Cisco Umbrella integration - BlueCat Edge - Service Point v3.x.x

BlueCat Edge Deployment Guide

Locale
English
Product name
BlueCat Edge
Version
Service Point v3.x.x

BlueCat Edge supports integration with Cisco Umbrella to leverage policy enforcement and content filtering for external traffic. Once you have successfully configured the Cisco Umbrella integration, namespace configurations applied to BlueCat Edge Service Points will forward external queries to Cisco Umbrella to apply granular policies configured on Umbrella while internal queries are handled by the Service Point based on the applicable policies. Although external queries are handled by Cisco Umbrella, the BlueCat Edge Cloud continues to have visibility into both external and internal queries.

Attention: When configuring the Cisco Umbrella integration, ensure that the following requirements are met:
  • Each service point must be able to forward DNS queries to the two Cisco Umbrella anycast VIPs (208.67.222.222 and 208.67.220.220). These are the IP addresses that are copied to the clipboard when selecting the Cisco Umbrella Integration checkbox on the namespace configuration page.
  • Any firewalls configured between the service point and Cisco Umbrella must not strip EDNS information from the forwarded queries.