Today’s security appliances and agents must wait until malware reaches the perimeter or endpoint before they can detect or prevent it. Cisco Umbrella arrests attacks earlier in the kill chain. Enforcing security at the DNS-layer prevents a malicious IP connection from ever being established or a malicious file from ever being downloaded. This same DNS-layer of network security can contain malware and any compromised system from exfiltrating data. Command & control (C2) callbacks to the attacker’s botnet infrastructure are blocked over any port or protocol.