Cloud Solutions - jibingl/CCNA-CCNP GitHub Wiki
Umbrella and Cloudlock
🍌 Cisco Umbrella is a cloud-native secure internet gateway (SIG) that provides DNS-layer security, secure web gateways, and cloud-delivered firewalls to block external threats.
🍌 Cisco Cloudlock is a cloud access security broker (CASB) that uses APIs to monitor and secure user data, identities, and applications within sanctioned SaaS apps (e.g., Office 365, Google Workspace).
Key Differences
| Cisco Umbrella | Cisco Cloudlock | |
|---|---|---|
| Primary Function | Secure Internet Gateway (SIG) | Cloud Access Security Broker (CASB) |
| Enforcement Point | DNS-layer, Web Proxy, and Firewall | API-level integrations with SaaS apps |
| Main Use Case | Blocking malicious domains and malware | Data Loss Prevention (DLP) and user behavior |
| Visibility | Internet-wide traffic (on/off network) | Activity within sanctioned cloud apps |
When to Use Which:
- Use Cisco Umbrella: To protect against phishing, malware, and command-and-control callbacks for all users, regardless of location.
- Use Cisco Cloudlock: To enforce compliance, detect data breaches within SaaS apps, and control third-party OAuth app permissions.
AppD, CWOM and Secure Workload
These three Cisco solutions form a "Full-Stack Observability" ecosystem.
🍌 Cisco Application Dynamic is to monitor how code executes and how users interact with the app within the application layer.
🍌 Cisco Workload Optimization Manager is a "decision engine" for your infrastructure layer. Recently unified under the Cisco Intersight Workload Optimizer brand.
🍌 Cisco Secure Workload formerly known as Tetration and is built for the security layer, specifically focusing on workloads in dynamic environments like Kubernetes and public clouds.
Key Differences
| Cisco AppD | CWOM | Secure Workload | |
|---|---|---|---|
| Primary Function | Application Performance Management (APM) | Application Resource Management (ARM) | Zero-Trust Microsegmentation & Security |
| Main Use Case | Root-cause analysis; tracking user experience/business KPIs | Automating resource allocation to reduce costs and maintain SLAs | Reducing attack surfaces; preventing lateral threat movement |
| Visibility | Code-level execution; business transactions; end-user journeys | Infrastructure supply chain (VMs, storage, cloud instances) | Network flows; workload dependencies; software vulnerabilities |
| Deployment | Agent-based; SaaS or On-Premise | Agentless; integrated via APIs to hypervisors and cloud platforms | Agent-based or Agentless; SaaS or On-Premise appliance |