MX Group Policy and Umbrella

SOLVED
BBDave
Getting noticed

MX Group Policy and Umbrella

Hi All,

 

We are looking at implement MX appliances and Cisco Umbrella as a move to a SDWAN solution.

 

I have a couple of questions and I'm hoping the collect maybe able to answer.

 

1. Do you need layer 7 firewall rules if you have the DNS layer protection (Cisco Umbrella) option enabled?

2. If you do need layer 7 firewall rules with the DNS layer protection (Cisco Umbrella) option enabled which take priority?

 

Thanks

1 ACCEPTED SOLUTION
CptnCrnch
Kind of a big deal
Kind of a big deal

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Manually_Integrating_...

will answer all your questions 🙂

 

1) No, you don't need L7 rules active

2) As far as I'm informed, Umbrella policy will be handled before L7 kicks in. Makes perfect sense as "analysing" DNS requests is way less ressource intensive compared to hitting L7 rules.

View solution in original post

2 REPLIES 2
CptnCrnch
Kind of a big deal
Kind of a big deal

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Manually_Integrating_...

will answer all your questions 🙂

 

1) No, you don't need L7 rules active

2) As far as I'm informed, Umbrella policy will be handled before L7 kicks in. Makes perfect sense as "analysing" DNS requests is way less ressource intensive compared to hitting L7 rules.

Cheer CptnCrnch

 

I was hope it would be that way.

 

Umbrella is more flexible by the looks of it and as we can manage all the rules in one place.

 

Thanks

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels