Cisco Duo Reviews

We try to use the solution for pretty much everything that we can use with it. The tool helps us to get into our dashboard APIs, and log into Citrix, VPN, and servers. 

I love Duo Security's push notifications. It's simple, fast, and secure. From the user's perspective, the solution is seamless. The security aspect is great. 

We have been using the product for about two to three years in our company. 

I haven't seen any reason to think the solution is unstable. 

The product is very scalable from what I have seen. 

The solution's support is pretty good. It helped us quite a bit. Both Meraki and TAC have been pretty helpful. 

Positive

We switched to Duo Security due to the cybersecurity threats that came with COVID. There was a big one that came against us at one time, but we were able to squash it pretty quickly. The threat was not able to get into the mainframe because of the solution. 

The tool's setup was easy and we didn't require too much outside help to set it up. 

As a network and security guy, security is my return and it has been better with the product's use. 

I would rate the solution a nine out of ten. Duo Security can get spotty at the back end but it doesn't break. It would be great if I could use the product to log into the routers or switches in the infrastructure. We already have Active Directory enabled in our routers and switches. However, if we could do two-factor authentication, then it could go a long way since no one's getting into them unless you want them to. We are all for more security in healthcare. 

We are using it for perimeter protection.

We are using it to protect the DMZ servers of our organization. It protects our DMZ servers from malware and web attacks.

It meets our security needs very well. It is easy to use, and documentation is also available. 

It is also very stable and scalable, and its support is also very good. We are satisfied with this solution.

Its documentation must be in French because we are a French-speaking country. They should also provide more training documentation.

Its management interface should also be improved. They should also improve its update period. If I compare its update period with other products such as Palo Alto firewalls, this solution is really slow in updates.

I have been using this solution since October 2019.

It is very stable.

It is very scalable. In my company, I have between 90 to 100 users. We also have some users who are working at another site. 

We have plans to increase its usage, but due to COVID, we're mostly working remotely.

Their technical support is very good. They are very reactive. The last issue for which I contacted them was related to an OS update.

We have used Check Point and Palo Alto solutions previously.

It is very easy for me. I work with a lot of solutions like this. Its deployment took two weeks.

Its price is reasonable. It is not highly expensive.

We evaluated lots of options from different vendors.

I would recommend this solution. Duo Security is the best solution for the cybersecurity challenges that we are facing nowadays.

I would rate Duo Security a ten out of ten.

Duo Security provides multi-factor authentication for anything that requires multi-factor authentication. It could be our internal corporate services, such as a single sign-on portal, or applications, such as Google Cloud.

It is very easy for users to enroll. There are a lot of insights that we get from using the app on devices that people use to authenticate.

The push notifications and the integrations they offer are valuable. Their mobile app is very useful. It is very easy to use.

The only time I really had some negative feedback for them was about the UI of their mobile app, but they improved it in the last version. There was no way to (re)name 3rd party OTP accounts so it got confusing when multiple ones were existing. In addition, each account took a lot of space on the screen, they condensed it in the new version to make it easier for people that have a lot of accounts added. Duo has a beta program and actively solicits and listens to feedback which personally I think is great.

It is good on the functionality side, but their pricing model is a little bit weird. Currently, there is no price advantage in signing up for yearly contracts. If you are on a monthly term or a yearly contract, you basically pay the same price, and that is very unusual. Normally, there is a discount when someone signs up for the 12-month system.

I have been using this solution probably since 2014. In this company, we have been using it for two years in total.

It is stable. Over the last six or seven years, I didn't have any issues where something wasn't working.

The maximum number of users that I have had is around 600, and I haven't found any issues there. In my current organization, every employee is using this solution. We have 250 employees.

I have not interacted with them. I never had to open a support case.

We didn't have anything in place.

It is pretty straightforward. I just need to log in to an account and integrate systems that should be using Duo Security. That's basically it. It probably took me an hour to roll out the accounts.

IT support helps users if they run into problems with the application, but that's about it. There is no separate team for its maintenance and deployment. There are a lot of service options for our users. They don't even need to contact IT support. On a new phone, they can even do it on their own.

It has provided ROI.

Their pricing model is a little bit weird. Currently, there is no price advantage in signing up for yearly contracts. There are no additional costs to the standard licensing costs.

We looked briefly at Okta Verify. It is the Verify app from Okta to use a single sign-on provider. It had the same price but far less functionality. It was a no-brainer to just go with Duo Security.

I would advise others to look at the integrations that are available and see if they can roll it out to as many applications as they can. Encourage users to use Duo Push versus the six-digit pin code that the applicant generates.

I would rate Duo Security a nine out of ten.

Duo Security is multi-factor authentication, specifically a two-factor authentication. It authenticates users so that you can know they're legitimate in the network. It can be used for mobile banking. For example, when you're doing mobile or internet banking with your phone, when it uses OTP, it is using Duo Security.

The most valuable features of Duo Security are visibility and OTP authentication. The OTP is very important because it is a self-enrollment feature, you are able to enroll users very quickly with a shorter time period.

Duo Security could improve by being more compatible with other vendors.

I have been using Duo Security for many years.

The solution is highly reliable.

Duo Security is sized per user. You can even have Duo Security for five users or 3,000 users. It depends on the size of the organization.

The solution is scalable.

The technical support is of a very high level. If you have a problem they will be able to support you. They are able to log in remotely as an engineer to give assistance. If you have the upgraded license then the support is even better and they will do everything for you if you have a problem. The support is extremely good.

The installation is very easy to do for Duo Security and it can be done with one person in one hour.

We have one person for maintenance of the solution and they do not need a lot of training to be able to do it. There is a manual that can be followed.

The licensing is very good because it does not cost a lot of money. It's affordable for all-sized customers, including enterprises. There is an additional cost for premium support.

