Cisco Umbrella on the MX

Getting noticed

Cisco Umbrella on the MX

When you configure the DHCP on the Meraki you can select Cisco Umbrella as your DNS server, which is free 


And there is an option in the threat defense to enable the Cisco Umbrella and i assume your to be subscribe with Cisco Umbrella to enable this feature


My question is what's the difference and benefit if use the Cisco Umbrella if i have the advance security licenses and the threat protections enabled Advanced Malware Protection (AMP), Intrusion detection and prevention, and Content Filtering?



Kind of a big deal

Hi @HaniAbuelkhair4 


The big difference between the first two options (free umbrella by pointing your DNS to their umbrella servers and subscription) is reporting and policy granularity.  You simply don’t get any reporting or configurable options with the free version.


Below are the differences in Meraki MX licenses:

Darren O'Connor |

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Here to help

Cisco Umbrella is the power version of the free OpenDNS that Cisco acquired awhile back.  Cisco Umbrella provides DNS content filtering that goes (in my opinion) above and beyond the content filtering of Meraki.  Meraki's content filtering is good, but if you need something with much more granular control, take a look at Cisco Umbrella.  Note, that if you are a K-12 institution, you may qualify for Cisco Umbrella for Education.

Head in the Cloud

The option to use Umbrella DNS servers natively without an Umbrella or Advanced Security Subscription (MR) just gives you the ability to use Umbrella DNS servers as recursive DNS service for your DHCP clients.


If you were to buy an Umbrella /Advanced Security Subscription (MR) subscription you could have the ability to create enforcement policies/reporting to block or report on certain domains etc.


The benefit over the traditional Meraki MX content filtering is that Umbrella can protect your network clients regardless of the network they are connecting to (Not just behind the MX - There's a roaming client ability to be deployed on user machines.). In addition, it provides much more detailed reporting and also sets up an easy roadmap to migrate to a full SASE architecture.



Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.