The Umbrella Deployment Documentation Developer Hub

Welcome to the Umbrella Deployment Documentation developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella Deployment Documentation as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Deploying the Chromebook Client

Installation Guide

Follow the instructions below to deploy the Cisco Umbrella Chromebook client to your organization's Chromebooks.

Installation Guide

There are three parts to this installation:

In addition, you can find instructions for removing Cisco Umbrella Chromebook software in the last section of this guide.

Prerequisites

In order to install the Cisco Umbrella Chromebook client, you must:

  • be a G Suite admin account in order to log into admin.google.com.
  • have a valid Umbrella dashboard login.
  • Chromebooks must have Chrome OS v55 or later.

Recommendations

Cisco Umbrella highly recommends the following:

  • In the G Suite Admin Console, disallow the incognito window for Chromebook users
  • In the DHCP server, configure the Cisco Umbrella IP addresses (208.67.222.222 and 208.67.220.220) as the DNS nameserver addresses for all Chromebooks. Communication to these addresses must be allowed on Port 53 in all applicable firewalls and other security perimeter devices in use in your networks.

Implementing Trusted Network Detection

If you are implementing Trusted Network Detection, Cisco Umbrella recommends that you check your DHCP server to make sure that it is providing Chromebook devices with the same VA IP address as other devices on your network.

Part 1: Obtain the configuration file from Umbrella

The configuration file contains the information required for the Cisco Umbrella Chromebook client to work with Umbrella.

  1. Log into dashboard.umbrella.com

  2. Open Deployments, then select Chromebook Users.

  3. Select Configure, then download the configuration file:

VA customers only

To use the Cisco Umbrella Chromebook client in a network with Cisco Umbrella Virtual Appliances, you must add the IP addresses of your VAs to the configuration file before uploading it. Each VA IP addresses must be enclosed in double quotes, comma-separated. This example illustrates a network with two VAs:

"vaIPs":{
  "Value":[
    "192.168.100.10",
    "192.168.100.11"
  ]
}

For a sample of the entire configuration file, see the Trusted Network Detection overview.

Make sure you save the file in a known location. You will upload this file during the installation of the Cisco Umbrella Chromebook client application.

Part 2: Install the Cisco Umbrella Chromebook client extension

  1. Log in to https://admin.google.com:
  1. Select Device Management:
  1. In the Device Management window, select Chrome Management:
  1. In the Chrome Management window, select App Management:
  1. Search for the ID of the Cisco Umbrella Chromebook client extension: jcdhmojfecjfmbdpchihbeilohgnbdci
    (Searching by name will not work.)
  1. Select the Umbrella Client for Chromebook Extension, then select User Settings:
  1. Select the Organization Unit for which to install the Umbrella Chromebook client.
    The Org Units are unique to your organization. This list is an example:
  1. Select Force Install.
    This ensures that Chromebook users in the selected Organization Unit cannot remove or disable the extension.

  2. Select Save.
    You have finished installing the Cisco Umbrella Chromebook client extension. Next proceed with the next section to install the Cisco Umbrella Chromebook client application.

Part 3: Install the Cisco Umbrella Chromebook client Application

  1. Return to the Chrome Management page in admin.google.com

  2. Search for the ID of the Cisco Umbrella Chromebook client application: cpnjigmgeapagmdimmoenaghmhilodfg
    (Searching by name will not work.)

  3. Select the Umbrella Client for Chromebook Application, then select User Settings:

  4. Select the Organization Unit for which to install the application.

  5. Select Force Install.
    This ensures that Chromebook users in the selected Organization Unit cannot remove or disable the application.

  6. Select Save.
    You have finished installing the Cisco Umbrella Chromebook client application. The next step is to upload the Configuration file you previously obtained from Umbrella.

  7. Select Upload Configuration File and upload the file you previously downloaded chromebookconfig.json. VA customers: upload the file you modified as detailed above.

  1. Select Save.
    You have finished installing the Umbrella client and uploading the configuration file.

Installation Caveats

It can take Google four to eight hours to push the Cisco Umbrella Chromebook client to all of your Chromebooks. The Chromebooks must be connected and logged in for the installation to take place.

After the client is installed in a Chromebook, allow a few hours for Chromebook traffic to begin to appear in your Umbrella dashboard.

Apply Policies

To apply your policies to your organization's Chromebooks, see the Cisco Umbrella Chromebook Client Policy Configuration Guide.

Removing Cisco Chromebook client software

To remove the software for a specific user:

  1. Log into your G Suite admin console, then click Users.
  1. Choose a user, then choose Move Organization Group.
  1. Click Change to confirm your choice.

You have finished removing the Chromebook client for that user.

To remove the software for all members of an Organizational Unit (OU):

  1. Follow the instructions for Installing the Cisco Umbrella Chromebook client extension

  2. In step 7, switch the Allow Installation setting to OFF.