It's an MFA solution, and we mainly use Duo Security for secure access to some of the servers with backup data.
CTO at a tech vendor with 10,001+ employees
Fair price, improves security, and easily integrates with existing infrastructure
Pros and Cons
- "For me and my customers, the best feature is that it's very easy to integrate with the existing infrastructure. It takes a few minutes to configure it."
- "It already integrates with lots of products, but it can integrate with more products. There should be easy integration with Cisco products because sometimes, it can be quite complicated."
What is our primary use case?
How has it helped my organization?
With Duo Security, we can better secure our servers with backup data. It's very good for our customers for cyber resilience.
It can reduce time in case of a ransomware attack and so on. It protects the data but not directly.
What is most valuable?
For me and my customers, the best feature is that it's very easy to integrate with the existing infrastructure. It takes a few minutes to configure it.
What needs improvement?
It's already good, but there could be more integration. There could be ready-made integration. Other than that, it's a good product. It already integrates with lots of products, but it can integrate with more products. There should be easy integration with Cisco products because sometimes, it can be quite complicated.
Buyer's Guide
Cisco Duo
April 2025

Learn what your peers think about Cisco Duo. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.
For how long have I used the solution?
I've been using this solution for around two years.
What do I think about the stability of the solution?
I don't see any problems. It's very good.
What do I think about the scalability of the solution?
It seems good.
Which solution did I use previously and why did I switch?
We already have a different vendor's solution, but the way that Cisco works on global security helps us to sell more. That's because customers want one dashboard or one cockpit, and now, all the Cisco projects go through SecureX. For customers, it's an advantage because they only have to know one interface, not ten interfaces. They don't have to know the interface of each product they've got.
I like Cisco Talos because it's a good source of security information, but it doesn't impact the customers as such.
How was the initial setup?
We mainly work with the public sector, so its deployment is mainly on-premises, but we also have a few customers who have a hybrid setup. We don't have customers with a full public cloud, so it's mainly hybrid, and they mainly use AWS and Azure cloud. There is also one local provider called OVH, and because it's in the country, it's easier.
I don't take care of its deployment. I have a presales role, so I do demonstrations. I deploy it in our lab but not at the customer. It's my colleague who does that.
The deployment process in the lab is very easy. Duo Security is a cloud solution, so there is almost nothing to install on-prem, and there is also lots of documentation. It's very well-documented how to integrate it with an already existing solution. In one day, you can integrate it quite easily. The web interface is very easy to understand.
What about the implementation team?
One person is enough for its deployment. In terms of maintenance, it doesn't require any maintenance. It's a cloud solution.
What was our ROI?
The ROI is complicated to calculate. It improves security, and improved security is the return on investment.
What's my experience with pricing, setup cost, and licensing?
Cisco's licensing is always a bit complicated to understand, but the price is fair. It could be more expensive than others, but the way they integrate everything, it has a fair price.
What other advice do I have?
You've got a trial version, so just try it, and you will adopt it.
I'd rate Duo Security a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller

Network engineer 2 at a tech vendor with 10,001+ employees
Cloud based security solution that offers end to end MFA functionality and is reliable and stable
Pros and Cons
- "Duo has allowed us to add an additional layer of security to our organization and to establish trust for every access request and secures our environment."
- "We have a 24 hour timer for our Duo cookie and we would like to reduce this to a shorter time when using Duo."
What is our primary use case?
Duo specifically offers good MFA functionality. We needed support for our VPN and used GlobalProtect as well as Duo for additional security.
How has it helped my organization?
Duo has allowed us to add an additional layer of security to our organization. It prevents people from gaining access unless they have your credentials as well as a device. It has allowed us to establish trust for every access request and secures our environment. We are confident and comfortable with the way the solution handles this. We have tried other solutions but they've not met our expectations.
Duo Security does a good job of helping to support our organization across a distributed network. It does a fantastic job at securing access to applications and networks. It is streamlined and straightforward.
