{"id":2909,"date":"2025-10-09T05:22:51","date_gmt":"2025-10-09T05:22:51","guid":{"rendered":"https:\/\/www.testkings.com\/blog\/?p=2909"},"modified":"2025-10-09T05:22:51","modified_gmt":"2025-10-09T05:22:51","slug":"understanding-cisco-umbrellas-cloud-delivered-firewall-capabilities","status":"publish","type":"post","link":"https:\/\/www.testkings.com\/blog\/understanding-cisco-umbrellas-cloud-delivered-firewall-capabilities\/","title":{"rendered":"Understanding Cisco Umbrella\u2019s Cloud Delivered Firewall Capabilities"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">In today\u2019s increasingly digital and distributed work environment, organizations face a growing challenge to secure users and devices regardless of their location. Traditional perimeter-based security architectures struggle to keep pace with modern threats, cloud adoption, and remote work trends. Cisco Umbrella Secure Internet Gateway (SIG) addresses these challenges by delivering comprehensive security services from the cloud. Among its many features, the Cloud-Delivered Firewall (CDFW) stands out as a critical component, enabling scalable, flexible, and centrally managed network security.<\/span><\/p>\n<h3><b>Overview of Cisco Umbrella Secure Internet Gateway (SIG)<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Cisco Umbrella SIG is a cloud-native platform designed to protect enterprises from internet threats by integrating multiple security capabilities. It provides organizations with the ability to enforce policies that control and secure internet access for users, regardless of whether they are on the corporate network or working remotely.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Some of the core features within Umbrella SIG include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>DNS-Layer Security:<\/b><span style=\"font-weight: 400;\"> This foundational layer blocks threats at the Domain Name System (DNS) level by preventing users from connecting to malicious domains, IPs, or URLs before a connection is even established.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Secure Web Gateway:<\/b><span style=\"font-weight: 400;\"> It inspects HTTP and HTTPS traffic, enforcing web access policies and filtering malicious content.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Cloud-Delivered Firewall:<\/b><span style=\"font-weight: 400;\"> This feature enforces firewall policies in the cloud, enabling organizations to filter traffic based on IP addresses, ports, protocols, and applications.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Cloud Access Security Broker (CASB):<\/b><span style=\"font-weight: 400;\"> Monitors cloud app usage and enforces security policies.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">By consolidating these functions within a single cloud service, Cisco Umbrella SIG simplifies security operations, reduces the need for multiple point products, and offers consistent protection everywhere users connect.<\/span><\/p>\n<h3><b>The Role of the Cloud-Delivered Firewall in Umbrella SIG<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The Cloud-Delivered Firewall is a key piece of the Umbrella SIG offering. Traditional firewalls, often deployed on-premises, can be costly to maintain, limited in scalability, and difficult to extend to remote or branch locations. Umbrella\u2019s CDFW addresses these challenges by moving firewall functionality to the cloud.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With Cloud-Delivered Firewall, organizations can enforce Layer 3 and Layer 4 policies that filter network traffic based on IP addresses, ports, and protocols. Beyond these traditional firewall controls, Umbrella\u2019s CDFW also provides Layer 7 capabilities that allow policies to be applied at the application layer. This means that administrators can block or allow specific applications\u2014such as social media platforms, file-sharing tools, or gaming apps\u2014offering granular control over user behavior.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By routing outbound traffic through Umbrella\u2019s cloud, organizations gain centralized visibility and control across all locations, including branch offices, remote users, and mobile devices. The cloud delivery model enables rapid scaling without the need for new hardware and reduces operational complexity.<\/span><\/p>\n<h3><b>Prerequisites for Deploying the Cloud-Delivered Firewall<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Before enabling the Cloud-Delivered Firewall, organizations must meet certain prerequisites to ensure smooth deployment and operation.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A central requirement is the establishment of a secure, persistent connection between the organization\u2019s network and Cisco Umbrella\u2019s cloud infrastructure. This connection is typically realized using an IPsec tunnel, which provides a secure path for all outbound traffic destined for inspection and policy enforcement.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Network devices such as Cisco Cloud Services Routers (CSR), Adaptive Security Appliances (ASA), Firepower Threat Defense (FTD) devices, or even cloud infrastructure like AWS can be configured to create these IPsec tunnels. Cisco provides detailed, platform-specific documentation to guide administrators through the configuration process.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Key steps and considerations for establishing the IPsec tunnel include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Tunnel Identification:<\/b><span style=\"font-weight: 400;\"> Assigning a unique name or identifier to the tunnel for management and monitoring.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Authentication and Encryption:<\/b><span style=\"font-weight: 400;\"> Using shared secrets or certificates to authenticate endpoints and encrypt data traversing the tunnel.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Routing Configuration:<\/b><span style=\"font-weight: 400;\"> Directing relevant traffic through the tunnel while maintaining normal routing for other destinations.