Cisco Secure Firewall supports DNS integration with Cisco Umbrella. This integration enables the firewall to redirect DNS queries to Umbrella and allows Umbrella to apply DNS-based security policies.
- Cisco Secure Firewall Management Center (FMC) running version 7.2 or above.
- FMC-managed Cisco Firepower Threat Defense (FTD) firewall running version 6.6 or above.
- FMC able to resolve and connect to api.opendns.com over port 443 for initial registration.
- FTD access over TCP and UDP on port 53 (DNS) to 126.96.36.199 and 188.8.131.52—the Cisco Umbrella public DNS resolvers.
- The Umbrella root certificate installed on the FTD devices.
- FMC Base license with ‘export-control’ functionality allowed.
- Rollback of Umbrella configuration is not supported.
To configure the Umbrella Connection, refer to the Cisco Secure Firewall Management Center Administration Guide.
To create and manage Umbrella DNS policies, refer to the Cisco Secure Firewall Management Center Device Configuration Guide.
Updated 10 days ago