#1 Mar-27-13

Company Overview

Dima Kumets, Product Manager dima@opendns.com

Service: Cloud Web Filtering and Malware Protection Aruba Instant Integration + Certified for Interop on Campus and RAP

Infrastructure: 13 data centers, 100% uptime

Security Product Line: New security service - Umbrella by OpenDNS (November 2012)

#2 Mar-27-13

Company Overview

Dima Kumets, Product Manager dima@opendns.com

Agenda •  Challenges in security in EDU •  Umbrella technical overview •  Umbrella dashboard •  Q&A

#3 Mar-27-13

1_Light Title Only

#3 Mar-27-13 Umbrella Confidential

IT for Education has changed

TODAY

WI-FI EVERYWHERE

LAPTOPS AND BYOD

MULTI OS AND PLATFROM

EXPLODING BANDWIDTH

ROAMING USERS

PAST

COMPUTER LABS

MANAGED DESKTOPS

SINGLE PLATFORM

LIMITED BANDWIDTH

100% ON PREM

#4 Mar-27-13 #4 Mar-27-13 Umbrella Confidential

Challenges in Education IT

Needs Challenges

Laptops roaming off premises

BYOD

High Performance

Growing bandwidth

CIPA Compliance

Malware Botnets

#5 Mar-27-13

1_Light Title Only

#5 Mar-27-13 Umbrella Confidential

Security – in the past

Got a problem? Buy a box.

Increasing bandwidth? Add a box

New campus? Add a box

Increased enrollment? Add a box

Box too slow? Add a box

Adding more servers? Add a box

More reports to store? Add a box

Boxes start to break? Add a box

New ports to protect? Add a box

Managing too many boxes? Add a box to manage boxes

#6 Mar-27-13

Security Appliances Growing demands are putting IT on a security appliance treadmill

And your users? They've left the building.

#7 Mar-27-13

What is Umbrella?

Malware and Botnet protection with

BYOD support and AD Integration

Roaming protection for employees and

students

Web filtering for any device connecting to

guest Wi-Fi

Mobile Protection for iOS and Android

Web filtering 59+ categories, blacklists, whitelists and bypass feature.

Web dashboard easy to use, manage policy, deploy new identities and view reports anywhere

Malware and botnet protection prevents infection and blocks bots from reaching command & control points.

Zero downtime since launch in 2006 with global data centers and bgp routing

#8 Mar-27-13

OpenDNS Enterprise – Global Network

Globally distributed servers at 13 PoPs with more planned using Anycast IPs with BGP routing and the best peering in the industry.

Built from the ground-up for reliability and 100% uptime.

Sao Paulo, BR Datacenter TBD

Palo Alto, US Switch & Data

Seattle, US The Westin Building

Los Angeles, US Equinix Los Angeles

New York, US 111 8th Ave

Ashburn, US Equinix Ashburn

Miami, US Nap of the Americas

Chicago, US 350 E. Cermak

Dallas, US Dallas Infomart

London, UK Telehouse North

Amsterdam, NL TeleCity 1

Frankfurt, DE Equinix Frankfurt

Point of Presence (PoP) Private Peering Datacenter

TODAY

PLANNED

Hong Kong, HK Mega iAdvantage

Tokyo, JP Datacenter TBD

Singapore, SG Equinix Singapore

Sydney, AU Datacenter TBD

#9 Mar-27-13

Cloud Architecture: Under the hood

Campus NetworkInternet

Custom Block Page

Malware, BotnetAUP Violations

Permitted DomainDNS Response

DNS Query

Roaming Users

No bottlenecks

ReportingPolicy

Real-TimeThreats

Real-time Threats and domain categorization is 100% in the cloud.

No bottlenecks DNS with protection is faster than plain ISP or carrier DNS.

Unprecedented Scale No bandwidth constraints or sizing guides.

Full coverage Any and all devices on the network. Roaming users protected using lightweight agent.

