When you take advantage of our DNS security service, Cisco Umbrella, you will get access to the Umbrella portal – this shows you a wealth of information about traffic flowing through your protected devices:
The portal is excellent when IT administrators need to investigate issues, or see detailed information about a particular instance. But the best security services should not always require a manually driven process to ensure issues are brought to your attention.
We set up scheduled reporting on your behalf, with common malware threats automatically flagged up to our expert support team. Our expert cyber security engineers will analyse the reports and notify you regarding threats that may need to be investigated.
Our service will pick up and block traffic to domains that are linked to malware, phishing, and other threats to your organization.
As you can see from the above screenshot, the report sees a domain multiple times – this often indicates a malware infection on the network; although the domain is blocked, it highlights the necessity for further action to be taken to remove the threat.
We can drill down further into the portal to help with the investigations.
These scheduled reports will raise the alarm for all sorts of issues and potential issues, such as staff accidentally clicking links, malware that has found its way on to a device, or browser extensions that have malicious characteristics.
DNS security should be deployed as a part of your overall security approach.