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Failover and Redundancy:<\/b><span style=\"font-weight: 400;\"> Designing the tunnel setup to provide continuity during network outages or device failures.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Establishing the tunnel correctly is vital because it forms the backbone of the Cloud-Delivered Firewall functionality. Only traffic that traverses this tunnel can be inspected and filtered by Umbrella.<\/span><\/p>\n<h3><b>Configuration and Management via the Umbrella Dashboard<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Once the IPsec tunnel is operational, administrators use the Umbrella management dashboard to configure firewall policies. The dashboard provides an intuitive interface to create, modify, and monitor security policies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Initially, the Cloud-Delivered Firewall comes with a default policy that allows all outbound traffic. This baseline ensures no immediate disruption while administrators define their custom policies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Creating policies involves specifying criteria such as:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>IP Addresses and Subnets:<\/b><span style=\"font-weight: 400;\"> Defining source or destination IP addresses or ranges to which rules apply.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Ports and Protocols:<\/b><span style=\"font-weight: 400;\"> Filtering traffic based on Layer 4 parameters such as TCP\/UDP ports and protocols like HTTP, HTTPS, FTP, or DNS.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Applications:<\/b><span style=\"font-weight: 400;\"> Using Layer 7 application awareness to allow or block specific software or web applications.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Policies can be assigned priorities, and administrators can enable logging for each rule. Logging provides visibility into matched traffic and helps in auditing, troubleshooting, and refining policies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For example, an administrator might create a rule to block access to a specific IP address range known to be malicious. Enabling logging on this rule will allow the team to monitor attempts to access that range and evaluate potential security incidents.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Another common use case is controlling application usage. Organizations often need to restrict peer-to-peer file sharing applications such as BitTorrent due to security risks and bandwidth consumption. Umbrella\u2019s CDFW allows creating application-based rules to block such traffic seamlessly.<\/span><\/p>\n<h3><b>Testing and Validation of Firewall Policies<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">After policies are created, it is crucial to validate their effectiveness. This involves generating network traffic that matches specific rules and confirming that the traffic is blocked or allowed as intended.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The Umbrella dashboard provides real-time logging and historical data showing which rules were triggered and what actions were taken. This visibility enables administrators to quickly identify misconfigurations or policy gaps.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Continuous monitoring and fine-tuning of firewall policies ensure that the organization maintains an optimal balance between security and usability. Overly restrictive policies might block legitimate business traffic, while lax policies expose the network to risk.<\/span><\/p>\n<h3><b>Benefits of Cloud-Delivered Firewall in Modern Networks<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The Cloud-Delivered Firewall offers several advantages over traditional firewall models:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Scalability:<\/b><span style=\"font-weight: 400;\"> Because it is cloud-based, organizations can scale security capabilities quickly to match network growth or changing requirements without purchasing additional hardware.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Centralized Management:<\/b><span style=\"font-weight: 400;\"> All firewall policies are managed from a single dashboard, simplifying administration and ensuring consistency across distributed locations.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Extensibility:<\/b><span style=\"font-weight: 400;\"> New features and updates are delivered automatically, allowing organizations to stay ahead of emerging threats without manual upgrades.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Global Coverage:<\/b><span style=\"font-weight: 400;\"> Umbrella\u2019s extensive global infrastructure ensures low-latency inspection and policy enforcement wherever users connect.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Integration:<\/b><span style=\"font-weight: 400;\"> CDFW integrates tightly with other Umbrella SIG features, providing layered security and a holistic view of network activity.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">In summary, Cisco Umbrella Secure Internet Gateway with its Cloud-Delivered Firewall feature provides a modern, flexible, and scalable approach to enforcing network security policies. Establishing secure IPsec tunnels and configuring granular policies through the Umbrella dashboard are foundational steps in leveraging this technology. The cloud-delivered model aligns well with the needs of today\u2019s distributed and dynamic network environments.