Cisco Duo Reviews

We actually partner with Duo Security. We use the API to send a step-up on your phone for granting access to normal doors. You can tap your physical fob card or any other device at the door, and then receive a push notification. Depending on the success or failure of the authentication, we can either grant or reject access at the door. So it provides two-factor authentication. We use Duo for that purpose, as well as for an API and our internal VPN.

However, with our product, we use Duo Security end-to-end. Duo Security has a blind spot when it comes to physical security. It doesn't cover scenarios where someone gains physical access to our network room, which involves different technologies outside of its scope. 

From my perspective, it can't be considered truly end-to-end in that regard. Nonetheless, Duo Security offers significant value for network security and VPN access. If we combine our product with Duo Security, then we can achieve comprehensive end-to-end security.

We work for businesses, B2B. So we work in the data center space. A lot of our work focuses on providing the best authentication at your access points, be it a door or a data center cabinet. 

We can integrate our device without requiring you to replace your card, so we can put our device in. You can keep your card. You don't have to replace it. You can simply tap your card, even if it's in your wallet or for home use. The process remains the same. I tap my card, receive a push notification on my phone, and then press enter to gain access. It's great because it ensures that it's actually me and not someone who found my card.

The product has helped our organization by providing easy-to-set-up security. Additionally, through our partnership, we can offer a use case that adds value to our customers. They don't have to deal with the hassle of replacing their existing systems; instead, they can extend their investment in Duo Security and apply it to their access points. This makes it easier for us to deliver value to our customers.

Having that second-factor validation with Duo, or any multifactor authentication solution, is highly important. There are numerous options available in the market. Whether it's Duo or others, the key is to have that additional layer of security. In our organization, we utilize Duo Security across various use cases, which makes perfect sense. 

With Duo Security, it is easy to get that validation you need to make sure that you have security. It's very easy to set it up. It's simple, but it's secure. For me, that's the best part.

Integration for a partner is very useful because you can work with the API or admin API, whatever it is, and get a lot of logging details and pass them to your SIM. It's very useful for that.

Duo Security provides a high level of certainty regarding the identity of the individual performing an action. Whether it's logging into a system, using VPN, or utilizing Autopay, establishing that trust is crucial. I can't imagine any security company, organization, or IT team that wouldn't prioritize having multifactor authentication enabled when accessing critical systems.

Duo's user authentication and device verification are indeed effective in preventing identity-based attacks. The second factor authentication and clarification it provides are valuable. While there are certain situations where we might desire additional data from the API, I consider that to be a minor aspect.

I have a few suggestions for improving Duo Security. One major aspect would be the ability to gather contextual data. This means being able to determine the location where someone is authenticating from and whether it aligns with their regular location patterns. While two-factor authentication with mobile devices provides a high level of security, it's still not foolproof, as someone could potentially steal your phone. It would be beneficial to have information about the authentication location. 

If a partner could obtain that data, we could implement it, or if we had our own application, we could incorporate this feature. Additionally, having the ability to customize aspects of the API or the app's appearance would be useful. For example, if you're using Duo for both VPN access and authentication, you might want a different user interface for each scenario. This way, you can easily identify if someone is impersonating you at the door or accessing your computer. These are some suggestions to enhance the functionality of Duo Security.

I have been using Duo Security for a few years. We've used Duo Security for all two-factor authentication.

Duo Security is a stable solution. 

It is a scalable solution. From what we've seen, it's pretty scalable. It's really good. In terms of when you get an API response, I don't have to keep pulling that endpoint; I just get a response back, which is better than some of the other ones that exist.

We actually have our own application that we can utilize as well. However, Duo is the prevalent one we use. As a security company, we've conducted tests on various options like Okta Verify and Duo, alongside our own solution. In the end, we opted for Duo. The decision was based on its ease of use.

Implementing Duo Security was actually quite easy. Depending on other factors involved, it could potentially be even easier. The integration process mainly requires three values: the client ID, the secret, and the integration key. It is enough to do. 

