Company Overview Dima Kumets, Product Manager dima@opendns.com Service: Cloud Web Filtering and Malware Protection Aruba Instant Integration + Certified for Interop on Campus and RAP Infrastructure: 13 data centers, 100% uptime Security Product Line: New security service - Umbrella by OpenDNS (November 2012) #1 Mar-27-13
Company Overview Dima Kumets, Product Manager dima@opendns.com Agenda Challenges in security in EDU Umbrella technical overview Umbrella dashboard Q&A #2 Mar-27-13
IT for Education has changed PAST TODAY COMPUTER LABS WI-FI EVERYWHERE MANAGED DESKTOPS LAPTOPS AND BYOD SINGLE PLATFORM MULTI OS AND PLATFROM 1_Light Title Only LIMITED BANDWIDTH EXPLODING BANDWIDTH 100% ON PREM ROAMING USERS #3 Mar-27-13 Mar-27-13 Umbrella Confidential
Challenges in Education IT Growing bandwidth High Performance Malware Botnets BYOD CIPA Compliance Laptops roaming off premises Needs Challenges #4 Mar-27-13 Umbrella Confidential
Security in the past Got a problem? Buy a box. Increasing bandwidth? Add a box New campus? Add a box Increased enrollment? Add a box 1_Light Title Only Box too slow? Add a box Adding more servers? Add a box More reports to store? Add a box Boxes start to break? Add a box New ports to protect? Add a box Managing too many boxes? Add a box to manage boxes #5 Mar-27-13 Umbrella Confidential
Security Appliances Growing demands are putting IT on a security appliance treadmill And your users? They've left the building. #6 Mar-27-13
What is Umbrella? Malware and Botnet protection with BYOD support and AD Integration Mobile Protection for ios and Android Roaming protection for employees and students Web filtering for any device connecting to guest Wi-Fi Web filtering 59+ categories, blacklists, whitelists and bypass feature. Web dashboard easy to use, manage policy, deploy new identities and view reports anywhere Malware and botnet protection prevents infection and blocks bots from reaching command & control points. Zero downtime since launch in 2006 with global data centers and bgp routing #7 Mar-27-13
OpenDNS Enterprise Global Network London, UK Telehouse North Amsterdam, NL TeleCity 1 Frankfurt, DE Equinix Frankfurt Seattle, US The Westin Building Palo Alto, US Switch & Data Los Angeles, US Equinix Los Angeles Chicago, US 350 E. Cermak New York, US 111 8th Ave Ashburn, US Equinix Ashburn Tokyo, JP Datacenter TBD Hong Kong, HK Mega iadvantage Dallas, US Dallas Infomart Miami, US Nap of the Americas Singapore, SG Equinix Singapore Sydney, AU Datacenter TBD Point of Presence (PoP) Private Peering Datacenter TODAY PLANNED Sao Paulo, BR Datacenter TBD Globally distributed servers at 13 PoPs with more planned using Anycast IPs with BGP routing and the best peering in the industry. Built from the ground-up for reliability and 100% uptime. #8 Mar-27-13
Cloud Architecture: Under the hood Policy Reporting DNS Query Internet No bottlenecks Campus Network Permitted Domain DNS Response Real-Time Threats Malware, Botnet AUP Violations Roaming Users Custom Block Page Real-time Threats and domain categorization is 100% in the cloud. No bottlenecks DNS with protection is faster than plain ISP or carrier DNS. Unprecedented Scale No bandwidth constraints or sizing guides. Full coverage Any and all devices on the network. Roaming users protected using lightweight agent. #9 Mar-27-13
Umbrella Enterprise for EDU Network Wide Coverage Protection for any device connecting to the campus network IT managed devices with zero touch deploy Full BYOD coverage including Mac, Windows, tablets, game consoles, etc Block page bypass allow privileged users to bypass blocking without software Deploy in minutes Interoperability certified Enter External IP range in Umbrella dashboard Set DHCP DNS to our IPs Alt - forward :53 to OpenDNS Aruba IPs Campus Integrated OpenDNS login in Virtual controller Virtual controller self configures using API calls to Umbrella Aruba Instant Local recursive DNS Forward DNS to OpenDNS Enter External IP range in Umbrella dashboard Local DNS Cache with OpenDNS Local DNS #10 Mar-27-13