<\/span><\/p>\n<h2><b>IPsec Tunnel Setup and Configuration for Cisco Umbrella Cloud-Delivered Firewall<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">A critical step in deploying Cisco Umbrella\u2019s Cloud-Delivered Firewall (CDFW) is establishing a secure and reliable connection between your on-premises or cloud network infrastructure and the Umbrella cloud. This connection is typically created using an IPsec tunnel, which encrypts traffic between your network devices\u2014such as Cisco Cloud Services Routers (CSR), ASA firewalls, Firepower Threat Defense (FTD), or cloud gateways\u2014and Umbrella\u2019s global data centers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The IPsec tunnel ensures that all outbound traffic destined for inspection by Umbrella passes securely and reliably through the cloud firewall service. Setting up this tunnel correctly is essential to guarantee policy enforcement, security, and network performance.<\/span><\/p>\n<h3><b>Understanding the IPsec Tunnel Architecture<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">An IPsec tunnel creates a virtual private network (VPN) connection between two endpoints: your local device (the tunnel endpoint) and the Umbrella cloud gateway. This tunnel encapsulates and encrypts all traffic flowing between these points, preventing interception or tampering during transit.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Umbrella\u2019s cloud gateways are distributed worldwide, allowing your tunnel endpoint to connect to a nearby data center to minimize latency. Once the tunnel is established, your traffic is routed through Umbrella\u2019s infrastructure, where firewall policies, DNS filtering, and other security features inspect and enforce your organization\u2019s security posture.<\/span><\/p>\n<h3><b>Prerequisites for Tunnel Configuration<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Before configuring the IPsec tunnel, ensure the following prerequisites are met:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Your network device (CSR, ASA, FTD, etc.) supports IPsec VPNs and is running compatible software versions.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Network connectivity between your device and the internet is established, with appropriate routing and firewall rules to allow IPsec traffic.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">You have access to the Umbrella dashboard with sufficient privileges to create and manage network tunnels.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Necessary cryptographic credentials such as pre-shared keys or certificates are available.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<h3><b>Creating the IPsec Tunnel in the Umbrella Dashboard<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The first step is to configure the tunnel information in the Umbrella dashboard. Navigate to the \u201cNetwork Tunnels\u201d section, where you define a new tunnel with the following key parameters:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Tunnel Name:<\/b><span style=\"font-weight: 400;\"> A unique identifier for the tunnel, used for management and logging.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Tunnel Destination:<\/b><span style=\"font-weight: 400;\"> The IP address of your on-premises device\u2019s external interface that will terminate the IPsec tunnel.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Pre-shared Key (PSK):<\/b><span style=\"font-weight: 400;\"> A secret key used to authenticate the tunnel endpoints. This must be kept secure and matched on both sides.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Tunnel Identity:<\/b><span style=\"font-weight: 400;\"> Used to identify the tunnel in Umbrella logs and policy assignments.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Once created, Umbrella generates the necessary configuration details to be applied to your local device.<\/span><\/p>\n<h3><b>Configuring the Tunnel on Your Network Device<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Next, apply the tunnel configuration on your device. For example, when using a Cisco CSR router, the configuration involves:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Defining the crypto map specifying the IPsec parameters such as encryption algorithm (AES), hashing (SHA), and Diffie-Hellman group.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Setting the peer IP address to Umbrella\u2019s tunnel gateway.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Applying the pre-shared key for authentication.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Creating access control lists (ACLs) to define which traffic should be routed through the tunnel.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Associating the crypto map with the outbound interface connected to the Internet.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Umbrella provides detailed guides for other platforms, such as ASA, FTD, and cloud providers like AWS, to help with device-specific configurations.<\/span><\/p>\n<h3><b>Routing Considerations<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Once the tunnel is up, you must ensurethat\u00a0 traffic intended for inspection routes through it. This typically involves configuring static or dynamic routes on your device that direct outbound traffic destined for the internet or specific subnets through the tunnel interface.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This routing ensures that all relevant traffic is securely forwarded to Umbrella\u2019s cloud firewall for policy enforcement. Misconfiguration here can lead to traffic bypassing the tunnel and losing protection.<\/span><\/p>\n<h3><b>Tunnel Monitoring and Troubleshooting<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">After configuration, monitor the tunnel status to verify that it is up and stable. Most devices provide commands or dashboards to check tunnel health, uptime, and traffic statistics.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If the tunnel fails to establish, common troubleshooting steps include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Verifying pre-shared keys and authentication methods match on both ends.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Confirming network connectivity and that firewalls permit IPsec-related protocols (ESP, UDP 500 and 4500).