Duo Security provides single-pane-of-glass management.
What is most valuable?
This solution has been most valuable for locking up our VPN solution and providing secure web protection.
What needs improvement?
We have a 24 hour timer for our Duo cookie and we would like to reduce this to a shorter time when using Duo. We use Duo together with GlobalProtect and I am not sure which solution would be responsible for this improvement.
For how long have I used the solution?
I have been using Duo Security for the entire time I've been employed at my company.
What do I think about the stability of the solution?
This is a stable solution.
What do I think about the scalability of the solution?
This is a scalable solution. We have 20,000 users covered by this solution.
How are customer service and support?
We have not needed much help from the Duo support team. Using this solution has been surprisingly easy for us.
Which solution did I use previously and why did I switch?
We were running a different solution on a test gateway we had and it didn't meet our expectations so we moved to Duo. We have previously tested XAML.
What's my experience with pricing, setup cost, and licensing?
You pay per user when using this solution and the pricing is fair.
What other advice do I have?
We have never had an issue in maintaining network connectivity across all workplaces. Duo Security has helped remediate threats more quickly and offers security end to end. Cybersecurity resilience is probably one of the most significant elements of organization because we work in the healthcare industry.
I would rate this solution a ten out of ten. This is because we have not had any vulnerability that has been exposed to or any other issues that we've had to deal with.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Cisco Duo
April 2025

Learn what your peers think about Cisco Duo. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.
Systems Engineer Virtualization at a engineering company with 501-1,000 employees
Easy to use and integrates well with the rest of our cloud-based Cisco ecosystem
Pros and Cons
- "The single pane of glass management is very important and it is part of the reason we went with Duo. Anything we can do to save time for our administrators, help desk staff, and engineers, is valuable to us."
- "I wouldn't mind seeing some options for remembering a device for a short period of time or a specific login, particularly for administrative engineering staff, as we may be logging in to four or five different services."
What is our primary use case?
We use it for two-factor authentication for end-user and administrator login. We wanted to secure our endpoints.
What is most valuable?
The single pane of glass management is very important and it is part of the reason we went with Duo. Anything we can do to save time for our administrators, help desk staff, and engineers, is valuable to us.
What needs improvement?
I wouldn't mind seeing some options for remembering a device for a short period of time or a specific login, particularly for administrative engineering staff, as we may be logging in to four or five different services. We're having to use it a lot. I understand it, it's just part of it. That's not specific to Duo. That's two-factor authentication in general.
For how long have I used the solution?
I've been using Duo Security for about a year.
What do I think about the stability of the solution?
It's stable. We haven't had any downtime that I can recall or any problems with maintaining network connectivity.
Any issues we've had have been local to a specific user. Maybe the phone number was not set up right or there was some conflict as a result of somebody changing a device, but it's always been pretty straightforward to get that kind of thing resolved.
What do I think about the scalability of the solution?
We started off with a small deployment and, in one or two steps, sent it out to everybody and it scaled fine. We didn't have to change anything in our setup.
We have about 1,200 users across 60 branches around the U.S. We occasionally have people using it internationally and we're able to handle that fine with our geographic location blocking or allowing, as the case may be. It's a fully virtualized environment. We have a lot of remote users, people who work in remote fields. As long as they have a cell signal, it works.
How are customer service and support?
I have not had to deal with any support for Duo. The less I have to talk to support the better, for sure.
Which solution did I use previously and why did I switch?
This is our first venture into two-factor authentication.
We didn't have a specific problem we were trying to solve when we got it. We were just trying to add more and more security. We did have regulatory requirements for two-factor authentication and that is what drove it.
How was the initial setup?
The deployment of Duo Security was mainly a project done by our network and security team, but I was involved in it to some extent. I found it pretty straightforward. As enterprise-wide security solutions go, it wasn't too bad.
We got it integrated with Active Directory. There were some struggles there that I don't know the specifics of because our network team was working on that. But once everything was set up, it was pretty easy to add a new user and do whatever we wanted to.