Umbrella Insights for EDU Active Directory Integration Group based policy with ranked rules Per-user reporting with roll-ups per group and organization wide Full coverage. Non-AD users protected with default policy Internal IP/IP range based rules available Pre-configured VM, Connector and config files downloaded from dashboard Insights Linux VM for VMWare ESXi forwards DNS Connector on DC cloud sync for users +groups Pre-configured downloads Monitoring from Umbrella Dashboard Active Directory Group #11 Mar-27-13
Umbrella Everywhere for EDU Off Network Protection Lightweight agent for Windows and Mac Identification only via EDNS all policy and lists are in the cloud Location aware policy allows different policy on-network vs roaming Security without performance impact Deploy using GPO or RMM in minutes msiexec /i RoamingClient_WIN.msi /qn ORG_ID=<Organization> ORG_FINGERPRINT=<hash> USER_ID=<who is deploying>hide_ui=<0 or 1 for systray icon and notifications> Windows Small MSI Runs as a service CLI or interactive install Mac Small pkg Runs as a service CLI or interactive install Windows Agent OS X Agent #12 Mar-27-13
Umbrella Everywhere for EDU Mobile Protection VPN profile for ios devices Deployed via app or MDM Full encryption to protect against man in themiddle Policy enforcement in the cloud ios VPN profile Optional App Android Beta soon Encryption and malware protection ios Android #13 Mar-27-13
Umbrella: Customer Highlights MSP & MANAGED WI-FI RETAIL & GUEST WI-FI ENTERPRISE S & SMBs COLLEGES & UNIVERSITIE S K-12 SCHOOLS #14 Mar-27-13
Case Study: Network Maine Protected: 188,000+ students at 1,000+ schools and libraries in Maine Customer since: 2010 Why they re using Umbrella: Protection against malware and botnets, web filtering, CIPA Compliance Problem: Hardware solution scaling issues with growing adoption and bandwidth WHAT THEY RE SAYING Our previous content filtering solution was the Achilles heel for the network. Anytime it had a performance problem it was felt everywhere since all http traffic went through these appliances. With Umbrella Enterprise we no longer have to worry about performance or scalability. Jeff Letourneau, Executive Director #15 Mar-27-13
Case Study: George Washington University Protected: 25,000 students, 1,600 full-time staff, 3 campuses, many satellite locations. Customer since: 2011 Why they re using Umbrella: Protection against malware and botnets, elimination of appliance management and maintenance, thorough yet easy-to-manage network protection at multiple locations Problem: Finding a powerful solution to fight the increase in malware infections. Appliances required too much time to manage and scale. WHAT THEY RE SAYING Rather than having to put one-off rules into an appliance to allow for exceptions, we can easily assign local technical people the authority to change rules on their own networks in Umbrella. Matthew Wollenweber, Senior Computer Forensics Information Security System Engineer #16 Mar-27-13
Umbrella Dashboard Configure
Umbrella Dashboard - Policy #18 Mar-27-13
Umbrella Dashboard - Identity #19 Mar-27-13
Umbrella Dashboard - Identity #20 Mar-27-13
Umbrella Dashboard - Identity #21 Mar-27-13
Umbrella Dashboard Security #22 Mar-27-13
Umbrella Dashboard - Categories #23 Mar-27-13
Umbrella Dashboard Blacklist/Whitelist #24 Mar-27-13
Umbrella Dashboard - Customization #25 Mar-27-13
Umbrella Dashboard Reporting
Umbrella Dashboard - Reporting #27 Mar-27-13
Umbrella Dashboard - Reporting #28 Mar-27-13
Umbrella Dashboard - Reporting #29 Mar-27-13
Umbrella Dashboard - Reporting #30 Mar-27-13
Q&A Contact: Dima Kumets, Product Manager - dima@opendns.com Free Trial for Airheads salesinfo@opendns.com OpenDNS Confidential