Cisco Duo Reviews

We use Duo Security for multi-factor authentication for our VPN.

We didn't have any MFA previously. Adding that extra layer of security helps.

Duo Security has been pretty good for securing our infrastructure from end to end so that you can detect and remediate threats. We've seen several of our employees leave the country, and we see their connections trying to go through and so forth. We can either add them to allow them access or keep denying that access, and we get alerted to that. 

It is pretty good in terms of user authentication and device verification for helping to prevent identity-based attacks. Your device is preauthorized. If somebody steals your device, they still need to know your password. That works out pretty well.

Duo Security helps reduce the risk of breaches. If I had known about it sooner, I'd have got it sooner. 

The Self-Service Portal has helped free up our IT staff. Our guys spend a little time, and they can go in and look at how to do things and how to set things up. It makes things a little easier. 

Duo Security establishes trust for every access request, no matter where it comes from. We really limit where we cannot be accessed from. It helps to make sure whoever we're letting in is who they're supposed to be.

Duo Security considers all resources to be external. If you treat everything as a threat, you're safer that way.

It has helped our organization improve its cybersecurity resilience. 

It's a lot easier for our end users to connect to our network. You don't have to type in a code. You get push notifications, that's probably the best thing about it. The fewer clicks they have to do to be online, the better it is. They can easily get into the network and do remote work. 

I'd like to see it integrated into other applications. I know there are some integrations, but I haven't been able to explore that any further. 

I've been using Duo Security for about the last 18 months.

It has been awesome. It's been a ten out of ten.

I haven't had a deal with that.

That's pretty good, but we didn't have to use them for this product. In general, Cisco support has been excellent. I'd rate them a nine out of ten.

Positive

We didn't have MFA. This was our first one. We were using open-source VPN software and decided that we needed to add MFA. We didn't want to patch a bunch of different things together. Cisco AnyConnect and MFA together worked out very well. We also had a Cisco Firepower firewall, and we decided that one vendor for all of it would make it much easier. Its price was also very reasonable. It made it easy for us to make that decision.

It was straightforward. For most things that I've dealt with from Cisco, I've had to do a lot of research to find things, but with Duo Security, everything was right there for us.

We did it in-house. It was easy.

Less time is spent trying to figure things out with a bunch of different software. By having one vendor, there's not a lot of extra work that our guys have to do to keep maintaining that.

Pricing was very reasonable.

To someone researching this solution who wants to improve cybersecurity in their organization, I'd say that definitely give it a look. It's easy to set up. It was very easy for us to set up. We even had our Cisco team call us and make sure we had everything going. It was almost no effort, so it's worth a try. 

I'd rate Duo Security a ten out of ten.

We use a number of Cisco products specifically, Cisco Umbrella and Duo.

Our primary use case is to enhance our client's security and their digital security model; Secure DNS, malware protection, MFA, and MDM services for their premium devices and their office devices.

Cisco has improved our organization by making the attack vector smaller and improving the security of our customer's networks and by extension, enhancing our reputation.

Using Cisco has saved us time and money. It also saves us from the threat of a loss of money by cyberattacks. It saves us months of technical effort and loss of billable hours.

It has also helped to reduce our operating expenditures.

Multifactor authentication and secure two-factor authentication are the most valuable features. It's been around for a while, but now it's becoming an enforced behavior as opposed to something that you used to do as optional. 

When it comes to securing infrastructure from end to end so that we can detect and remediate it, it's pretty good. It's a little proprietary. A lot of it is based around its own ecosystem and we've started looking at other solutions that are more open-source or a bit open to more collaboration. That's something that we're picking up with Cisco.

I have been using Cisco solutions for two to three years. 

Their support is very good, especially at an executive level and account director level. They'll always find you the right person if they're not the right person to help you do something.

Positive

My own company and our customers have seen ROI from using Cisco. The customer specifically does not lose time anymore in cyberattacks, malware, and devices being affected or hijacked.

I'm not a big fan of relicensing products every year or two years, but that's the model at the moment. I prefer to go back to licensing perpetually or permanent licensing.

We chose Cisco because it's very good, very well understood, has a good reputation, and has a strong support community around it. There is good technical expertise if you need it.

I would rate Cisco an eight out of ten. 

Our primary use case is multifactor authentication for our VPN users. We didn't have multifactor authentication before. After we integrated Duo Security with our systems, everyone has been using it, and it has given us peace of mind when dealing with VPNs.

The most valuable feature of Duo Security is the ability for the user to easily approve access. The application prompts the user, and they can see the location and the IP address. This makes it easy for the user to approve it and go through the process of logging in to the VPN.