It took a little time for our users to get used to it, but everybody took to it pretty well. The users don't really have to interact with it other than getting their push notifications. For them, it's easy. It requires minimal training. It pops up and it's all pretty self-explanatory.
Which other solutions did I evaluate?
It's pretty easy to use as two-factor authentication systems go. We evaluated a few others, including the Microsoft two-factor authentication, a little bit, and one other, and Duo ended up being our favorite. Part of that was because we're in that Cisco ecosystem and we were able to integrate it with our other services that are all cloud-based. It fit in pretty well for us, and it would for anybody with a similar setup.
Duo was also the least obtrusive to the user and the ease of administration through the administrative portal was a little better.
What other advice do I have?
Fortunately, we haven't had to evaluate it when it comes to helping us remediate threats more quickly, but we're confident that it will.
Regarding resilience in cyber security, two-factor is definitely a must-have. We're satisfied with it as far as that goes, in addition to it fulfilling our regulatory requirements.
For our use case, for logins, it just works.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Engineer at a computer software company with 5,001-10,000 employees
Provides heightened security and has a helpful customer support team
Pros and Cons
- "If you have to log in to something, you must go to Duo Security to confirm that you're who you are on your phone."
- "When you come to the push in Duo Security, there are some integrations where you have to use the code instead of the push functionality."
What is our primary use case?
We use Duo Security to level up security and access to internal systems.
How has it helped my organization?
Duo Security has provided us with heightened security. That's the biggest benefit because, nowadays, security risks are big due to hacking. This solution narrows down a lot of things that we have to go through.
What is most valuable?
If you have to log in to something, you must go to Duo Security to confirm that you're who you are on your phone. From there, you go back to the app, and it allows you access.
What needs improvement?
When you come to the push in Duo Security, there are some integrations where you have to use the code instead of the push functionality. Sometimes, you have to go and push from the app, go to Duo Security, and then go back over after you've accepted the push. It would be good if a seamless web comes down, you press the button at the top, and it goes away while you're still in the app.
For how long have I used the solution?
I have been using Duo Security for about two years.
What do I think about the stability of the solution?
Duo Security is a pretty stable solution.
What do I think about the scalability of the solution?
Duo Security is a scalable solution. You can easily download the app, log in, and you have access. Scaling is not an issue with Duo Security.
How are customer service and support?
Duo Security's customer support is very helpful, going above and beyond what they normally need to do to get things fixed and resolved. I can always reach out to my reps, who try to figure out what's going on to help me.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Since I changed companies, I can't remember the old solution, but it was probably some Microsoft solution. It did almost the same thing as Duo Security, except that Duo Security has the push. So instead of going back and finding the code, it can easily just push to the app, allowing you access. So it's a little bit faster to access your systems than having to find these different apps.
What was our ROI?
We have seen a return on investment with Duo Security because getting hacked once would cost us millions. So investing in a solution like Duo Security saves us all that money.
What other advice do I have?
Most solutions do what we're trying to use Duo Security for. It ensures a person has different access to the system via a different device like a YubiKey.
Duo Security has helped to improve our organization's security posture through reassurance in giving out access. Having something like Duo Security on the back end can help pinpoint who's logging in and ensure there is no random bot.
I highly recommend Duo Security because it's still seamless from my standpoint. I don't know how it would be on the back end, but it'd be a great application for any organization wanting to heighten its security on user access.
Overall, I rate Duo Security ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
MSP Director at a tech services company with 11-50 employees
Easy to use and gives our customers multi-factor identification on-prem and in the cloud
Pros and Cons
- "The single pane of glass management works very well. That feature is very important because we have a lot of admins who have to manage Duo, and it's much easier when it's a single pane of glass. That single pane is also great because it's easy to enroll new devices."
- "One area that might be improved is that setting up SMS texting is not as easy as using the app, even though it does support it."
What is our primary use case?
We mostly use it for multi-factor authentication with email platforms like Office 365 as well as other apps.