However, for layman customers, it might be easier to set it up in a different way, such as a one-click setup, to further simplify the process. This is something we can discuss and collaborate on as partners. Overall, though, the setup of Duo Security is easy to set up. 

Duo Security's add-in value lies in its access security for establishing trust for every access request, no matter where it comes from.

However, when I say "no matter where it comes from," it's not just about computer logins or VPNs; physical access requests are equally important. It covers both cybersecurity and physical security aspects. While Duo Security adds value to both areas, it's worth noting that it doesn't fully cover the physical security aspect, which is the focus of our integration. However, in terms of digital security, it is indeed effective.

Now, if someone is considering getting Duo Security, my recommendation would depend on their specific needs and reasons for wanting it. However, if their goal is to implement multifactor authentication, then absolutely, they should go for it.

Overall, I would rate the solution a nine out of ten. 

We use it citywide. I work for a city, local government, and we implemented it during the pandemic.

We support it for remote access to our network. Every city employee is required to use it, including the police and fire departments. However, it's hard to concretely say if the solution has helped reduce the risk of breaches in one way or another.
Apart from that, we focus on user education in cybersecurity and provide training to our end-user population to heighten awareness. This is in addition to the two-factor authentication, so we don't solely rely on that.

Duo Security has improved our organization from a security standpoint. The two-factor authentication has become a requirement in most cases. It is specifically required by cybersecurity insurance.

Not only are we doing it for requirement purposes, but it also gives us an additional layer of confidence. Duo Security's additional layer of security gives us added confidence that our network will be less likely to get hacked, compromised, or otherwise.

Moreover, we're very satisfied with the solution for helping secure our infrastructure from end to end. It definitely gives us an added layer of our confidence knowing that two-factor authentication is implemented. In our organization, network-wise, the confidence level is fairly high, and we're happy with it.

The way we involve the end users is with their mobile devices and mobile phone numbers. Once they do get involved, we are pretty confident that they are being reached out to through the number that we have in the system for them, and there's really no reason on our end to doubt the validity of those authentication requests when they come through. We trust Duo Security for every access request, no matter where it comes from.

Duo Security has become essential to our environment, considering today's time when our workforce is becoming more and more mobile.

Duo Security helped our organization improve its cybersecurity resilience. It has given that added layer of security and keeps the awareness on the user's end as well.

It's easy to use, frankly. All it takes really is for the end user to download the app. For me, I have an Apple Watch; I don't even have to wait for my phone. I can accept the prompt right there and just be on my way.

Moreover, we are comfortable and have high confidence in the solution's user authentication; device verification can prevent identity-based attacks.

One of the challenges was for the police force. A lot of them, at first, weren't keen on using their personal cell phone for, quote-unquote, city business. As a city, we require them to download an app for two-factor authentication. There is a little bit of apprehension for some users thinking, well, "How do I know this app is not collecting personal information from my personal device?" was the only obstacle we ran into. Overall, satisfaction is good.

To mitigate this problem, there was an option where the city would choose to just go with utilizing the app. There's another option where you can get a text message as opposed to having to download the app and accept what the app has on it.

I have been using Duo Security for three years. 

Duo Security is a stable solution. 

We never encountered any issues in terms of scalability. 

The customer service and support have been very good. We haven't had to call them many times. They've been able to assist every time there was an issue.

The responses have always been timely, and I haven't gotten any complaints from our security manager.

We used a different solution but had it in limited use only for our public safety team. That was a requirement at the time because of the type of information that they had access to. We were looking for something versatile. 

With Duo Security, the easier user access and user adaption were a little easier. We felt the solution was a little clunky at times, and we are already in the Cisco ecosystem, and that's one of their products. So we decided that was the best solution at the time. That's why we switched to Duo Security.

Implementation was fairly easy. Moreover, once you have it implemented, it's very minimal.