Duo Security can be used for any type of authentication apart from that for VPNs. It saves time and prevents problems because it is user-friendly.

Integration between Duo Security and FTDs needs improvement. Integrating Next Generation Firewall safety with Duo Security currently requires a proxy agent between Active Directory and the appliance. It's an additional factor that we need to think about. It would be great to have direct integration with FTD so that we don't have to worry about middleware products. For the rest of the Cisco Secure solutions, the APIs need improvement.

Duo Security needs to improve the delivery of text messages to the users. This has been a big pain point for us over the years. Though we understand that the local telecoms are the ones responsible for the final delivery of the message, there should be a way to improve the process. Some users don't use the application and rely on SMS messages. It is a problem at times because the messages are not delivered.

We've been using Duo Security for almost six years.

We use Cisco Umbrella, ISE, FirePOWER Services, Next Generation Firewalls, FTD, ASA, and Duo Security.

The stability of Duo Security is great. We receive notices for any problems or issues in a very timely manner.

The solution is generally easy to scale. If you have the ability to deploy Duo Security yourself or can leverage third-party integrators, there should not be any issues with scalability.

Cisco support for Duo Security has been great. We haven't had many cases, and most of the ones we have had were related to SMS and text messaging delays.

On a scale from one to ten, I'd rate technical support at eight. They are quick to provide solutions but can improve on working with third-party service suppliers so that end-user experience is better.

Positive

Deploying Duo in our environment was very easy because of the pre-staged configuration. It was very quick, and in one to two days, we had a VPN concentrator using Duo Security.

Duo Security was initially deployed using a consultant, but afterward, we deployed multiple additional VPN concentrators ourselves.

The return on investment has been huge in terms of protection from cyber-attacks. We have been able to protect our employees by having multifactor authentication. This is invaluable for companies in the current threat landscape.

In terms of support, it's always great to have happy users who are able to easily log in to our environment through VPN without having to bother about non-working software agents or any other type of authentication platforms.

My advice to you if you are evaluating Duo Security would be to do your research and compare it to other competitors. If you are a Cisco-oriented company, you will see that there are several benefits to using Duo Security. You will also see that it has the edge over other solutions on the market.

On a scale from one to ten, I would rate Duo Security at eight. The stability and user experience are great, but there's room for improvement in terms of text message and SMS delivery.

We use Cisco Firewalls, Cisco Umbrella, and we played a bit with Cisco Duo. The integration between has gotten better recently.

We use them for a security solution, multifactor authentication, and DNS protection.

It helps increase the security posture of the organization.

Cisco saves us time. We automate as many tasks as possible.

The integration is the most valuable feature. The products talk to each other. 

The products help us to detect and remediate threats.

The integration has improved recently but it can still be better. 

We were considering purchasing other products, like AMP for Endpoints, and it was not properly integrated with the firewall function. It might be better now with SecureX.

My company has been using it since before the company was founded more than ten years ago.

Their support can use improvement when it comes to responsiveness. It can take a few business days to convince an engineer that a device is faulty. 

Neutral

We also use other products from other companies for web applications and firewalling, besides Firepower. There are pluses and minuses for the other companies. 

From Gartner's perspective, Cisco products are not market leaders in some areas. 

With good specialists and support, it's easy to implement multiple Cisco products. 

We should be protecting our network and the cost of security and the OpEx is important, but it is more important to have a protected network.

I would rate their security products an eight out of ten.

We wanted multi-factor authentication across a variety of platforms.

It's improved security by enforcing strong, reliable multi-factor authentication, and it has reduced intrusions across our organization. It makes sure all the user sessions are at least a little more trustful than if we just had single-factor.

In terms of remediating threats, we are able to pick out unsuccessful login attempts pretty quickly on the Duo platform and we can shut down those accounts. It makes us more proactive. That works well.

The ability for users to authenticate via phone, from any random phone number, has been very helpful for managing a distributed workforce. Using it across a distributed network for securing access to our applications is big for us. It works very well, and we have no major complaints about the integration of any of our third-party applications.

We have a high level of confidence in the platform, especially for identifying potential logins from unexpected geolocations. The data associated with logs is very helpful for helping to make that determination.

It's very important for us that Duo Security considers all resources to be external, especially as we lead up to Zero Trust. It needs to be like that.

End-users find it more annoying than anything else. It's tough to manage user perception of the service, especially when there isn't feature parity between Mac and Windows users. There are some challenges in making that user experience the same between platforms and helping users feel the least amount of burden possible while helping to ensure the organization's security.

