Cisco Umbrella (formerly known as OpenDNS) is a cloud-delivered secure internet gateway that stops current and emergent threats over all ports and protocols. It blocks access to malicious domains, URLs, IPs, and files before a connection is established or a file is downloaded. The BlueApp for Cisco Umbrella provides functional support to easily ingest data from Cisco Umbrella to USM Anywhere for analysis, and to enable orchestration for triggering actions within Cisco Umbrella based on risks identified in USM Anywhere. The BlueApp leverages two features from Cisco Umbrella:Documentation Index
Fetch the complete documentation index at: https://docs.levelblue.com/llms.txt
Use this file to discover all available pages before exploring further.
- Amazon Simple Storage Service (S3) log management: The BlueApp collects Cisco Umbrella logs through an Amazon S3 bucket.
- Enforcement API: The BlueApp sends response actions to Cisco Umbrella based on the malicious records identified by USM Anywhere.
Note: As the BlueApp for Cisco Umbrella relies on Amazon S3 buckets, it is only compatible if your sensor is deployed in an AWS environment.
Note: If you are using the old Cisco Umbrella packages (Professional, Insights, and Platform), only the Platform package supports both features. The Insights package does not support Enforcement API, while the Professional package does not support either. Therefore, to fully integrate with the BlueApp, you need to have the Platform package.
Warning: If the BlueApp fails and you receive a message informing you that it has not been loaded, please contact LevelBlue Technical Support to solve the problem.