Duo Security doesn't require a lot of maintenance. From that standpoint, the solution has freed up time. However, it's not something that we had beforehand. In other words, it's not necessarily alleviating work. However, it is easy to manage.

The pricing was a lot more than what we were paying for our previous solution. However, our previous solution only covered two out of the sixteen departments within the city.

It’s a bit of a pie chart in that sense but we understood that with Duo Security, we were deploying it on a broader scale.

Overall, the pricing was higher than our expectations, but considering the circumstances during the pandemic and the increased demand, we understood the importance of making the right decision and moving forward with the best product.

I would say we are happy with it. However, I haven't conducted any recent market surveys to compare pricing, so it's difficult to make a definitive statement. Ultimately, what matters most is the satisfaction of our end users, and in that regard, it is currently very high.

We did look at some other products. We had a security manager who was responsible for conducting the necessary research and legwork. However, he did present us with a few different solutions, and our network manager was also involved in exploring options. Ultimately, Duo Security was selected as the preferred solution.

And also, what happened right before then, we had attended Cisco Live, had been exposed to Cisco Duo, and really liked what we saw. So we went into it with a bit of bias, to be honest, because we already saw it.

Duo Security is a great solution. The adoption and learning curve for the end user is low, in our opinion.

Overall, I would rate Duo Security an eight out of ten.

We use Duo Security for multi-factor authentication.

The product makes our organization more secure.

Duo is reliable and easy to use. I’m pretty happy with all of the features. The user experience is pretty good. People without any technical background can run the applications without any issues.

The technical engineers in the first line of support should improve their knowledge. We often have to bounce all the cases to different levels.

I have been using Duo Security for more than ten years.

Technical support is pretty responsive. When there was an issue, support was able to provide a solution.

Neutral

From the security team’s perspective, the solution is pretty easy to deploy. From an end user’s perspective, it is very easy to download it and add the device to the profiles.

We deploy the solution in-house.

The pricing is reasonable.

Since I'm not an admin, I don't know how the device gets set up. The product is pretty good at securing our infrastructure. It protects everything and hardly leaves anything open. The infrastructure is secured.

Duo Security cannot do it all when it comes to reducing the risk of breaches. It can probably provide up to 50%, and the rest depends on the user. Things like phishing emails depend on the user. There is nothing that Duo Security can't do. The product does a pretty good job of protecting the infrastructure.

Duo Security’s user authentication and device verification are very good and very reliable. When we get a message to upgrade, we upgrade the tool. I don't have to spend a lot of time to get the device up to date.

The solution is reliable for establishing trust for every access request. It definitely is able to establish trust for the identity to protect the infrastructure. Our organization doesn’t necessarily believe that all resources must be considered external. We try to strike a balance between convenience and security. We don't treat everything as external. We keep certain internal stuff that doesn't have to go through the authentication.

The product increases the awareness of the employees about cybersecurity. Every time I log in, a Duo box pops up saying that I am authenticated and not leaving everything wide open. Try it and get a trial base, and then you will see the difference the tool can make.

Duo is the first platform that we used. My organization did an analysis to see how many potential attacks we'll have and how much money will be lost if we do not deploy Duo. I am not sure about the metrics, though.

Overall, I rate the product a nine out of ten.

We use it for multi-factor authentication. That's the only use case we have now. We're not using it to its maximum capabilities but we'll use it for more functions moving forward.

Duo Security has improved our cybersecurity resilience. Multi-factor authentication gives us another layer of protection. Having another layer of security is very important for us.

Duo Security establishes trust for every access request, no matter where it comes from. This is something that's absolutely needed.

It's easy to deploy. It's easy to manage. It's easy to integrate with other applications. 

We also use it for single sign-on with Meraki and VPN access for non-Cisco firewalls, but we're now migrating to Cisco firewalls. It's easy to deploy, and it works.