<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Checking logs for negotiation failures or mismatched cryptographic parameters.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Ensuring routing is correctly configured on both ends.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Umbrella\u2019s dashboard also provides monitoring tools to track tunnel status and performance.<\/span><\/p>\n<h3><b>Benefits of Using IPsec Tunnels for CDFW<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Using IPsec tunnels to connect your network to Umbrella\u2019s Cloud-Delivered Firewall offers multiple advantages:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Security:<\/b><span style=\"font-weight: 400;\"> Encrypts all traffic between your device and Umbrella, ensuring confidentiality and integrity.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Reliability:<\/b><span style=\"font-weight: 400;\"> Provides a persistent, managed connection that supports consistent security enforcement.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Scalability:<\/b><span style=\"font-weight: 400;\"> Supports multiple tunnels from different sites, enabling distributed architectures.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Visibility:<\/b><span style=\"font-weight: 400;\"> Enables traffic identification by tunnel name in Umbrella logs and reporting, aiding analysis.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Establishing an IPsec tunnel is a foundational step in deploying Cisco Umbrella Cloud-Delivered Firewall. It enables secure, reliable routing of traffic from your network to Umbrella\u2019s cloud, where it is inspected and filtered according to your security policies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Proper tunnel setup involves careful configuration of tunnel parameters, cryptographic credentials, routing, and device-specific settings. Monitoring and troubleshooting tools help ensure ongoing tunnel health and performance.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With the tunnel in place, organizations can fully leverage Umbrella\u2019s cloud firewall capabilities to protect their networks with centralized, cloud-delivered policies.<\/span><\/p>\n<h2><b>Creating and Managing Firewall Policies in Cisco Umbrella Cloud-Delivered Firewall<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Once a secure IPsec tunnel has been established between your network devices and Cisco Umbrella\u2019s cloud infrastructure, the next crucial step is to configure firewall policies within the Umbrella management dashboard. These policies govern the flow of network traffic through the Cloud-Delivered Firewall (CDFW), enabling organizations to enforce precise security controls aligned with their business and compliance requirements.<\/span><\/p>\n<h3><b>Default Policy and Policy Framework<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">When you first enable the Cloud-Delivered Firewall feature, the Umbrella dashboard typically presents a default policy that allows all outbound traffic. This permissive baseline ensures that no immediate disruption occurs to network connectivity while administrators build tailored policies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco Umbrella\u2019s firewall policies operate on a rule-based framework. Each rule defines specific matching criteria and an action to take when traffic meets those conditions. Rules are evaluated sequentially, from highest to lowest priority, until a match is found. The corresponding action\u2014allow, block, or log\u2014is then applied to the traffic.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Administrators can create multiple policies and apply them to different network locations or groups, allowing for flexible and granular control over traffic flows.<\/span><\/p>\n<h3><b>Defining Policy Criteria<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Policies in the Umbrella Cloud-Delivered Firewall are highly customizable and can filter traffic based on a variety of attributes across multiple network layers:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Layer 3 (Network Layer):<\/b><span style=\"font-weight: 400;\"> Policies can filter traffic by source or destination IP addresses or subnets. This is useful for controlling access to specific network segments or blocking traffic to known malicious IPs.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Layer 4 (Transport Layer):<\/b><span style=\"font-weight: 400;\"> Policies may specify TCP or UDP ports and protocols. This allows blocking or permitting traffic on specific services such as HTTP (port 80), HTTPS (port 443), FTP, or custom application ports.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Layer 7 (Application Layer):<\/b><span style=\"font-weight: 400;\"> Umbrella\u2019s CDFW supports application-level filtering, which identifies and controls traffic based on the application generating it. This enables organizations to block or limit the use of specific applications, such as peer-to-peer file sharing, social media, or messaging apps.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">By combining these criteria, organizations can craft fine-grained policies that align tightly with security objectives.<\/span><\/p>\n<h3><b>Creating and Enabling Policies<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">To create a firewall policy rule:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Navigate to the Firewall Policies section in the Umbrella dashboard.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Add a new rule and specify the match conditions. For example, set the destination IP or subnet, ports, protocols, and\/or applications.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Choose the desired action\u2014commonly to allow or block the matched traffic.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Enable logging if you want to capture details of traffic matching the rule. Logging is valuable for auditing, monitoring policy effectiveness, and forensic analysis.