AWS Public Sector Blog
Empowering zero trust in public sector with Cisco Umbrella for Government on AWS
Zero trust in the US public sector has become critical, especially as cyber threats targeting government agencies grow more complex and sophisticated. In line with the federal mandate for zero trust architecture (ZTA) outlined in Executive Order M-22-09, government agencies are required to adopt a comprehensive security framework that continuously verifies trust for every access request.
This approach makes sure that only authorized users and secure devices gain access to sensitive data, mitigating risks associated with unauthorized access and minimizing lateral movement of potential threats. Zero trust is a strategic approach to security that centers on the concept of eliminating trust from an organization’s network architecture. As agencies increasingly migrate their workloads to Amazon Web Services (AWS), implementing zero trust security measures becomes even more crucial. The combination of Cisco Umbrella for Government and AWS provides a powerful solution that enables agencies to maintain zero trust across their cloud infrastructure while meeting compliance requirements.
In this post, we demonstrate how Cisco Umbrella for Government, built on AWS, plays a key role in ZTA by providing multi-layered security and granular visibility across on premises and AWS.
Strengthening government cybersecurity with Cisco Umbrella for Government
Cisco Umbrella for Government is a FedRAMP Moderate authorized instance of the enterprise cloud-based security suite. It enables government agencies to adopt a zero trust approach and protect their AWS resources, strengthen their cybersecurity posture, and safeguard sensitive information stored or processed on AWS.
Having achieved FedRAMP Moderate authority to operate (ATO), this platform enables US federal, state, and local government entities to confidently adopt and implement Cisco Umbrella while meeting their compliance requirements.
Built on AWS GovCloud (US), Cisco Umbrella for Government used AWS FedRAMP-authorized services, significantly reducing the time required for compliance. Throughout the process, Cisco used AWS Professional Services and the Global Security & Compliance Acceleration (GSCA) Program. This strategic approach helped streamline the path to FedRAMP Moderate authorization, showcasing Cisco’s commitment to providing secure and reliable cloud services to the US public sector.
“One of the main reasons we rely on AWS GovCloud is its alignment with compliance security controls, policies, and practices. Without AWS and its dedicated support for the mission, it would be far more challenging for Cisco and agencies to address threats on their own,” said Josh Jackson, a Cisco account executive. “The partnership between Cisco and AWS enables us to tackle the increasing sophistication of cyberattacks effectively. Together, we support the goals established by the Department of Homeland Security to protect critical infrastructure and deliver scalable, secure solutions.”
As an AWS Public Sector Partner with multiple AWS competencies, including the Security ISV Competency, Cisco offers the Cisco Umbrella for Government solution through AWS Marketplace, making it streamlined for government agencies to procure and deploy.
Enabling zero trust with Cisco Umbrella for Government
Cisco Umbrella for Government enables ZTA with a broad set of security functions such as secure web gateway, firewall, DNS-layer security, data loss prevention (DLP) and cloud access security broker (CASB) through a single, cloud delivered service and dashboard.
A key benefit of Cisco Umbrella for Government is its ability to deliver real-time threat intelligence across all devices, locations, and AWS resources. Similarly to other solutions in the Cisco Security portfolio, it uses insights from Cisco Talos, one of the world’s largest commercial threat intelligence teams, to uncover and block a wide spectrum of malicious domains, IPs, and files.
DNS-layer security
Cisco Umbrella for Government enforces security at the DNS layer to block requests to malware, ransomware, phishing, and botnets before they reach the network or endpoints. It also integrates with Protective DNS from CISA. Now, government customers can use Umbrella DNS to deliver a fast, safe, and reliable internet experience, with the same technology used by more than 30,000 enterprise customers.
CASB
Cisco Umbrella’s integration with AWS provides visibility into AWS hosted cloud applications used across the organization. This capability helps expose shadow IT by giving agencies the ability to detect and block unauthorized cloud applications. Umbrella uses DNS logs to discover cloud apps that users are accessing and provides an overview of the number of app requests by date and risk level in the App Discovery dashboard to show patterns and changes over time.
Secure web gateway
Umbrella’s Secure Web Gateway (SWG) inspects the customer web traffic on various ports including TCP, UDP, and ICMP. HTTP web security inspection allows Umbrella to decrypt and inspect web destinations including applications and selectively control your organization’s access to specific file types.
The platform offers secure web traffic proxying through Cisco Secure Client to make sure of consistent protection for users accessing on-premises and AWS resources, whether on-network or off-network. It also provides customizable security measures, real-time activity search, and detailed logging, which allows agencies to tailor their security posture according to specific compliance requirements.
Cloud delivered firewall (with intrusion prevention system)
Umbrella’s cloud-delivered firewall filters traffic based on a rule action and rule criteria that can be port, protocol, IP source and destination, and application. The integrated intrusion prevention system (IPS) provides real-time threat detection and prevention by analyzing network traffic patterns and blocking potential attacks before they can impact the network.
Cisco Duo also integrates with Umbrella to provide identity and device protection such as implementing multi-factor authentication (MFA) and device health checks. This integration makes sure that only verified users on trusted devices can access protected resources.
Data loss prevention and cloud malware detection
Cisco Umbrella combines advanced malware protection, granular application control, URL and content filtering, and data loss prevention capabilities all without compromising network performance. Organizations across industries need comprehensive security, but they can’t afford to sacrifice speed and operational efficiency. Boston Medical Center‘s experience demonstrates how Umbrella delivers on both fronts.
“While other security products slow down requests to the internet by filtering them through inline devices, Cisco Umbrella delivers security from the cloud without added latency, which is crucial because every millisecond counts in patient care,” said Lee Cullivan, Chief Information Security Officer at Boston Medical Center. “Because defending our network and data against malware, ransomware, phishing, and other threats may literally be a life-and-death matter we needed a way to deliver maximum security with minimal impact to our operations and patient care.”
Conclusion
Cisco Umbrella for Government provides agencies with a FedRAMP Moderate authorized solution that directly aligns with federal ZTA mandates. For government organizations looking to meet ZTA requirements while strengthening their security posture, Cisco Umbrella for Government offers a proven path forward. You can learn more about Cisco Umbrella for Government by visiting Cisco Umbrella Government official webpage. To learn more about Cisco solutions on AWS visit Cisco on AWS.