I'm not using it as much as I could. So far, it has everything I need. I don't have any requirements or improvements. Everything is working smoothly, and we're happy with it.

We have been using Duo Security for about two years.

Its stability is great.

We have 1,500 users that use Duo Security. We're planning to use Duo Security for more applications, but the number of users won't increase anymore, so in terms of scalability, I don't think we'll have any issues.

We have opened some cases with Cisco for questions and things at all, and they were very helpful. They're very good. They answer questions quickly, and the people who work there are knowledgeable, so I can't complain. I'd rate them a ten out of ten because I got prompt responses and knowledgeable people.

Positive

We were using Microsoft Authenticator before, but we had a lot of problems with that, so we had to move away from that. Initially, we didn't have any multi-factor authentication, so having a multi-factor authentication for multiple applications and services that we provide helps us in making our network more secure.

You synchronize your AD with Duo Security and create all the groups for access.  You send the emails to do the deployment, and you load the cell phone numbers. That's for the end-user side, and for the firewall, we have the proxies. We're using a proxy for one of the products. Our firewall sends RADIUS requests to the proxy, and the proxy communicates to Duo Cloud. The virtual machine deployment for the process was very easy. The configuration takes a few steps, but it's easy.

We've both on-premise and cloud deployments. We're using the tool on the cloud, but we don't have any infrastructure on the cloud.

We did the deployment ourselves.

We have seen an ROI. The cost of not having it means you're vulnerable to hacking and other things. Nowadays, multi-factor authentication is required for insurance. It's a must now.

It's very simple. Its price is fair. We use the hardware tokens as well. You get what you pay for.

In terms of licensing, Cisco has very complicated products, but Duo Security was surprisingly easy. The licensing model is easy. The license is based on the intent. You can see how many licenses you have. It's one of the easiest solutions I have deployed, so I'm very happy about it. Every other Cisco product—such as switches, APs, wireless, and controllers—has a very complicated license model. The new smart license model doesn't always work. It's very complicated. The vendors will put your license somewhere else. You need to talk to vendors. It's complicated, but Duo Security licensing is simple.

We evaluated RSA, Microsoft, and Duo Security. We evaluated these three, and we realized that Duo Security had better reviews, and it was easier to deploy and cost-effective, so it made sense to use it.

Overall, I'd rate Duo Security a ten out of ten.

You don't need any other Cisco security products in order to use it. That's what makes it easy.

Normally, people use it for multi-factor authentication. It's an easy-to-install multi-factor authentication platform.

Regarding the valuable features, I would say that Duo Security is easy to use, has speed, and is dependable.

It would be nice if there was a biometric option rather where you could accept with a fingerprint. Like, in an iPhone, they have fingerprint authentication and face ID. It would be nice if there was a biometric acceptance as opposed to just clicking and accepting.

I have been using Duo Security for thirteen years. I am a distributor of the solution.

Regarding stability, I don't know if that comes into question. With my clients, I haven't seen them facing stability issues.

I have seen it deployed in an organization with 50 people and another with 5,000 people.

I love the solution's technical support. Regarding the adjectives I would use to describe the support, I would say that the support was professional and accommodating. I wish that the support would be a little bit more prompt and a little bit more flexible because there are certain things that they will do and certain things they won't do. Then they push what they won't do back down to the distributor.

I also wish that they consider us as distributors because we're not the traditional partner. It's almost like we are Cisco. I wish that we could share more resources behind Cisco Firewall and behind Cisco's resources. I rate the support an eight out of ten.

Positive

The reason we chose Duo Security over its competitors is because it's a freebie that you can try and see how it goes. There is also the ease of integration with Duo Security. I don't really know of any other MFA that is as simple. With Duo Security, it's like, here's your authorization, and you need to click on the yes or no options.

I would say that the solution does increase security because it does require MFA, and as long as the company enforces it installed on a specific device, it works.

It does not secure my infrastructure from end to end and detect or remediate threats. It's not the function of the product.

