Cisco Umbrella with the Netskope Client

Bypass Umbrella Processes for Umbrella DNS-based Protection

This step is done for Umbrella components running on the host, but even if the Umbrella user is just redirecting via virtual appliances while on-premises, it’s not a bad idea to have these bypasses in place. This will prevent Netskope from intercepting any traffic from the DNSCrypt component of Umbrella, as well as ensure that no traffic bound to the Umbrella dashboard (for things like updating status/operation) is intercepted by Netskope.

  • For Windows AND MacOS Umbrella RC, create a single Cert-Pinned App with the following listed as processes:

    • For the Umbrella DNScrypt process: dnscrypt-proxy.exe, soon to be dnscryptproxy.exe as of 2.3+ of the Umbrella Roaming Client.

    • For the Umbrella RC process: ercservice.exe.

    • For the Anyconnect with the Umbrella Roaming Module: acumbrellaagent.exe.

Watch this Short Video to see how to create these exceptions (required MacOS processes are shown in video).