Umbrella's cloud-delivered firewall (CDFW) provides firewall services without the need to deploy, maintain, and upgrade physical or virtual appliances at a site. The Umbrella CDFW supports visibility and control of internet traffic across branch offices. Umbrella logs all network activity and blocks unwanted traffic using IP, port, and protocol rule criteria.
To forward traffic to Umbrella, establish an IPsec (Internet Protocol Security) IKEv2 (Internet Key Exchange, version 2) tunnel from any network device. Then, deploy the network tunnel in Umbrella and add the tunnel to an Umbrella firewall policy. As you add new tunnels to a firewall policy, Umbrella automatically applies and consistently enforces the rules defined in the policy.
Note: An Umbrella firewall policy only applies to traffic sent from a network tunnel.
The Umbrella cloud-delivered firewall (CDFW) expects an RFC 1918 IP address as the source IP address for outbound packets. If you use routable IP addresses on your internal network, you must contact Umbrella Support and provide the range of IP addresses that you use. Without this information, Umbrella cannot determine the IP address and may drop packets. For information about address allocation and private networks, see RFC 1918.
Best Practices for the Data Loss Protection Policy < Manage the Firewall Policy > Add a Firewall Rule
Updated 27 days ago