Regarding my assessment of Duo Security for establishing trust for every access request, no matter where it comes from, I would say that it is absolutely dependent on how the company deploys it. If the company says just deploy Duo Security on an old device, then it's kind of a hope.

 The whole point of having Duo Security is that it considers all resources to be external. 

Multi-factor authentication in general helped my organization improve its cybersecurity resilience. Any MFA will do that.

I would tell those considering having Duo Security in their organization that it's easy. You don't need to have every other Cisco product out there since I know that, for a fact, you can do it with Sophos and Fortinet. You can do it with other products, not just Cisco.

I rate the overall product an eight out of ten.

Duo is part of a complete security package that Cisco provides. Initially, we only used Duo to secure Microsoft 365, but we now use it for other applications like VPN, terminal server access, etc.

A couple of months ago, our colleagues got phishing emails from real accounts because other companies got hacked. The scammers write emails from a hacked account because they see an employee on the contact list. They seem real because the images are authentic. That leads to a portal where you have to insert your credentials. 

Like any MFA, Cisco Duo sends a message when someone tries to access your account. That's the part that helped us because a person always falls for it. Unauthorized access is a serious problem, even if it doesn't affect your files. It's a potential risk to our reputation because it doesn't look good if a hacker is using your company email address to send spam.

I'm not sure if Duo saved us time. Any security measure inevitably makes things more complicated. If you eliminate security solutions, it's easier on your users, but you have no security. It's like wearing a helmet on a motorcycle. You don't need it until you fall. 

Our security posture is getting better, but we still have room for improvement. We're implementing several security packages currently and hope to be where we want to be by the end of this year. 

Most of my colleagues from other companies use the Microsoft MFA solution because it's included in Office 365. Few people are considering Cisco Duo. That's the primary problem in our area. It's a solution mostly adopted by Cisco users.

We are new users and only started transitioning to Cisco last year.

We haven't experienced any issues so far, and I hope it stays that way. Nothing is 100 percent, but it's close to that. 

Our company isn't too big. Cisco is the perfect product for our current size, and I don't think we'll have problems with scalability as we grow.

We rely on our partner for technical support, so we've never contacted Cisco for that. 

We used HP networking and security products but transitioned to Cisco last year. In the food manufacturing industry, Cisco has some advantages over others. For example, Cisco switches are made for heavy industry and are designed for devices in the mills. Cisco is certified to integrate with Siemens microprocessors. 

What is critical for me isn't the product itself, it's your partner. If you have a great partner, you can also work with HP or other competitors. Having a partner to implement everything and suggest best practices is essential. Our partner NTS works exclusively with Cisco, so we switched from the competitor to Cisco when we switched partners.

The deployment was straightforward with the help of our partner. I can't do it all alone, but our partner has 450 Cisco-certified technicians. 

Cisco has the most expensive products because market leaders tend to charge a lot.

I rate Cisco Duo Security a nine out of ten. I would give the solution a perfect score if it were a little cheaper. Cisco is expensive.

We are still implementing the solution and are not in full production mode yet. We implemented Duo Security in comparison with ICE, and we use it to secure our environments. It helps us authenticate users that use our network devices.

We hope to increase our security posture with Duo Security.

I like the set time that users can log into devices during the day and how many times they can do so. I also like the ability to restrict the regions from which the user can get in. Users outside of our country or even the town cannot log in.

I would like to see Duo Security increase the time that the users have to log into the devices. The maximum time interval is 15 minutes at the moment, and I would like it to be 60 minutes.

When you try to log into a device and have to authenticate yourself, sometimes it's not very pleasant. It's not the best thing particularly if you have to do this every 15 minutes, which is the maximum time that Duo gives. This makes it difficult to use and does not save time.

I've been working with Duo Security for six months.

So far, we haven't had any issues with stability.

My experience with technical support has been generally good, but sometimes, there is a delay in getting answers. I would rate them at eight on a scale from one to ten.

