The Umbrella Deployment Documentation Developer Hub

Welcome to the Umbrella Deployment Documentation developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella Deployment Documentation as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Deploy the Chromebook Client

Installation Guide

Follow the instructions below to deploy the Cisco Umbrella Chromebook client to your organization's Chromebooks.

Installation Guide

There are three parts to this installation:

In addition, you can find instructions for removing Umbrella Chromebook software in the last section of this guide.

Prerequisites

To install the Cisco Umbrella Chromebook client, you must:

  • Be a G Suite admin account in order to log into admin.google.com
  • Have a valid Umbrella dashboard login
  • Chromebooks must have Chrome OS v55 or later
  • Chromebooks are not in Kiosk mode
  • Port 53 UDP accessible to 208.67.220.220 and 208.67.222.222
  • https://registration.polaris.qq.opendns.com is accessible

Recommendations

Cisco Umbrella highly recommends the following:

  • In order to avoid certificate errors when accessing the block page, you must install the Cisco Root CA on your Chromebooks. See Download the Certificate. Refer to Google's documentation for instructions on how to deploy certificates.
  • In the G Suite Admin Console, disallow the incognito window for Chromebook users

Implementing Trusted Network Detection

If you are implementing Trusted Network Detection, Cisco Umbrella recommends that you check your DHCP server to make sure that it is providing Chromebook devices with the same VA IP address as other devices on your network.

Part 1: Obtain the configuration file from Umbrella

The configuration file contains the information required for the Cisco Umbrella Chromebook client to work with Umbrella.

  1. Log into dashboard.umbrella.com
  2. Navigate to Deployments > Core Identities > Chromebook Users and click Configure.
  1. Download the configuration file.

VA customers only

To use the Cisco Umbrella Chromebook client in a network with Cisco Umbrella Virtual Appliances, you must add the IP addresses of your VAs to the configuration file before uploading it. Each VA IP addresses must be enclosed in double quotes, comma-separated. This example illustrates a network with two VAs:

"vaIPs":{
  "Value":[
    "192.168.100.10",
    "192.168.100.11"
  ]
}

For a sample of the entire configuration file, see the Trusted Network Detection overview.

Make sure you save the file in a known location. You will upload this file during the installation of the Cisco Umbrella Chromebook client application.

Part 2: Install the Cisco Umbrella Chromebook Client Extension

  1. Log into https://admin.google.com.
  1. Select Device Management.
  1. In the Device Management window, select Chrome Management.
  1. In the Chrome Management window, select App Management.
  1. Search for the ID of the Cisco Umbrella Chromebook client extension jcdhmojfecjfmbdpchihbeilohgnbdci
    (Searching by name will not work.)
  1. Select the Umbrella Client for Chromebook Extension, then select User Settings.
  1. Select the Organization Unit for which to install the Umbrella Chromebook client.
    The Org Units are unique to your organization.
  1. Select Force Install.
    This ensures that Chromebook users in the selected Organization Unit cannot remove or disable the extension.
  2. Select Save.
    You have finished installing the Cisco Umbrella Chromebook client extension. Next, proceed with the next section to install the Cisco Umbrella Chromebook client application.

Part 3: Install the Cisco Umbrella Chromebook Client Application

  1. Return to the Chrome Management page in admin.google.com
  2. Search for the ID of the Cisco Umbrella Chromebook client application cpnjigmgeapagmdimmoenaghmhilodfg
    (Searching by name will not work.)
  3. Select the Umbrella Client for Chromebook Application, then select User Settings.
  4. Select the Organization Unit for which to install the application.
  5. Select Force Install.
    This ensures that Chromebook users in the selected Organization Unit cannot remove or disable the application.
  6. Select Save.
    You have finished installing the Cisco Umbrella Chromebook client application. The next step is to upload the Configuration file you previously obtained from Umbrella.
  7. Select Upload Configuration File and upload the file you previously downloaded chromebookconfig.json. VA customers: upload the file you modified as detailed above.
  1. Select Save.
    You have finished installing the Umbrella client and uploading the configuration file.

Installation Caveats

It can take Google four to eight hours to push the Cisco Umbrella Chromebook client to all of your Chromebooks. The Chromebooks must be connected and logged in for the installation to take place.

After the client is installed in a Chromebook, allow a few hours for Chromebook traffic to begin to appear in your Umbrella dashboard.

Apply Policies

To apply your policies to your organization's Chromebooks, see the Cisco Umbrella Chromebook Client Policy Configuration Guide.

Remove Cisco Chromebook Client Software

To remove the software for a specific user:

  1. Log into your G Suite admin console, then click Users.
  1. Choose a user, then choose Move Organization Group.
  1. Click Change* to confirm your choice.

You have finished removing the Chromebook client for that user.

To remove the software for all members of an Organizational Unit (OU):

  1. Follow the instructions for Installing the Cisco Umbrella Chromebook client extension.
  2. In step 7, switch the Allow Installation setting to OFF.

G-Suite Identity Service < Deploy the Chromebook Client > Public Session Support

Deploy the Chromebook Client


Installation Guide

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.