Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cisco Umbrella 🆚 OpenDNS

cyriel95
Getting noticed
‎Sep 21 2020 1:14 AM
‎Sep 21 2020 1:14 AM

Cisco Umbrella 🆚 OpenDNS

Good morning all
it's me again Cyriel95☺️.
I would like to know between Cisco Umbrella and OpenDNS - Meraki which is the most recommended and the easiest to administer according to your experience.
 
Thank you
0 Kudos
Subscribe
11 Replies 11
KarstenI
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 1:25 AM
‎Sep 21 2020 1:25 AM

First: OpenDNS are the free and publicly usable DNS servers operated by Cisco. Umbrella is a product that you can subscribe to from Cisco, same as subscriptions like "OpenDNS Prosumer".

You are probably asking for the difference of buying Umbrella separately or combined with the Meraki License.

It's really easy to operate Umbrella with the Meraki license that includes Umbrella. You only have one Dashboard and the configuration is super easy.

The downside is, up to now you only have the possibility to protect wireless users connected to your MRs. With the "regular" Umbrella license you can protect also your wired- or VPN-Users. And you have much more flexibility in your Umbrella configurations.

Another drawback with the MR Advanced license (that is the one including Umbrella). You have to use single device licensing which again can be a little more complex for your organisation.

Subscribe
In response to KarstenI
DarrenOC
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 1:32 AM
‎Sep 21 2020 1:32 AM

I personally don’t like the new Umbrella and MR license structure. Muddies the water slightly.

 

My preference would be to implement traditional Umbrella (which is the re-branded OpenDNS since Cisco acquired them).  This would give you more flexibility as you can then install the Umbrella roaming client.

 

 

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Subscribe
In response to DarrenOC
cyriel95
Getting noticed
‎Sep 21 2020 2:00 AM
‎Sep 21 2020 2:00 AM

Cisco U is a new version of OpenDNS? would it be better to just acquire the Cisco U license apart and add my my Meraki network to it?

0 Kudos
Subscribe
In response to cyriel95
KarstenI
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 2:08 AM
‎Sep 21 2020 2:08 AM

OpenDNS does not have any solution for enterprise customers. That is what Umbrella offers and what matches your use case.

You can integrate it with the MX when you run MX version 15 and have the security-license (SD-WAN is not needed). Or for all sites with VM-hosts, there are lightweight VMs that control the DNS-handling.

Subscribe
In response to KarstenI
cyriel95
Getting noticed
‎Sep 21 2020 3:02 AM
‎Sep 21 2020 3:02 AM

@KarstenI 

La version Mx 15? Licence de sécurité?
comment savoir si vous disposez de la licence de sécurité et quelle version du Mx vous utilisez.

0 Kudos
Subscribe
In response to cyriel95
KarstenI
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 3:19 AM
‎Sep 21 2020 3:19 AM

If you are not aware of your license, then it is very likely that you run the stable version. v15 is Beta and typically only used when a specific function is needed.

You see the versions on Security-Appliance -> Appliance status.

 

For the license, there are Enterprise, Advanced Security and SD-WAN. You need at least Advanced Security to integrate Umbrella into MX. You see your license under Organisation -> License Info.

 

I would go a phased approach:

1) Buy the Umbrella DNS Essentials license for the amount of users in your organisation.

2) Enroll two Umbrella VMs in your main office and configure them in regards to the Umbrella Documentation. When finished, all users in the Headquarter are protected.

3) Do you have Meraki APs? Then the next step is to integrate Umbrella into your SSID.

4) Now some more months are gone and you can decide how to go on for your branches. Either with dedicated Umbrella VMs or you decide that it is safe enough to go to MX15 and activate the native integration.

 

Subscribe
In response to KarstenI
cyriel95
Getting noticed
‎Sep 21 2020 6:06 AM
‎Sep 21 2020 6:06 AM

1mc.PNG

 

12mc.PNG

I have the business license would it not be possible to integrate with Cisco Um?
I use one of the Ubiquiti access points

0 Kudos
Subscribe
In response to cyriel95
DarrenOC
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 6:56 AM
‎Sep 21 2020 6:56 AM

Hi @cyriel95 , you won’t be able to integrate Umbrella with the MX with the Enterprise license.

 

you could request from Meraki support that they upgrade your Ent license to Adv Sec.  this will however cut your license Term in half.

 

 

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Subscribe
In response to DarrenOC
cyriel95
Getting noticed
‎Sep 21 2020 7:32 AM
‎Sep 21 2020 7:32 AM

thank you for the information

0 Kudos
Subscribe
In response to KarstenI
cyriel95
Getting noticed
‎Sep 21 2020 1:57 AM
‎Sep 21 2020 1:57 AM

i ask if should choose opendns or cisco U.
because I am looking for a way to set up a DNS for my network which works with Mx84 and Mx64.
 
I do not have the SD-WAN Security license, I would like to buy another Cisco U license to act as dns and I noticed that OpenDNS is free. 
0 Kudos
Subscribe
In response to cyriel95
DarrenOC
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 2:59 AM
‎Sep 21 2020 2:59 AM

Hi @cyriel95 , I’m sure you’ve read this one already but should you want to link Umbrella with your MX then you’ll need the Advanced Security License, MX also needs to be above 15.10 firmware.

 

https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Manually_Integrating...

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.