We performed a comparison between Cisco Secure Endpoint and Cisco Umbrella based on real PeerSpot user reviews.
Find out in this report how the two Cisco Security Portfolio solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
"Definitely, the best feature for Cisco Secure Endpoint is the integration with Talos. On the backend, Talos checks all the signatures, all the malware, and for any attacks going on around the world... Because Secure Endpoint has a connection to it, we get protected by it right then and there."
"The most valuable feature is signature-based malware detection."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The product provides sandboxing options like file reputation and file analysis."
"The solution's integration capabilities are excellent. It's one of the best features."
"The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP. It has behavioral analytics, so you can be more proactive toward zero-day threats. I found that quite good."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"The agent that gets installed on the endpoints or on people's laptops and devices is a Cisco AnyConnect Umbrella module. It's one of the most impressive things because you are able to protect your users anywhere they are."
"One of the most important features is the security posture check which Umbrella offers when a user accesses any website. That is one of the most unique features that it offers."
"Threats never come close to your network with security at the DNS level."
"The most valuable features of this solution are the Web Filtering and the APT."
"We like Cisco Umbrella because of DNS security. It's one step ahead of whatever we are using for regular web filtering. In that way, it's more secure than other web filtering products."
"Helps block personal email accounts."
"The customer experience is very good, and the product improves security posture."
"Cisco Umbrella is such a solution and can be implemented very fast and easy. All that we must do is redirect the DNS registers in their routers, or the active directory service of the enterprise that are going to use in Umbrella services. If you buy the service now, in two hours you are protected by the service because it's very fast to put in service."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"Logging could be better in terms of sending more logs to Cisco Firepower or Cisco ASA. That's an area where it could be made better."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"Some countries don't have a DNS server leading to a domain resolution IP, not at a local level."
"I would like for them to continue building on IPS and IDS functionalities."
"I would like to see DLP integration in the next release of this solution."
"I feel that the application needs other characteristics that are available with other applications in the market."
"I am unsure if Cisco Umbrella offers a Windows option for running the server."
"It should have a real-time malware classification engine. It should check the malware on the website. It would be good if it had a real-time malware check for the websites because currently, it just compares the DNS queries of the blacklist. It should also have malware control over file execution and the types of files that the users are allowed to download."
"It has happened in the past that Cisco Umbrella has denied us access to secure websites."
"It would be good to have more extensions to third-party products and a client for other device types."
Cisco Secure Endpoint is ranked 7th in Cisco Security Portfolio with 45 reviews while Cisco Umbrella is ranked 2nd in Cisco Security Portfolio with 108 reviews. Cisco Secure Endpoint is rated 8.6, while Cisco Umbrella is rated 8.8. The top reviewer of Cisco Secure Endpoint writes "Makes it possible to see a threat once and block it across all endpoints and your entire security platform". On the other hand, the top reviewer of Cisco Umbrella writes "Protects endpoints wherever they are, always pushing people to the right locations to avoid malicious intent". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and Symantec Endpoint Security, whereas Cisco Umbrella is most compared with Zscaler Internet Access, Microsoft Defender for Cloud Apps, Prisma Access by Palo Alto Networks, Palo Alto Networks DNS Security and Infoblox Advanced DNS Protection. See our Cisco Secure Endpoint vs. Cisco Umbrella report.
See our list of best Cisco Security Portfolio vendors.
We monitor all Cisco Security Portfolio reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.