Labs (TechWiseTV Workshop)

TechWiseTV Workshop: Enterprise NFV

TechWiseTV Workshop: Enterprise NFV

opendns Global Network - Cisco Umbrellainfo.opendns.com/rs/opendns/images/TD-Umbrella-Delivery-Platform.pdf · TRANSIT PEER PEER PEER PEER TRANSIT OpenDNS Peering Sessions Shorten

opendns Global Network - Cisco Umbrellainfo.opendns.com/rs/opendns/images/TD-Umbrella-Delivery-Platform.pdf · TRANSIT PEER PEER PEER PEER TRANSIT OpenDNS Peering Sessions Shorten

Data Sheet: OpenDNS Enterprise Insights

Data Sheet: OpenDNS Enterprise Insights

TechWiseTV Workshop: OpenDNS and AnyConnect

TechWiseTV Workshop: OpenDNS and AnyConnect

TechWiseTV Workshop: Digital Building Switches

TechWiseTV Workshop: Digital Building Switches