How has it helped my organization?
We were looking to deal with email phishing attacks and brute force attacks, and the like, and Duo has helped a lot. We're more secure with multi-factor and have seen the number of phishing attacks and brute force attacks go down.
Logging in with Duo is baked into anything that we log into, including any applications, email, and web apps. We integrate it with a product called Jump Cloud, which is our cloud-based identity management system. We have also integrated it into WebEx and Box. Duo runs all of our security and MFA, and it's worked out well.
It's helped a lot of our customers with multi-factor in their identity management systems, on-prem and in the cloud. That way, when users log in, they get the MFAs to be able to log in to any resource on the network.
And because everybody is working remotely now, Duo checks all the boxes for hybrid work.
When it comes to remediating threats, it has helped us do so quickly. We don't even see a lot of the threats anymore because it's working behind the scenes. It has definitely decreased the number of threats in the last year compared to what we used to see.
What is most valuable?
The ease of use and the ease of management of all the users have been key for us. The setting up of devices in Duo has been really easy as well. It's better than all the other ones I've worked with.
Another important feature is that Duo considers all resources to be external because even the internal ones look like external ones, and people click on stuff and get caught. It's very important to be more cautious than ever.
Also, the single pane of glass management works very well. That feature is very important because we have a lot of admins who have to manage Duo, and it's much easier when it's a single pane of glass. That single pane is also great because it's easy to enroll new devices.
What needs improvement?
One area that might be improved is that setting up SMS texting is not as easy as using the app, even though it does support it.
Also, a faster management user interface would help. It tends to lag a little bit.
For how long have I used the solution?
I've been using Duo Security for three or four years.
What do I think about the stability of the solution?
It has been stable. We haven't really had many issues with it. It maintains network connectivity across all workplaces and works great. I don't have any complaints.
What do I think about the scalability of the solution?
It can scale to as many employees as you have. It can go from five employees to 1,000 employees. I don't see any issues with the scalability.
How are customer service and support?
Their technical support is great.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We did not have a previous solution.
How was the initial setup?
The initial deployment was pretty straightforward. We had a small number of challenges, but nothing we couldn't get by. It was pretty smooth, overall. Setting it up and enrolling new devices into the environment was a breeze. That was the easiest thing.
What about the implementation team?
We do it ourselves.
What was our ROI?
We see ROI in that users feel more secure and their morale goes up. You get to keep those employees a lot longer if they feel better working for an organization that's investing in security. A big benefit is keeping your employees.
Everybody loves it. They feel a sense of security when they get that prompt to send them a text, or an email. It makes them feel like they're working for a company that is really taking the time to secure the environment. It gives them a good feeling when they get a second form of authorization.
What's my experience with pricing, setup cost, and licensing?
The pricing is pretty competitive. It's pretty cheap. Anybody can adopt it. We don't have customers that haven't used it because of the price.
Which other solutions did I evaluate?
We evaluated Microsoft Authenticator and Google Authenticator. With those solutions, you don't have the granularity of management of the MFA environment that Duo offers.
What other advice do I have?
Our Duo is all cloud-based, there's nothing on-prem. We typically integrate it with our cloud apps.
Resilience in cyber security is a game-changer. We have the same challenges that every organization goes through with security: phishing attacks, ransomware attacks, et cetera. I wouldn't say it has eliminated 100 percent of them, but it definitely cuts a lot of that stuff out. Every organization should have something like Duo, or MFA in general. But if they're going to do it, they should do it with Duo just because it's so easy to manage and it is resilient.
For management that wants to build more resilience within their organization, they have to implement multi-factor authentication across that organization for everything. It shouldn't just be for email but everything internally as well.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Solution Engineer at FirstLight
Easy for our customers to use and works well with other Cisco products
Pros and Cons
- "We get fewer threats to remediate due to the two-factor authentication, which does not allow as many threats through."
- "Sometimes, it's a little harder for customers to adopt."
What is our primary use case?
