cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX Group Policy and Umbrella

Getting noticed

MX Group Policy and Umbrella

Hi All,

 

We are looking at implement MX appliances and Cisco Umbrella as a move to a SDWAN solution.

 

I have a couple of questions and I'm hoping the collect maybe able to answer.

 

1. Do you need layer 7 firewall rules if you have the DNS layer protection (Cisco Umbrella) option enabled?

2. If you do need layer 7 firewall rules with the DNS layer protection (Cisco Umbrella) option enabled which take priority?

 

Thanks

2 REPLIES 2
Kind of a big deal

Re: MX Group Policy and Umbrella

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Manually_Integrating_...

will answer all your questions 🙂

 

1) No, you don't need L7 rules active

2) As far as I'm informed, Umbrella policy will be handled before L7 kicks in. Makes perfect sense as "analysing" DNS requests is way less ressource intensive compared to hitting L7 rules.

Getting noticed

Re: MX Group Policy and Umbrella

Cheer CptnCrnch

 

I was hope it would be that way.

 

Umbrella is more flexible by the looks of it and as we can manage all the rules in one place.

 

Thanks

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.