Secure Your Digital Skies with Cisco Umbrella

Experience agile networking and Cisco Umbrella's robust security, for seamless connectivity


Our solution provides threat intelligence, flexible deployment, and proactive defense with Cisco Umbrella.

TCPWave's centralized management console enables administrators to effortlessly manage and monitor DNS services across various locations, regardless of their presence in public or private clouds. Our solution offers a seamless integration with Cisco Umbrella, a cloud-based security solution that safeguards organizations from online threats. This integration offers numerous benefits, such as utilizing Cisco Umbrella's DNS resolution capabilities to block malicious domains and IP addresses. DNS queries, that pass through TCPWave are first checked by Umbrella's resolver, which consults its threat intelligence database to identify and block malicious domains. Furthermore, this integration allows organizations to enforce content filtering policies, enabling administrators to restrict access to specific website categories, like social media, gambling, or adult content. Users attempting to access these restricted sites are then blocked by Cisco Umbrella.

Improved Security

  • TCPWave's integration with Cisco Umbrella offers enhanced security by utilizing Cisco Umbrella's threat intelligence to block malicious domains and IP addresses for organizations.

Enhanced Compliance

  • TCPWave and Cisco Umbrella's integration allows organizations to meet industry-specific compliance regulations through enforced content filtering policies for all DNS requests.

Reduced IT Overhead

  • TCPWave and Cisco Umbrella integration streamlines DNS services and security policy management in one console, reducing IT overhead and allocating resources to other vital projects.

Increased Productivity

  • By blocking access to non-work-related websites, organizations can improve productivity. This can lead to increased employee productivity and a more efficient workplace.
TCPWave DNS Appliance Configuration

The TCPWave DNS appliance can is available as a physical appliance as well as a virtual appliance. On both flavors, an authoritative DNS appliance can also be configured as a recursive cache. Further, the recursive queries can be forwarded to Cisco Umbrella, thereby leveraging all the business advantages that are available from this offering.

Forwarding the Queries to Cisco Virtual Appliances

Forwarding recursive queries from an on-prem TCPWave recursive DNS cache to Cisco Umbrella can provide organizations with valuable reporting and insights into their DNS infrastructure. By forwarding these queries, organizations can gain visibility into the various queries and responses that occur during the resolution process. This visibility can help identify potential DNS performance issues, network bottlenecks, or security threats. Moreover, Cisco Umbrella's threat intelligence database can help identify and block malicious domains that recursive queries may encounter. Overall, forwarding recursive queries to Cisco Umbrella enables organizations to gain a deeper understanding of their DNS traffic, improve performance, and enhance security posture.

Enable Recursion in TCPWave

Recursion on a TCPWave DNS cache is critical to providing efficient and fast DNS resolution for clients. By caching frequently requested data locally, recursion helps reduce DNS query latency, which can improve the overall performance of the network. Moreover, recursive DNS queries can be forwarded to external DNS servers, such as Cisco Umbrella, to obtain additional information and enhance security by blocking malicious domains. Overall, recursion on a TCPWave DNS cache enables organizations to provide fast, efficient, and secure DNS resolution for their clients.

DNS Forwarding

In the TCPWave application, under the DNS option templates, select Only under Forward field, and enter the Forwarders. DNS forwarding is the process of directing DNS queries from one DNS server to another, typically to resolve domain names more efficiently. This method improves resolution speed and reduces local DNS server load by utilizing the resources of external DNS servers.

Configure Virtual Appliances

The virtual appliances are configured on the Cisco Umbrella under "Sites and Active Directory".

Network Deployment

Having the public IP addresses configured on every site in Cisco Umbrella aids in delivering location-specific responses to clients and implementing policies for each location.

Domain Management

The internal zones that are set up on the TCPWave appliances are configured through the "Domain Management" feature, which will then be transmitted to the virtual appliances.


The image below illustrates the Cisco Umbrella reports that depict both internal and external IP addresses when DNS queries are directed towards the virtual appliances.


The integration between TCPWave and Cisco Umbrella provides organizations with a powerful solution for managing DNS infrastructure and securing their networks against internet threats. Cisco Umbrella uses machine learning to search for, identify, or even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. By leveraging the strengths of both solutions, organizations can improve their security posture, meet compliance requirements, reduce IT overhead, and increase productivity.