Cisco Umbrella - On-network: adding

      user-based enforcement without clients



                                                 Virtual appliance + Connector

                                                      Best for locations that want granular
                                                     control and visibility integrated with AD






                                                                             Umbrella
                                                    Sync group               Enforce policy for user,
                                                    memberships              host, or group membership

                                             AD domain                Gateway              DNS server
                                             controller(s)            @ 8.2.0.1            @ 10.1.0.1
                                           Script (run per DC)
                                           AD Connector (1)



                                                                    Umbrella VA            Any device
                                                                     @ 10.1.0.2            @ 10.1.2.2
                                                   Sync login        Bill = 10.1.2.2        User = Bill
                                                   events           BillPC=10.1.2.2        Host = BillPC



      © 2016 Engage ESM All Rights Reserved                                                                                             60