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Assign the rule a priority to determine its order in the evaluation sequence.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Apply the rule to specific network locations or groups, allowing differentiated policy enforcement across your environment.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ol>\n<h3><b>Example Use Case: Blocking Malicious IPs<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Consider an organization that wants to block access to a particular IP address associated with malicious activity. An administrator would create a rule specifying the destination IP to block, set the action to \u201cblock,\u201d enable logging to monitor attempts, and assign the rule to relevant locations.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Once enabled, any traffic destined for that IP from users in those locations is dropped by Umbrella\u2019s cloud firewall. Administrators can view logs confirming the rule was hit and investigate further if needed.<\/span><\/p>\n<h3><b>Example Use Case: Application Control<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">In another scenario, an organization may want to prevent the use of file-sharing applications like BitTorrent due to security and bandwidth concerns. Using Umbrella\u2019s Layer 7 capabilities, an administrator creates a rule to block the BitTorrent application traffic.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This application-aware filtering allows the organization to enforce corporate policies effectively, regardless of IP or port obfuscation often used by such applications.<\/span><\/p>\n<h3><b>Monitoring and Reviewing Firewall Logs<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Logging is a vital feature in managing firewall policies. When enabled, the Umbrella dashboard collects detailed information about traffic matching firewall rules. These logs include source and destination IPs, ports, protocols, applications, timestamps, and the action taken.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Administrators can use these logs to:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Verify that policies are functioning as intended.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Detect attempts to access blocked resources.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Identify unusual traffic patterns or potential threats.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Provide evidence for compliance audits.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Umbrella\u2019s centralized dashboard consolidates logs across all sites, simplifying oversight in distributed environments.<\/span><\/p>\n<h3><b>Policy Optimization and Maintenance<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Firewall policies are living configurations that require ongoing review and refinement. As the threat landscape evolves and business needs change, administrators should regularly:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Analyze firewall logs to identify false positives or negatives.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Adjust rule priorities or conditions to improve accuracy.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Add new rules to address emerging threats or applications.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Remove obsolete policies to reduce complexity.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">This proactive management ensures that the Cloud-Delivered Firewall continues to provide effective protection without impacting legitimate network usage.<\/span><\/p>\n<h3><b>Integration with Other Umbrella Features<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The Cloud-Delivered Firewall works in concert with other Umbrella SIG components such as DNS-layer security and Secure Web Gateway. This layered approach provides comprehensive coverage\u2014blocking threats early at the DNS layer and applying deeper inspection and control at the firewall level.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By correlating firewall logs with DNS and web gateway data, security teams gain a holistic view of network activity and potential risks, enabling faster detection and response.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In summary, creating and managing firewall policies within Cisco Umbrella Cloud-Delivered Firewall empowers organizations to enforce granular, scalable, and cloud-managed network security. From blocking malicious IP addresses to controlling application usage, administrators have the flexibility and visibility needed to protect their networks effectively.<\/span><\/p>\n<h2><b>IPsec Tunnel Setup and Configuration for Cisco Umbrella Cloud-Delivered Firewall<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The foundation of deploying Cisco Umbrella Cloud-Delivered Firewall (CDFW) lies in establishing a secure, reliable connection between your network infrastructure and Umbrella\u2019s cloud environment. This connection is typically implemented using an IPsec tunnel. IPsec tunnels create an encrypted path that securely routes traffic through Umbrella\u2019s cloud where firewall policies and other security controls can be applied. Understanding the architecture, requirements, and configuration steps for this tunnel is essential for a successful deployment.<\/span><\/p>\n<h3><b>Understanding the Purpose of the IPsec Tunnel<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The IPsec tunnel serves as a secure conduit between your local network devices\u2014such as Cisco Cloud Services Routers (CSR), Cisco ASA firewalls, Firepower Threat Defense (FTD) devices, or cloud gateways\u2014and Umbrella\u2019s cloud security nodes. Traffic from your network destined for internet access or inspection is routed through this tunnel, ensuring that it is protected by Umbrella\u2019s firewall, DNS-layer security, and other features.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This approach enables consistent security enforcement regardless of the user\u2019s physical location or device. Because Umbrella is a cloud service with data centers around the globe, your traffic is directed to the nearest cloud node, minimizing latency and optimizing performance.