TCPWave's centralized management console enables administrators to effortlessly manage and monitor DNS services across various locations, regardless of their presence in public or private clouds. Our solution offers a seamless integration with Cisco Umbrella, a cloud-based security solution that safeguards organizations from online threats. This integration offers numerous benefits, such as utilizing Cisco Umbrella's DNS resolution capabilities to block malicious domains and IP addresses. DNS queries, that pass through TCPWave are first checked by Umbrella's resolver, which consults its threat intelligence database to identify and block malicious domains. Furthermore, this integration allows organizations to enforce content filtering policies, enabling administrators to restrict access to specific website categories, like social media, gambling, or adult content. Users attempting to access these restricted sites are then blocked by Cisco Umbrella.
Improved Security
Enhanced Compliance
Reduced IT Overhead
Increased Productivity
The TCPWave DNS appliance can is available as a physical appliance as well as a virtual appliance. On both flavors, an authoritative DNS appliance can also be configured as a recursive cache. Further, the recursive queries can be forwarded to Cisco Umbrella, thereby leveraging all the business advantages that are available from this offering.
Forwarding recursive queries from an on-prem TCPWave recursive DNS cache to Cisco Umbrella can provide organizations with valuable reporting and insights into their DNS infrastructure. By forwarding these queries, organizations can gain visibility into the various queries and responses that occur during the resolution process. This visibility can help identify potential DNS performance issues, network bottlenecks, or security threats. Moreover, Cisco Umbrella's threat intelligence database can help identify and block malicious domains that recursive queries may encounter. Overall, forwarding recursive queries to Cisco Umbrella enables organizations to gain a deeper understanding of their DNS traffic, improve performance, and enhance security posture.
Recursion on a TCPWave DNS cache is critical to providing efficient and fast DNS resolution for clients. By caching frequently requested data locally, recursion helps reduce DNS query latency, which can improve the overall performance of the network. Moreover, recursive DNS queries can be forwarded to external DNS servers, such as Cisco Umbrella, to obtain additional information and enhance security by blocking malicious domains. Overall, recursion on a TCPWave DNS cache enables organizations to provide fast, efficient, and secure DNS resolution for their clients.
In the TCPWave application, under the DNS option templates, select Only under Forward field, and enter the Forwarders. DNS forwarding is the process of directing DNS queries from one DNS server to another, typically to resolve domain names more efficiently. This method improves resolution speed and reduces local DNS server load by utilizing the resources of external DNS servers.
The virtual appliances are configured on the Cisco Umbrella under "Sites and Active Directory".
Having the public IP addresses configured on every site in Cisco Umbrella aids in delivering location-specific responses to clients and implementing policies for each location.
The internal zones that are set up on the TCPWave appliances are configured through the "Domain Management" feature, which will then be transmitted to the virtual appliances.
The image below illustrates the Cisco Umbrella reports that depict both internal and external IP addresses when DNS queries are directed towards the virtual appliances.
The integration between TCPWave and Cisco Umbrella provides organizations with a powerful solution for managing DNS infrastructure and securing their networks against internet threats. Cisco Umbrella uses machine learning to search for, identify, or even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. By leveraging the strengths of both solutions, organizations can improve their security posture, meet compliance requirements, reduce IT overhead, and increase productivity.