A lot of our use cases were for customers to get their cyber insurance renewed. It was a requirement and they had to scramble to figure out a way to get multi-factor authentication in place.
How has it helped my organization?
It's made things easier for our customers with all the different ways to sign in. It's pretty painless once they get used to it. Once customers understand it, it checks all the boxes for them. It's easy for them to use. It also works with a lot of Cisco's other products.
What is most valuable?
- The easiest feature is the token or the app on your phone that gives you the code to log in.
- It provides a single pane of glass for management and that helps optimize the user experience.
- We get fewer threats to remediate due to the two-factor authentication, which does not allow as many threats through.
- It does a good job of establishing trust for every access request. It checks all the boxes I need and, as a reseller, it makes it easy for me to sell. I'm happy with it.
What needs improvement?
Sometimes, it's a little harder for customers to adopt.
Also, when it comes to the single pane of glass for management, there are some mixed reviews and opinions that say there could be some other options. But those are very unique cases.
The majority of my customers are really good with just the two-factor authentication and don't really take advantage of a lot of the extra bells and whistles that it has. Getting them to adopt more of those features, versus asking for anything new, would probably be where my first step would be.
For how long have I used the solution?
I have been using Duo Security for about a year and a half.
What do I think about the stability of the solution?
The stability is good. I've never had an issue with it crashing or having bugs.
What do I think about the scalability of the solution?
I've never had anything outgrow it. That's for sure. You just add licenses.
How are customer service and support?
Tech support has been great. I've only had to open two cases and they've been very helpful and made it straightforward.
How would you rate customer service and support?
Positive
How was the initial setup?
I've been involved in the deployment of Duo Security a few times and the documentation makes it straightforward.
What's my experience with pricing, setup cost, and licensing?
Overall, the pricing is fair. Customers can wrap it into their Enterprise Agreement, making it easier for them to solve their issues.
Which other solutions did I evaluate?
We're a Cisco partner, so once the two-factor requirement kicked in and became mandatory for our customers' cyber insurance, we just gravitated right to the Cisco solution.
The proofs of value that we've done are really what sells it. You put it in, get them using it, and then you just buy the license and you don't have to go back.
What other advice do I have?
Employees start off saying, "This is another thing we have to do," but once they get it set up the way they like it, it's very easy. And if anybody gets locked out, we get an email and it's easy to unlock. If the unions were able to adopt it, anybody can.
Overall, it meets all my needs, including price point, and I've been very happy with it.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
IT Security Manager at a government with 1,001-5,000 employees
The security products have good integration
Pros and Cons
- "We were considering purchasing other products, like AMP for Endpoints, and it was not properly integrated with the firewall function. It might be better now with SecureX."
- "We were considering purchasing other products, like AMP for Endpoints, and it was not properly integrated with the firewall function. It might be better now with SecureX."
What is our primary use case?
We use Cisco Firewalls, Cisco Umbrella, and we played a bit with Cisco Duo. The integration between has gotten better recently.
We use them for a security solution, multifactor authentication, and DNS protection.
How has it helped my organization?
It helps increase the security posture of the organization.
Cisco saves us time. We automate as many tasks as possible.
What is most valuable?
The integration is the most valuable feature. The products talk to each other.
The products help us to detect and remediate threats.
What needs improvement?
The integration has improved recently but it can still be better.
We were considering purchasing other products, like AMP for Endpoints, and it was not properly integrated with the firewall function. It might be better now with SecureX.
For how long have I used the solution?
My company has been using it since before the company was founded more than ten years ago.
How are customer service and support?
Their support can use improvement when it comes to responsiveness. It can take a few business days to convince an engineer that a device is faulty.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We also use other products from other companies for web applications and firewalling, besides Firepower. There are pluses and minuses for the other companies.
From Gartner's perspective, Cisco products are not market leaders in some areas.
How was the initial setup?
With good specialists and support, it's easy to implement multiple Cisco products.
What other advice do I have?