<\/span><\/p>\n<h3><b>Pre-Deployment Requirements<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Before configuring the tunnel, several prerequisites must be in place:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Compatible Network Devices:<\/b><span style=\"font-weight: 400;\"> Your on-premises or cloud devices must support IPsec VPN tunnels and be compatible with Cisco Umbrella\u2019s requirements.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Network Connectivity:<\/b><span style=\"font-weight: 400;\"> Proper internet connectivity must exist to establish tunnels to Umbrella\u2019s global nodes. Relevant ports (UDP 500 and 4500 for IPsec) must be open and accessible.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Credentials and Authentication:<\/b><span style=\"font-weight: 400;\"> A secure method of tunnel authentication such as a pre-shared key (PSK) or certificates must be established and securely shared between your device and Umbrella.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Routing Infrastructure:<\/b><span style=\"font-weight: 400;\"> Appropriate routing must be planned to send traffic destined for Umbrella through the tunnel and to route return traffic correctly.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Umbrella Dashboard Access:<\/b><span style=\"font-weight: 400;\"> Administrative access to Umbrella\u2019s web-based management console is necessary to create tunnel configurations and manage policies.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<h3><b>Creating the Tunnel Configuration in the Umbrella Dashboard<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Begin by logging into the Umbrella management portal and navigating to the network tunnels section. Here, you create a new tunnel configuration that includes:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Tunnel Name:<\/b><span style=\"font-weight: 400;\"> Choose a descriptive name to identify the tunnel within Umbrella.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Tunnel Destination IP:<\/b><span style=\"font-weight: 400;\"> The public IP address of your device\u2019s interface that will terminate the IPsec tunnel.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Pre-shared Key:<\/b><span style=\"font-weight: 400;\"> A secure passphrase used to authenticate the tunnel endpoints.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Additional Settings:<\/b><span style=\"font-weight: 400;\"> Depending on your device type, you may specify additional parameters such as interface bindings or traffic selectors.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Once configured, Umbrella generates details that you will replicate on your local device to complete the tunnel setup.<\/span><\/p>\n<h3><b>Configuring the IPsec Tunnel on Network Devices<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Each supported device has a specific method to configure IPsec tunnels. For example:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Cisco CSR Router:<\/b><span style=\"font-weight: 400;\"> Use CLI commands to define crypto maps, set encryption and hashing algorithms (e.g., AES-256, SHA), configure Diffie-Hellman groups, and bind the crypto map to an interface.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Cisco ASA Firewall or FTD:<\/b><span style=\"font-weight: 400;\"> Utilize ASDM or CLI to define tunnel groups, set pre-shared keys, configure crypto policies, and set traffic selectors.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Cloud Gateways (e.g., AWS):<\/b><span style=\"font-weight: 400;\"> Configure virtual private gateways and customer gateways, establish VPN connections, and ensure routing is correct.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Key configuration elements include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>IKE Phase 1 and Phase 2 Parameters:<\/b><span style=\"font-weight: 400;\"> Define the cryptographic methods and keys used to establish the tunnel.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Tunnel Interfaces:<\/b><span style=\"font-weight: 400;\"> Assign IP addresses to virtual tunnel interfaces if applicable.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Access Control Lists:<\/b><span style=\"font-weight: 400;\"> Specify which traffic should be encrypted and sent through the tunnel.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Routing:<\/b><span style=\"font-weight: 400;\"> Ensure that routes for traffic to be protected point to the tunnel interface or crypto map.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Umbrella\u2019s documentation provides detailed, device-specific configuration guides and sample scripts to assist administrators.<\/span><\/p>\n<h3><b>Routing and Traffic Considerations<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Proper routing is crucial to ensure that the intended traffic flows through the IPsec tunnel to Umbrella. Typically, all outbound internet traffic or specific subnets are routed via the tunnel interface. This may require adjusting default routes or implementing policy-based routing.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Traffic destined for local network segments or other VPNs should bypass the tunnel to avoid routing loops or unnecessary encryption.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It is essential to validate that return traffic from Umbrella\u2019s cloud nodes can flow back to your network without obstruction. This involves ensuring firewall rules and NAT policies accommodate the tunnel traffic.<\/span><\/p>\n<h3><b>Tunnel Monitoring and Troubleshooting<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">After configuration, monitoring the tunnel\u2019s status confirms connectivity and security. Common monitoring methods include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Device CLI Commands:<\/b><span style=\"font-weight: 400;\"> Commands such as <\/span><span style=\"font-weight: 400;\">show crypto isakmp sa<\/span><span style=\"font-weight: 400;\"> and <\/span><span style=\"font-weight: 400;\">show crypto ipsec sa<\/span><span style=\"font-weight: 400;\"> display tunnel status, packet counts, and error conditions.