Network connectivity depends on where users are located. Internally, on-premises, it's not hard keeping connectivity, but we have users who move throughout the world, and their levels of connectivity change. It can be a challenge, if someone is in Bahrain, to authenticate via Duo.

I have been using Duo Security for two years. 

We've had no issues with the stability of Duo. I consider it to be a stable product.

It has scaled to meet our needs. I don't know how it scales if you have 10,000 or 20,000 users, but for our organization, with fewer than 5,000 users, it's been fine.

The technical support has been adequate. They are responsive regarding support for troubleshooting tickets. We haven't had any issues that required escalation, so we've been happy with it.

Positive

We did have a previous solution. The interoperability has been improved with Duo compared to that solution.

Our physical deployment of the solution is in the continental United States, but our users are worldwide.

I don't place too much value on any single product, since placing too much trust in one thing creates a single point of failure. This is just a single piece in a broader spectrum of security products to accomplish our actual goals.

Building resilience is nice, but there's a point of diminishing returns when it comes to doing that. Part of my job is to help our leaders understand where that diminishing return is.

The single pane of glass management is desirable, but it's like a unicorn. No single pane of glass is ever really a single pane of glass. That's something that would be nice, but it's not something I expect.

Duo is a very consistent product and flexible in how it can be deployed and has good support. It's a product we're very happy with.

We mostly use it for multi-factor authentication with email platforms like Office 365 as well as other apps.

We were looking to deal with email phishing attacks and brute force attacks, and the like, and Duo has helped a lot. We're more secure with multi-factor and have seen the number of phishing attacks and brute force attacks go down.

Logging in with Duo is baked into anything that we log into, including any applications, email, and web apps. We integrate it with a product called Jump Cloud, which is our cloud-based identity management system. We have also integrated it into WebEx and Box. Duo runs all of our security and MFA, and it's worked out well.

It's helped a lot of our customers with multi-factor in their identity management systems, on-prem and in the cloud. That way, when users log in, they get the MFAs to be able to log in to any resource on the network.

And because everybody is working remotely now, Duo checks all the boxes for hybrid work.

When it comes to remediating threats, it has helped us do so quickly. We don't even see a lot of the threats anymore because it's working behind the scenes. It has definitely decreased the number of threats in the last year compared to what we used to see.

The ease of use and the ease of management of all the users have been key for us. The setting up of devices in Duo has been really easy as well. It's better than all the other ones I've worked with.

Another important feature is that Duo considers all resources to be external because even the internal ones look like external ones, and people click on stuff and get caught. It's very important to be more cautious than ever.

Also, the single pane of glass management works very well. That feature is very important because we have a lot of admins who have to manage Duo, and it's much easier when it's a single pane of glass. That single pane is also great because it's easy to enroll new devices.

One area that might be improved is that setting up SMS texting is not as easy as using the app, even though it does support it.

Also, a faster management user interface would help. It tends to lag a little bit.

I've been using Duo Security for three or four years.

It has been stable. We haven't really had many issues with it. It maintains network connectivity across all workplaces and works great. I don't have any complaints.

It can scale to as many employees as you have. It can go from five employees to 1,000 employees. I don't see any issues with the scalability.

Their technical support is great.

Positive

We did not have a previous solution.

The initial deployment was pretty straightforward. We had a small number of challenges, but nothing we couldn't get by. It was pretty smooth, overall. Setting it up and enrolling new devices into the environment was a breeze. That was the easiest thing.

We do it ourselves.

We see ROI in that users feel more secure and their morale goes up. You get to keep those employees a lot longer if they feel better working for an organization that's investing in security. A big benefit is keeping your employees.

Everybody loves it. They feel a sense of security when they get that prompt to send them a text, or an email. It makes them feel like they're working for a company that is really taking the time to secure the environment. It gives them a good feeling when they get a second form of authorization.

The pricing is pretty competitive. It's pretty cheap. Anybody can adopt it. We don't have customers that haven't used it because of the price.

We evaluated Microsoft Authenticator and Google Authenticator. With those solutions, you don't have the granularity of management of the MFA environment that Duo offers.

Our Duo is all cloud-based, there's nothing on-prem. We typically integrate it with our cloud apps.

Resilience in cyber security is a game-changer. We have the same challenges that every organization goes through with security: phishing attacks, ransomware attacks, et cetera. I wouldn't say it has eliminated 100 percent of them, but it definitely cuts a lot of that stuff out. Every organization should have something like Duo, or MFA in general. But if they're going to do it, they should do it with Duo just because it's so easy to manage and it is resilient.

