The Umbrella Documentation Hub

Welcome to the Umbrella documentation hub. Here you'll find access to all of our Cisco Umbrella user guides.

Get Started    

Deploy the Chromebook Client

The Cisco Umbrella Chromebook client provides DNS layer protection for Chromebook users when they are both on and off your network. Deploying the Umbrella Chromebook client is a multi-step process:

Prerequisites

  • G Suite admin account
  • Umbrella login credentials
  • Chromebooks with Chrome OS v55 or later
  • Chromebooks are not in Kiosk mode
  • Port 53 UDP accessible to 208.67.220.220 and 208.67.222.222
  • https://registration.polaris.qq.opendns.com is accessible
  • Chromebooks must be connected and logged in

Recommendations

  • Cisco Umbrella root certificate installed
    To avoid certificate errors when accessing an Umbrella block page, you must install the Cisco Umbrella root certificate on your Chromebooks. See Install the Cisco Umbrella Root Certificate.
    For more information on how to deploy certificates, see Set up TLS (or SSL) inspection on Chrome devices.
  • In the G Suite Admin Console, disallow the incognito window.
    From the Incognito mode menu, choose Disallow incognito mode.

Trusted Network Detection

If you are implementing Trusted Network Detection, we recommend that you check your DHCP server and confirm that it is providing Chromebook devices with the same virtual appliance (VA) IP address as other devices on your network.

Step1: Download the Configuration File from Umbrella

The configuration file contains information required by the Cisco Umbrella Chromebook client so that it can operate with Umbrella.

  1. Navigate to Deployments > Core Identities > Chromebook Users and click Configure.
  1. Download the configuration file.
    Note: Save this file to a known location. You will copy the configuration from this file during the installation of the Cisco Umbrella Chromebook client application.
  1. Install the Umbrella Chromebook Client extension. See Step 2: Install the Cisco Umbrella Chromebook Client Extension.

Cisco Umbrella Virtual Appliances

To use the Cisco Umbrella Chromebook client in a network with Umbrella VAs, you must add the IP addresses of your VAs to the configuration file before uploading it. Each VA IP address must be enclosed in double quotes and be comma-separated. For example:

"vaIPs":{
  "Value":[
    "192.168.100.10",
    "192.168.100.11"
  ]
}

For an example of the complete configuration file, see Trusted Network Detection.

Step 2: Install the Cisco Umbrella Chromebook Client Extension

  1. Log into https://admin.google.com.
  1. Search for Device Management and then open it.
  2. In the Device Management window, select Chrome Management.
  3. In the Chrome Management window, select Apps & Extensions.
  1. Choose the organization unit into which to deploy the Cisco Umbrella Chromebook client Extension and App from the Organization Unit menu.
  2. Click + and choose Add from Chrome Web Store.
  1. Search for jcdhmojfecjfmbdpchihbeilohgnbdci and then click Select.
    The extension is added to the selected organization unit.
    Note: You cannot search by name.
  1. Select the Organization Unit where you want to install the Umbrella Chromebook client.
    Note: Organization units are unique to your organization.
  1. Select Force Install.
    This ensures that Chromebook users in the selected Organization Unit cannot remove or disable the extension.
  2. Select Save.
    The Cisco Umbrella Chromebook client extension is installed.
  1. Install the Umbrella Chromebook Client application. See Step 3: Install the Cisco Umbrella Chromebook Client Application.

Step 3: Install the Cisco Umbrella Chromebook Client Application

  1. Return to the Chrome Management page at admin.google.com.
  2. Search for the ID of the Cisco Umbrella Chromebook client application: cpnjigmgeapagmdimmoenaghmhilodfg
    Note: You cannot search by name.
  1. Select the Umbrella Client for Chromebook Application and then select User Settings.
  1. Select the Organization Unit where the application will be installed.
  2. Select Force Install.
    This ensures that Chromebook users in the selected Organization Unit cannot remove or disable the application.
  1. Click Save.
    The Cisco Umbrella Chromebook client application is installed.
  2. Copy the configuration from the configuration file downloaded during Step1: Download the Configuration File to Policy for Extensions.
  1. Click Save.
    The Umbrella client is install and the configuration file uploaded.
    It can take Google upwards of eight hours to push the Cisco Umbrella Chromebook client to all of your Chromebooks. After the client is installed in a Chromebook, allow a few hours for Chromebook traffic to begin appearing in your Umbrella dashboard.
    Note: Chromebooks must be connected and logged in.
  2. Apply policies to your organization's Chromebooks. For more information, see Add a Chromebook Specific Policy.

G Suite Identity Service < Deploy the Chromebook Client > Filter Content with Public Session Support

Updated about a month ago

Deploy the Chromebook Client


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.