#10 Mar-27-13

Umbrella Enterprise for EDU

Network Wide Coverage •  Protection for any device connecting to the campus network •  IT managed devices with zero touch deploy •  Full BYOD coverage including Mac, Windows, tablets, game consoles, etc •  Block page bypass – allow privileged users to bypass blocking without software •  Deploy in minutes

Interoperability certified

•  Enter External IP range in Umbrella dashboard

•  Set DHCP DNS to our IPs

Alt - forward :53 to OpenDNS IPs Aruba Campus

Integrated

• OpenDNS login in Virtual controller

Virtual controller self configures using API calls to Umbrella

Aruba Instant

Local recursive DNS

• Forward DNS to OpenDNS

• Enter External IP range in Umbrella dashboard

Local DNS Cache with OpenDNS Local DNS

#11 Mar-27-13

Umbrella Insights for EDU

Active Directory Integration •  Group based policy with ranked rules •  Per-user reporting with roll-ups per group and organization wide •  Full coverage. Non-AD users protected with default policy •  Internal IP/IP range based rules available •  Pre-configured VM, Connector and config files downloaded from dashboard

Insights

•  Linux VM for VMWare ESXi – forwards DNS •  Connector on DC – cloud sync for users

+groups •  Pre-configured downloads •  Monitoring from Umbrella Dashboard

Active Directory Group

#12 Mar-27-13

Umbrella Everywhere for EDU

Off Network Protection •  Lightweight agent for Windows and Mac •  Identification only via EDNS – all policy and lists are in the cloud •  Location aware policy – allows different policy on-network vs roaming •  Security without performance impact •  Deploy using GPO or RMM in minutes msiexec /i RoamingClient_WIN.msi /qn ORG_ID=<Organization> ORG_FINGERPRINT=<hash> USER_ID=<who is deploying>HIDE_UI=<0 or 1 for systray icon and notifications>

Windows

•  Small MSI •  Runs as a service •  CLI or interactive install

Windows Agent

Mac

• Small pkg • Runs as a service • CLI or interactive install

OS X Agent

#13 Mar-27-13

Umbrella Everywhere for EDU

Mobile Protection •  VPN profile for iOS devices •  Deployed via app or MDM •  Full encryption to protect against man in themiddle •  Policy enforcement in the cloud

iOS

•  VPN profile •  Optional App

iOS

Android

• Beta soon • Encryption and malware

protection

Android

#14 Mar-27-13

Umbrella: Customer Highlights

RETAIL & GUEST WI-FI

COLLEGES & UNIVERSITIE

S

MSP & MANAGED

WI-FI

K-12 SCHOOLS

ENTERPRISES &

SMBs

#15 Mar-27-13

Case Study: Network Maine

Protected: 188,000+ students at 1,000+ schools and libraries in Maine Customer since: 2010 Why they’re using Umbrella: Protection against malware and botnets, web filtering, CIPA Compliance Problem: Hardware solution scaling issues with growing adoption and bandwidth

WHAT THEY’RE SAYING Our previous content filtering solution was the Achilles heel for the network. Anytime it had a performance problem it was felt everywhere since all http traffic went through these appliances. With Umbrella Enterprise we no longer have to worry about performance or scalability. — Jeff Letourneau, Executive Director

#16 Mar-27-13

Case Study: George Washington University

Protected: 25,000 students, 1,600 full-time staff, 3 campuses, many satellite locations. Customer since: 2011 Why they’re using Umbrella: Protection against malware and botnets, elimination of appliance management and maintenance, thorough yet easy-to-manage network protection at multiple locations Problem: Finding a powerful solution to fight the increase in malware infections. Appliances required too much time to manage and scale.

WHAT THEY’RE SAYING Rather than having to put one-off rules into an appliance to allow for exceptions, we can easily assign local technical people the authority to change rules on their own networks in Umbrella. — Matthew Wollenweber, Senior Computer Forensics Information Security System Engineer

Umbrella Dashboard Configure

#18 Mar-27-13

Umbrella Dashboard - Policy

#19 Mar-27-13

Umbrella Dashboard - Identity

#20 Mar-27-13

Umbrella Dashboard - Identity

#21 Mar-27-13

Umbrella Dashboard - Identity

#22 Mar-27-13

Umbrella Dashboard – Security

#23 Mar-27-13

Umbrella Dashboard - Categories

#24 Mar-27-13

Umbrella Dashboard – Blacklist/Whitelist

#25 Mar-27-13

Umbrella Dashboard - Customization

Umbrella Dashboard Reporting

#27 Mar-27-13

Umbrella Dashboard - Reporting

#28 Mar-27-13

Umbrella Dashboard - Reporting

#29 Mar-27-13

Umbrella Dashboard - Reporting

#30 Mar-27-13

Umbrella Dashboard - Reporting

OpenDNS Confidential

Q&A Contact: Dima Kumets, Product Manager - dima@opendns.com

Free Trial for Airheads – salesinfo@opendns.com