For management that wants to build more resilience within their organization, they have to implement multi-factor authentication across that organization for everything. It shouldn't just be for email but everything internally as well. 

We use Duo Security for two different parts. One is for access to one of the servers, and the other one is for accessing the VPN connection.

It helped free up the time of IT staff. It helped them to manage the control within the users. They can control who gets access to which part of the system. For example, if there is a group of people who need a certain type of permissions, they can set them up easily. They can gather them in groups and give specific permissions. They can also give specific permissions to only one person.

It has been very useful in detecting or fixing threats that come into the organization.

It's a good thing for the authentication of your credentials. It's easy to use for the security part, and it helps to improve our security posture.

They can make authentication easier. It should be done in a shorter time. Sometimes, it can take a bit more time to get the answer on your phone. You have to wait a bit longer to get the SMS code and other things. There can be some internet or connection issues. They should make it faster because sometimes, it's urgent, and you need to access something as soon as possible.

I have been using this solution for about two years.

In general, all Cisco products, not just the Duo product, have a lot of stability.

Their tech support is pretty good, but there are some disadvantages. Sometimes, they take a long time to answer. I understand that some of the issues are not very easy, and it takes time to research them. I'd rate them an eight out of ten.

Positive

We didn't use any non-Cisco products. We were only using Cisco products. The IT part of our organization is using the Duo authentication system, and we are using another part of the server for authentication.

It's not very hard. It doesn't take long. The IT gives us an access code for it. 

I just downloaded the app, and after that, just got the security code from that department. I entered that, and it was done. That's it. If you are changing your device and they're just resetting your data, it can take two or three minutes maximum for a new device.

I'd rate Duo Security an eight out of ten.

We use it for two-factor authentication for end-user and administrator login. We wanted to secure our endpoints.

The single pane of glass management is very important and it is part of the reason we went with Duo. Anything we can do to save time for our administrators, help desk staff, and engineers, is valuable to us.

I wouldn't mind seeing some options for remembering a device for a short period of time or a specific login, particularly for administrative engineering staff, as we may be logging in to four or five different services. We're having to use it a lot. I understand it, it's just part of it. That's not specific to Duo. That's two-factor authentication in general.

I've been using Duo Security for about a year.

It's stable. We haven't had any downtime that I can recall or any problems with maintaining network connectivity.

Any issues we've had have been local to a specific user. Maybe the phone number was not set up right or there was some conflict as a result of somebody changing a device, but it's always been pretty straightforward to get that kind of thing resolved.

We started off with a small deployment and, in one or two steps, sent it out to everybody and it scaled fine. We didn't have to change anything in our setup.

We have about 1,200 users across 60 branches around the U.S. We occasionally have people using it internationally and we're able to handle that fine with our geographic location blocking or allowing, as the case may be. It's a fully virtualized environment. We have a lot of remote users, people who work in remote fields. As long as they have a cell signal, it works.

I have not had to deal with any support for Duo. The less I have to talk to support the better, for sure.

This is our first venture into two-factor authentication.

We didn't have a specific problem we were trying to solve when we got it. We were just trying to add more and more security. We did have regulatory requirements for two-factor authentication and that is what drove it.

The deployment of Duo Security was mainly a project done by our network and security team, but I was involved in it to some extent. I found it pretty straightforward. As enterprise-wide security solutions go, it wasn't too bad.

We got it integrated with Active Directory. There were some struggles there that I don't know the specifics of because our network team was working on that. But once everything was set up, it was pretty easy to add a new user and do whatever we wanted to.

It took a little time for our users to get used to it, but everybody took to it pretty well. The users don't really have to interact with it other than getting their push notifications. For them, it's easy. It requires minimal training. It pops up and it's all pretty self-explanatory.

It's pretty easy to use as two-factor authentication systems go. We evaluated a few others, including the Microsoft two-factor authentication, a little bit, and one other, and Duo ended up being our favorite. Part of that was because we're in that Cisco ecosystem and we were able to integrate it with our other services that are all cloud-based. It fit in pretty well for us, and it would for anybody with a similar setup.

Duo was also the least obtrusive to the user and the ease of administration through the administrative portal was a little better.

Fortunately, we haven't had to evaluate it when it comes to helping us remediate threats more quickly, but we're confident that it will.

Regarding resilience in cyber security, two-factor is definitely a must-have. We're satisfied with it as far as that goes, in addition to it fulfilling our regulatory requirements.

For our use case, for logins, it just works.