Issue link: https://insights.oneneck.com/i/1093615
CHAPTER 4 Deploying Cisco Ransomware Defense 29 These materials are © 2017 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. "We encountered significant issues that caused concern as to the product's viability in our environment, starting with Internet function- ality." Notes Hancock, "Our team received a lot of feedback from users who were dissatisfied with Internet service, which was attributed to both the cloud service and the endpoint client on users' machines." "Outside of that," he continues, "the feature set was inconsistent with our needs and there was widespread difficulty throughout the team around administration. This meant we had to provide a lot of training to support very detailed, nonintuitive management of policies and various components." "After an issue-laden North American deployment, our network was down on a regular basis. The unreliability of having no Internet for hours at a time reflected unfavorably on our team, and was not resolvable through the product's support channels," Hancock explains. "Finally, [the vendor] suggested we abandon our migration to the cloud in favor of virtual appliances, which required redirection of traffic from more than 50 global locations, which was undesirable and in some cases not possible." "That's when I raised my hand and said, 'the only way to solve this problem is Cisco Umbrella, and I can have it deployed and protecting our global network within six weeks.' After investing so much in a solution that didn't work for us, we were ready for a solution I knew from previous experience would succeed: Umbrella." The results: Drastic reduction in ransomware After an easy deployment, Octapharma saw immediate results. "Since we put Umbrella in place, we've had no web security compromises," Hancock says. "We have drastically reduced our exposure to ransomware, and since deploying Umbrella, we have not been a victim of ransomware as a result of clicking a malicious link. We actually see tens of thousands of blocks per week due to security policy; that doesn't count blocks based on category policies," he adds. "We have covered a great risk in the web attack vector of ransomware, and greatly improved our user experience in regards to Internet connectivity." (continued)