IT Service Descriptions

Ntiva Web Filtering Solution

Ntiva’s Web Filtering solution, (Cisco Umbrella) provides the quickest, most effective way to improve your security stack.

Ntiva's Web Filtering solution provided by Cisco Umbrella is the quickest, most effective way to improve your security stack. From small businesses without dedicated security professionals to multinational enterprises with complex environments, it only takes minutes to gain a new layer of breach protection and internet-wide visibility on and off your network.  Our Web Filtering service offering includes the following protections: 

DNS-Layer Security:

  • Your computer uses recursive DNS as the first step to connect to places on the Internet. Unfortunately, so do cybercriminals. Malware, ransomware, phishing, and other scams use DNS servers to look up and connect to infrastructure that is set up by cybercriminals to power these attacks. 
  • Monitoring DNS requests, as well as subsequent IP connections, is an easy way to provide better accuracy and detection of malicious activity and compromised systems, improving security visibility and network protection. Nothing stops attacks earlier than DNS-layer security. After all, DNS is the first step in making a connection on the Internet, and if a connection is blocked at the DNS layer, then it stops there. 
  • Cyber-attacks have many phases. Before launching, the attacker first needs to stage internet infrastructure to support each phase of the attack. Then, the target needs to be connected to that infrastructure. Many attacks use email attachments or direct payload downloads or malicious links in phishing attacks. Attacks with an objective to exfiltrate data must initiate a command & control callback, where the malware on a network communicates back with the attacker infrastructure, which then takes command of the targeted machine. 
  • DNS-layer security identifies where these domains and other internet infrastructures are staged, and blocks requests over any port or protocol, preventing both infiltration and exfiltration attempts. It stops malware earlier and prevents callbacks to attackers if infected machines connect to your network. 

A diagram of a cloud computing system

Description automatically generated

The blue shields show where DNS-layer security stops attacker communications. 

Block threats before they reach you:

  • Traditional security appliances and agents must wait until malware reaches the perimeter or endpoint before they can detect or prevent it. With DNS-layer security from Cisco Umbrella, you can stop attacks earlier in the kill chain. 
  • By enforcing security at the DNS layer, Umbrella stops threats before they ever reach your network or endpoints. By analyzing and learning from internet activity patterns, Umbrella automatically uncovers attacker infrastructure staged for current and emerging threats, and proactively blocks requests to malicious destinations before a connection is even established or a malicious file downloaded. Umbrella can also stop compromised systems from exfiltrating data via command & control (C2) callbacks to the attacker’s botnet infrastructure, over any port or protocol. 
  • Unlike appliances, our cloud security platform protects devices both on and off the corporate network. Unlike agents, the DNS layer protection extends to every device connected to the network — even IoT. Umbrella really can be deployed everywhere since all internet-connected devices use recursive DNS services.

Leverage the power of machine learning: 

  • Cisco Umbrella uses machine learning to search for, identify, or even predict malicious domains. Umbrella learns from internet activity patterns to automatically identify attacker infrastructure being staged for the next threat and blocks these domains proactively. 
  • Cisco Umbrella analyzes terabytes of data in real-time across all markets, geographies, and protocols. This diversity provides internet-wide visibility into where threats are coming from, who is launching them, where they call back to, how widespread it is, when was the first and last time we saw it, and much more. Cisco combines human intelligence with 3D visualizations to learn new patterns. Then, Cisco will apply statistical models to categorize these patterns, detect anomalies, and automatically identify known and emergent threats. A diagram of a funnel

Description automatically generated

How Cisco Umbrella’s machine learning model works. 

Deliverables:

  • Active web filtering through the Cisco Umbrella product regardless of whether a computer is on-site or remote. 
  • DNS-layer security 
  • Secure web gateway 
  • Cloud-delivered firewall 
  • Cloud access security broker 
  • Interactive threat intelligence 
  • Configurable allow and deny lists. 

Service Assumptions: 

  • Labor associated with normal operations will be billed to the client’s service agreement. 
  • Ntiva’s Web Filtering services provide protection but do not guarantee the prevention of all DNS-related disasters. 

Service Workflow: 

  • The solution is deployed by RMM tool and configured by on-boarding team for initial use. 
  • Adding and removing websites to allow/block list is accomplished by submitting a ticket to Ntiva's service desk. 

Ntiva Tech Mastery Series-1