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Umbrella Dashboard:<\/b><span style=\"font-weight: 400;\"> Displays tunnel health, traffic statistics, and alerts for connectivity issues.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Syslogs and SNMP:<\/b><span style=\"font-weight: 400;\"> Configure logging to capture detailed tunnel events for deeper analysis.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">If tunnels fail to establish or drop unexpectedly, troubleshooting steps include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Verifying pre-shared keys and authentication settings.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Checking that required ports and protocols (UDP 500, UDP 4500, ESP) are allowed.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Reviewing encryption algorithms and ensuring both endpoints use compatible settings.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Confirming routing configurations and absence of NAT issues on the tunnel path.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Examining logs for specific errors or negotiation failures.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<h3><b>High Availability and Redundancy<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">For critical deployments, it is recommended to configure multiple tunnels for redundancy. This may involve:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Establishing secondary IPsec tunnels to alternate Umbrella nodes or using multiple ISP connections.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Load balancing traffic across tunnels to improve performance and resilience.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Using device features like Cisco\u2019s DMVPN or FlexVPN for dynamic failover.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Umbrella\u2019s cloud architecture inherently provides high availability, but your network design must complement this with robust tunnel configurations.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The IPsec tunnel is the secure backbone that connects your network to Cisco Umbrella\u2019s Cloud-Delivered Firewall service. Establishing this tunnel involves careful planning, device-specific configuration, routing adjustments, and ongoing monitoring to maintain a secure and reliable connection.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By adhering to Umbrella\u2019s guidelines and best practices, organizations ensure that all outbound traffic is inspected and filtered by Umbrella\u2019s cloud security stack, providing consistent protection regardless of user location.<\/span><\/p>\n<h2><b>Final Thoughts<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Cisco Umbrella\u2019s Cloud-Delivered Firewall represents a significant evolution in network security, shifting firewall enforcement from traditional on-premises appliances to a scalable, cloud-native platform. This transformation enables organizations to apply consistent, granular security policies across all users and devices, regardless of their physical location.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Throughout this series, we explored the foundational elements of deploying Umbrella\u2019s Cloud-Delivered Firewall: understanding the role and benefits of the service, establishing secure IPsec tunnels to connect your network to Umbrella\u2019s cloud, and creating tailored firewall policies that govern network traffic at multiple layers, including application-level controls.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The cloud-delivered model simplifies management, reduces capital expenditures on hardware, and leverages Umbrella\u2019s global infrastructure to ensure low latency and high availability. It also integrates seamlessly with Umbrella\u2019s broader Secure Internet Gateway capabilities, providing comprehensive protection against modern threats.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Successful deployment depends on careful planning\u2014ensuring prerequisites are met, IPsec tunnels are properly configured and monitored, and firewall policies are thoughtfully crafted and continuously refined. Logging and visibility into traffic flows empower security teams to make informed decisions and respond swiftly to incidents.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As organizations continue to adapt to increasingly dynamic work environments and sophisticated cyber threats, leveraging cloud-delivered security services like Cisco Umbrella\u2019s firewall will be critical. It offers the flexibility, scalability, and comprehensive protection necessary to secure modern networks effectively.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In today\u2019s increasingly digital and distributed work environment, organizations face a growing challenge to secure users and devices regardless of their location. Traditional perimeter-based security [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-2909","post","type-post","status-publish","format-standard","hentry","category-post"],"_links":{"self":[{"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/posts\/2909","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/comments?post=2909"}],"version-history":[{"count":1,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/posts\/2909\/revisions"}],"predecessor-version":[{"id":2910,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/posts\/2909\/revisions\/2910"}],"wp:attachment":[{"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/media?parent=2909"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/categories?post=2909"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/tags?post=2909"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}