The Umbrella Deployment Documentation Developer Hub

Welcome to the Umbrella Deployment Documentation developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella Deployment Documentation as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Cisco Security Connector—Umbrella Setup Guide

The Cisco Security Connector—Umbrella Setup Guide only explains how to configure the Umbrella portion of the Cisco Security Connector (CSC). For information about how to configure your Mobile Device Manager (MDM) system, see your MDM system’s documentation.

The Cisco Security Connector provides visibility and control for organization-owned and MDM managed mobile Apple iOS devices, such as iPhones and iPads. The CSC's Umbrella component directs DNS traffic, including functionality for the intelligent proxy, to the Cisco Umbrella cloud where filtering against malicious sites, such as phishing sites or sites that exfiltrate information, takes place.

The CSC’s Umbrella portion does not require an on-demand or always-on VPN or a full proxy to gain complete visibility and control through cloud security (not locally on the device). This makes for both easier management and simpler, more effective security.

Note: Your iOS mobile device must be supervised and managed by an MDM system.

For more information about the Cisco Security Connector, see Cisco Security Connector (CSC).

Requirements

For the Cisco Security Connector:

One of the following MDM systems:

  • Meraki System Manager (SM) with API access enabled.
    Note: Only System Manager and Combined network types are supported.
  • Apple Configurator 2.5 or higher.
  • MobileIron Enterprise Mobility Management (EMM) On-Prem and Cloud versions 9.4 or higher.
  • Workspace ONE.
  • Generic—Other MDMs may be used to manage your organization-owned iOS mobile device; however, success results may vary. For more information, see Register an iOS Device through a Generic MDM System.
    For information about configuring your specific MDM system, see your MDM system’s documentation or contact your MDM's support team.

You will also need:

  • Cisco Umbrella account.
  • Direct access to the IPv4 IP addresses 208.67.222.222 or 208.67.220.220 is required for IPv4 DNS protection on ports 53 and 443.
  • Direct access to the IPv6 IP addresses 2620:119:35::35 or 2620:119:53::53, or access to IPv4 addresses on ports 53 and 443 through NAT64/DNS64 translation is required for IPv6 DNS protection.
    Note: If DNS protection fails to engage, DNS traffic is not encrypted.
  • The device must be able to communicate with registration.polaris.qq.opendns.com for registration and validation purposes at least once a day.

Optionally

Getting Started

For a quick explanation of how to protect your iOS device with Umbrella through CSS, see Quick Start.

For Umbrella procedures specific to an MDM, see:

For information about configuring your specific MDM system, see your MDM system’s documentation.


Cisco Security Connector—Umbrella Setup Guide > Quick Start