Is cisco umbrella professional [openDNS] a replacement of anti malware

Is cisco umbrella professional [openDNS] a replacement of anti malware, or is it still needed something like anti malwarebytes
LVL 3
Abraham DeutschIT professionalAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Yuri SpirinSystems IntegrationCommented:
DNS service is not a replacement for antimalware. It just adds some layers of security by filtering DNS requests from your network to known malicious sites such as botnet command & control  centers. But if such requests are made from your net it means that the malware is already on your workstations or servers and tries to connect to CC or whatever. DNS filtering may help you to avoid download of malware from malicious sites but it can not help if malware comes to workstation on a flash drive for example.
btanExec ConsultantCommented:
It checks the DNS traffic as mostly malware will make that first call and it can be detected early.
Umbrella is not seeking to replace products that try to detect threats by spotting what they look like. Our approach is to block the DNS queries to Internet infrastructure that are used to deliver malware. We find that attackers often reuse the same domain names, DNS nameservers, and IP address spaces to deliver many malware variants and different attacks.
https://umbrella.cisco.com/use-cases/advanced-malware-protection

But it does not stop direct IP access to attacker mothership.

Ultimately the last line of defence is your machine which need the anti malware as baseline security layer. There is more needed in yhe machine.

 The OpenDNS is another Layer to detect in case there is bypass or missed check at the endpoint.
Today, mobile employees bypass their VPN agents for a variety of reasons. If VPNs are not always on, traffic will not always pass over the network’s perimeter where you have deployed security appliances. The only remaining defense for these employees’ devices is traditional endpoint anti-malware, which does not protect against advanced attacks.
Most appropriate to have layer of defense and extend advanced threat protection beyind just endpoint protection especially if you cannot take the extreme strategy to physically separate Internet and intranet network totally.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Abraham DeutschIT professionalAuthor Commented:
Thank you
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.