Umbrella sets limitations and range limits by component, data type, user role, or service. These general limitations affect how you configure, deploy, and interact with Umbrella.
Cisco Umbrella SIG packages are subject to an Average Bandwidth of up to 50 kilobits per second (“kbps”) per user, based on a 95th percentile calculation. For more information, see Average Bandwidth.
To determine your current package, navigate to Admin > Licensing. For more information, see Determine Your Current Package.
- Internet Protocol Versions
- Umbrella Components
- Identity Integrations
- Users and Roles
- Policy Testing
|Internet Protocol version 6.|
|IPv4||Supported by all services.||Internet Protocol version 4.|
Destination lists may contain fully qualified domain names (FQDN), URLs, or IP addresses.
For more information, see Cisco Umbrella Packages.
For Web policy only.
For DNS policies only.
No more than 2000 internal domains may be deployed.
Internal domain count can be increased upon request.
No more than 5000 internal domains may be deployed.
No more than 5000 external domains or IPs can be deployed.
Cloud delivered firewall (CDFW)
Source Traffic IP Range
Packets in IPsec tunnels must originate from an RFC-1918 IP address and be destined for a public IP address. Otherwise, packets are dropped. Client Reachable Prefixes overrides this behavior.
IPsec Tunnel Quantity
50 IPsec tunnels per organization.
Higher tunnel quantities are available by request, subject to approval.
IPsec Tunnel Performance
250 Mbps download, 80 Mbps upload, and 50,000 combined packets per second.
Based on GCM encryption with 900 byte average package size.
Umbrella Intelligent Proxy does not proxy web requests on non-standard ports.
WebSockets and HTTP PATCH
For WebSockets or HTTP PATCH requests, the Umbrella secure web gateway does not perform file inspection.
Umbrella secure web gateway processes WebSockets and HTTP PATCH traffic, applies security categories, and creates destination lists.
With default logging enabled, Umbrella logs all destination requests for an identity.
The maximum file size that the secure web gateway (SWG) can upload is 20 GB.
The maximum file size that can be downloaded is 5 GB.
If you want to download the file having more than 5 GB size, then reach to administrator who can create a rule to Allow the specific file download URL. The rule must be above the Isolate rule in the ruleset. This allows the file to be downloaded and scanned by the file scanner.
Block Page Bypass
You cannot use the Block Page Bypass feature with a redirected block page.
If configured, Umbrella uses the default appearance of the block page.
Single Sign On
You must use Block Page Bypass codes.
Customer CA Signed Root Certificate
6 certificates per organization.
File Scanning (Antivirus, Threat Grid, and AMP)
Selective Decryption List
|For more information, see Manage Selective Decryption.|
Block Page Bypass
Grants a user the ability to bypass pages that are otherwise blocked by Umbrella policies.
Access to Umbrella Investigate only.
A Read Only user can only view pages and reports. Functionality, including buttons, may not be displayed or available. A user can access Investigate (if applicable), but not create/delete API tokens.
Grants limited access to the Umbrella dashboard.
A Reporting Only user can only view and run reports.
De-Identification of User
|Hide identity names when generating a report.|
Data available for one calendar year.
Data retained for 30 days.
Up to 10K events displayed.
For organizations with above average volumes of data, Umbrella may be unable to display the Activity Search report within the expected response time. In such instances, organizations can retrieve their data from an Amazon S3 bucket (Cisco-managed or owned by the organization) or the Umbrella Reporting API.
Data retention, display limits.
Data retained for 30 days.
Data retained for one calendar year.
|Data retained for one calendar year. You can access data in 90-day increments.||Data retention.|
|Scheduled Report (email attachment)||Accepts up to 10,000 rows of data.|
|Exported Report (CSV export)||Exports no more than 1,000,000 rows of data.|
The Umbrella Policy Tester helps you evaluate your configured DNS policies. For more information, see Test a DNS Policy.
Umbrella Policy Tester
Evaluates configured DNS policies (identities and destinations).
Updated about 21 hours ago