We should be protecting our network and the cost of security and the OpEx is important, but it is more important to have a protected network.
I would rate their security products an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sr. Network Engineer at a tech services company with 11-50 employees
Fast support, good scalability, and helpful for two-factor authentication
Pros and Cons
- "The two-factor authentication is valuable because that is the use case for which we are using it."
- "We first deployed Duo Security for our company with the VPN, and afterward, about a year later, we implemented it for a customer of ours where we offered infrastructure as a service. When I tried to establish a VPN connection through Duo Security, it did not function well on that version, which was the latest one at the time. So, I had to make a copy of the machine and then implement Duo Security with the VPN because it did not function well with the newer version."
What is our primary use case?
We mostly use it for our AnyConnect VPNs and two-factor authentication.
How has it helped my organization?
We use Firepower Defense as a firewall, and we have implemented the IPS system on the firewall. Previously, we had ASA, and two-factor authentication was with the code, but now, it's with a push notification. It has somehow made it easier for non-IT employees to easily connect to the VPN, but it, as such, hasn't saved any time. It didn't reduce any tasks.
It hasn't helped consolidate any tools or applications because we're not using any other security components that can be integrated with it.
What is most valuable?
The two-factor authentication is valuable because that is the use case for which we are using it.
What needs improvement?
We first deployed Duo Security for our company with the VPN, and afterward, about a year later, we implemented it for a customer of ours where we offered infrastructure as a service. When I tried to establish a VPN connection through Duo Security, it did not function well on that version, which was the latest one at the time. So, I had to make a copy of the machine and then implement Duo Security with the VPN because it did not function well with the newer version. I didn't know why, but it did not function. I haven't tried to update it since then, but that could be an area of improvement.
For how long have I used the solution?
I've been using Duo Security for almost four years.
What do I think about the stability of the solution?
It's stable.
What do I think about the scalability of the solution?
It has good scalability.
How are customer service and support?
They were helpful and fast 90% of the time. They have knowledgeable tech engineers. We didn't have many problems, but any problem that required a case to be opened was resolved quickly. I'd rate their support a nine out of ten.
Which solution did I use previously and why did I switch?
We didn't use a similar solution previously. We went for this solution because of the consistency of Cisco products and the best cases that it provides. It fulfills our needs as a company.
How was the initial setup?
It was straightforward. I had some issues, but mostly, I followed the complete path from sandboxing to testing and then going live in production.
What about the implementation team?
We have two people, me and my colleague, but it's mostly me.
What was our ROI?
I am not involved in its pricing, but we haven't yet seen an ROI.
What other advice do I have?
I'd recommend using it. You can read about the product and implement your infrastructure.
I'd rate Duo Security a 10 out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Cisco Duo Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2025
Product Categories
Authentication Systems Single Sign-On (SSO) ZTNA as a Service Cisco Security Portfolio Multi-Factor Authentication (MFA)Popular Comparisons
Microsoft Entra ID
Okta Workforce Identity
Fortinet FortiAuthenticator
Ping Identity Platform
Yubico YubiKey
Fortinet FortiToken
RSA SecurID
CyberArk Identity
Silverfort
Symantec VIP Access Manager
Thales Authenticators
ESET EDR/XDR
UserLock
Entrust Identity Enterprise
RSA Authentication Manager
Buyer's Guide
Download our free Cisco Duo Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How does Duo Security compare with Microsoft Authenticator?
- How would you compare Cisco Duo Security with other Authentication Systems products?
- Which solution do you prefer: Duo Security or RSA SecurID Access?
- When evaluating Authentication Systems, what aspect do you think is the most important to look for?
- Why is Authentication Systems important for companies?
- Which front-end product for authorization and authentication into an Apache Web Server application, PIXIA, would you recommend?
- What is the difference between SPML and SAML?
- How would you compare Cisco Duo Security with other Authentication Systems products?
- What is CAPTCHA and how does it work? How can you use it for Artificial Intelligence (AI)?
- What are some alternatives for UserLock?