Positive

Duo Security was easy to set up. It took us almost a week to read the manual and understand what we have to implement to go into production.

Duo Security is very helpful and fits what we were looking for to satisfy the requirements of our security office. On a scale from one to ten, with ten being the best, I would rate Duo Security at eight.

A colleague and I conducted some market research, where we found the solution and implemented it according to our needs. We installed the agents in our server, which communicate with Duo Security and send a prompt to our mobiles which is very convenient. We can also use the authenticator with other products and integrate it with a password reset disk. The product covers all of our needs.

The solution allows us to cover significant organizations and audit organizations with very high-security demands. At that level, security is non-negotiable, and Duo Security provides a second layer multi-factor server authentication, easy implementation, and Microsoft integration. 

The integration with Azure Active Directory and the AWS cloud is amazing, as most products nowadays require the creation of a customized integration. With Duo Security, it was more like native integration, and it took me five minutes to register.

The solution is straightforward, requiring minimal training and expertise to operate; IT staff have no problem understanding it.

The GUI is excellent, and the solution has valuable features, including policies and easy integration. It's a fantastic product.

Cisco owns Duo Security, and they are trusted everywhere, so establishing trust for access requests is never an issue. This is a major factor because when it comes to security, the solution must come from a trusted organization. We don't want to place our security in the hands of unknown third-party organizations; data leaks are a genuine concern. 

I can't give specific details of my organization's security risks, but I can say that Duo Security has eliminated trust from my organization's network architecture. 

I'm amazed by the product, especially by the ease of implementation. One of our major clients was equally impressed with the product. We use this solution to secure our network, which meets all our needs.   

Compared with other products, Duo Security is excellent; I'm very impressed, and so are my colleagues. I can't speak highly enough of this solution. The support of hybrid work is vital nowadays, as many organizations are moving from on-premises to cloud and hybrid environments, so it's important for the product to be compatible with both environments.

In the enterprise segment, we require many solutions to defend against different threats, with each system responsible for its own security function. Duo Security remediates the specific threats we need and has all the necessary features. 

I would rate the solution a 10 out of 10 in this area. 

Integration with a product such as Microsoft Sentinel would be great. As the product continually improves, I'm unsure if this feature is available.

We have been using the solution for two years. 

The solution is 100% stable.

I work with many products, and I've realized that the ones based in America run SMS and phone call communications through Twilio. As we are outside America, Twilio isn't correctly integrated with our local ISPs, so it has some issues with our IPs. This can impede our communications and is an issue I've faced multiple times because of Twilio.

The platform is highly scalable, and Duo Security is constantly improving its product; I receive weekly emails about new features and improvements they have made.

The support staff are fantastic, they're very impressive and I would rate them a 10 out of 10. 

Positive

We use the native Microsoft Authenticator and implement Duo Security as an additional layer of protection.

The initial setup is straightforward; Duo Security provides excellent documentation and support compared to other companies. This solution can be deployed in a day.

I deployed the solution myself using the provided documentation and sometimes reached out to support. I never had an issue, and implementation took just two days.

We definitely received an ROI; the solution improved our security by perhaps 70%, and this particular landing zone requires significant protection.

I only need the solution for IT staff, which makes it relatively cheap. If I deployed it for the whole company, it would be costly, so it depends on the number of users. Duo Security is affordable compared to other products in the segment.

I don't exactly remember which other solutions we considered, but we used G2's platform's reports to evaluate them.

I would rate this solution a nine out of ten. 

The maintenance of network connectivity depends on the complexity of the organization. It is easy to implement for our company and our architecture, but it wouldn't be as easy for a more complex network structure like a bank. We use the SaaS version of the product, so it's straightforward to implement and maintain. 

Our staff weren't used to using MFA, so it was initially frustrating for them, but this is a security requirement for us, and they adapted to it.

I would advise leaders looking to build resilience in their organization to implement another MFA product like Duo Security.