Security At The Initial Stage

Ashok Tiwari, Head IT, Varroc Lighting Systems (India) Pvt. Ltd

Security At The Initial Stage

The way security incidents are happening, we must think on a solution which could support to have a robust IT Security solution. In the Covid19 Situations the number of remote and roaming employees working has increased tremendously and the threat of IT Security has gone high. There is a small worry to think on the security of the users who are working from remote, how to secure them. Attackers were already targeting this weak point in security before the massive influx of new remote workers.

In the manufacturing companies, many of the users are quite less aware about IT Security and kind of threat. Having different kind of employees some of are very young and Junior are not able to understand the impact and challenges. Some of are mature and senior level may understand and sincerely following the guidelines. The challenge is to manage the scenario, managing each one. There is a strong need to secure all this new remote web traffic and to do it quickly and efficiently.

“The way security incidents are happening, we must think on a solution which could support to have a robust IT Security solution”

So now there is a powerful and scalable way to secure your remote and roaming user web traffic. How do you get that traffic to the cloud service? That is where the Cisco AnyConnect client fits in. Cisco released a new version of the AnyConnect client that is fully integrated with the Umbrella SWG.

Security at DNS Level

Implementing Cisco Umbrella, we can manage the Security at the DNS Level. Having simple and very less configuration efforts solution can make the things simple and easy. It provides first line of defence against threats on the internet. Sometimes predictions are important, though that we can have the preventive activities aligned. Cisco Umbrella solution has that capability, it can predict the situation based on the study.

By implementing the Cisco Umbrella, one thing is good for us is we have no worry about the threatful DNS. It is umbrella job to take care of that. According to Cisco they have their on-Cloud servers which are continuously checking the domains authenticity. Based on authenticity they resolve the DNS. Even if you are working from home, there is one client installed at your end point which will take care of DNS resolution authenticity. Discovering the risky domains is Cisco Umbrella job.

Block threats before taking place

The appliances wait until malware and virus reaches to then detect and prevent. As the Cisco Umbrella is DNS control-based technology. It has the capability to detect it before they reach to your endpoint devices.

Cisco Umbrella released a cloud-native secure web gateway (SWG) which provides a broad set of web traffic control and security (and works with both Cisco and third-party VPNs). It includes antivirus and malware scanning, sandboxing, content and file type controls, application visibility and control, HTTPS/SSL decryption, and full URL level reporting. SWG capabilities are available as part of the, Umbrella SIG along with firewall, DNS-layer security, cloud access security broker (CASB) functionality, and interactive threat intelligence in one cloud-delivered solution.

Now the challenge is how to protect against Phishing during Covid19 Situation. We have implemented Cisco Umbrella and OpenDNS services to ensure that we are protecting our users against pandemic themed cyberattacks.

Prevent connections before and during the attack

Generally, Cisco umbrella takes care for Web and email-based infection, malware, exploit kit, phishing, web link etc and blocking the malicious domain. It has predictive IP space modelling, Spike rank model & Natural Language processing rank model.

DHCP Server, DNS Server, Virtual appliances - Route traffic and ID’s via DNS. For roaming users AnyConnect client takes care for threats and infections based on DNS controlled connections.