The license can be purchased monthly, quarterly, half-year, or annual.

I would recommend this solution to others. I have seen it being used in large banks and there has never been a complaint about them. It is a very good solution.

I rate Duo Security an eight out of ten.

I am VP of product in our company and we are a customer of Duo Security. 

The most valuable aspect is the authentication and the SSO. They also focus on MFA, which is the multi-factor authentication. They are doing this very well. 

Improving coverage of different solutions and on-premise residents would make a difference. It would help if you could deploy on-premises, and not only with the cloud. Connection with an active directory requires something on-premises and for that, you need to have some kind of client or proxy, or something on-prem but keeping the idea of the users for GDPR and not sending them to the cloud to do it, makes sense.

Removing the need for a password would be a positive change as well as the ability to cover all the different enterprise applications. They don't have coverage for everything. 

I've been using the product for two years. 

The product is quite stable.

The product is scalable - they are in the cloud so scalability is easier.  

Technical support seems to be lacking. It takes a long time for them to come back to the customer. That's what I know, and also what I've heard. They have some issues with support.
They're okay but sometimes they don't respond directly. 

The initial setup is straightforward, I think. We deployed it ourselves but sometimes we required help in some places.

Pricing of the product is reasonable. 

We checked other options but because of the stability of the product and the length of time it's been on the market, we chose Duo Security. The things you need to weigh up are the size of the company, stability, and price.

I would rate this product a six out of 10.

Our primary use case for Duo Security is all user access to email.

Duo Security improved my organization by helping us secure all access points within the company infrastructure. 

Duo Security helped our company consolidate tools, including email and VPN.

What I find most valuable about Duo Security is that it is our one-stop application for multiple MFAs. 

Duo Security could be improved with the addition of more applications. 

Duo Security has not helped free up our IT department's time.

I have been using Duo Security for six months.  

Duo Security's stability is perfect.

Duo Security's ability to scale is perfect. We have 5,000 people using it in four countries. 

I have never used Duo Security's support. 

We previously used integrated multi-factor security from Microsoft 365 and Fortinet FortiToken. We made the switch to Cisco because we wanted to handle everything in one application.

I was not involved in the initial deployment. I do know however that 10 people were involved in the deployment. 

We have seen a return on investment because with Duo Security, we do not have to pay for multiple applications. Instead, we pay for one solution. 

The cost of Duo Security licensing is OK. 

With Duo, MFA allows the network to have an authenticated user sign-on seamlessly. If someone's entering a password and their user credentials and they want to get access to the network, the Duo app will have a code that the end-user has to input, which then authenticates them. It's a second layer of security before they can access the network. Even if a third party gets your username and password, without that Duo access, they won't be able to access your network.

We don't have to worry so much about the end-user that's logging in.

Multifactor authentication is the most valuable feature.

As for establishing trust for every access request, that's exactly what this solution does. Outside of having a username and password, you have to get authentication from Duo as well.

You can never eliminate trust, but what Duo Security does do is add an extra layer of security. When it comes to the internet, networks, inbound traffic, and outbound traffic, you're always subject to a potential threat. Duo Security just adds another layer.

It's a great addition to the security of any network infrastructure.

In terms of helping workers feel safe, everyone knows that the information within the enterprise is safe because the people that are logging in have been authenticated in more than one way.

It's pretty easy to maintain network connectivity once it's set up; the end-user uses it to log in. It's not something that you have to constantly manage and deal with apart from pushing updates. It's pretty much self-managed.

In terms of consistency across workspaces, it works all the time, except for when a forced update is needed.

It helped us remediate threats more quickly. For instance, if someone accesses your credentials or you leave your laptop open and someone gains access when it times out, you still need the Duo code that is sent. A new code is always needed to be able to access that laptop or even that phone. Then, from there you're able to safeguard the information that your company has.

Nowadays, data is the number one commodity, so protecting that at all costs is really important. Duo helps with that with end-users. The thing about end-users is that they are volatile. You can't really control what someone does. So, Duo security helps with managing that by having them implement a new time code that's always sensitive.

Technical support could be improved. I don't think all support should have to go through an agreement.

I've been using this solution for seven years.

It's very stable. There aren't many issues with Duo.

The scalability is just fine. If you scale a certain amount, you have to upgrade and update your license. Outside of that, it's fine.

We are a large organization that deals with a lot of high transactional payments, and we have a large number of users, maybe 100,000 a day, and inbound user traffic.

If you open up a TAC case and they get to you quickly, it's fine. If you have a service agreement that says that they will get back to you within one to two hours, that's fine because you can resolve an issue. Now, if you don't have that agreement and are just a regular user, they take 48 hours to get back to you, and if you and the network team or the security team can't figure out the issue, a lot of money could be lost in two days.

Because there's always room for improvement and because I don't think all support should have to go through an agreement, I would rate technical support at eight on a scale from one to ten.

Positive

Anytime your network is secure and it's not breached or there's no downtime or infiltration of your perimeter, there's always an ROI.

With regard to pricing, for a small business buying a one-off, it's pretty expensive. If it's an enterprise that has thousands of employees, however, it's really nothing to protect your data because if your network goes down or it's breached, you're losing millions of dollars every minute. When it comes to a large enterprise, it's priced where it should be because you're talking business to business. You're not talking business to consumer.

To leaders who want to build more resilience within their organization's security, I would say that you can't go wrong with Cisco products when it comes to security. You can start with Cisco Umbrella, then go down to their firewalls, and then the next-generation firewalls. Then, you can move down to their end-user security endpoints.

The whole lineup through their security portfolio is really strong. If you're spending $50,000 on a suite and a $100,000 total contract value, you can enter a 3.0 Enterprise Agreement. Then from there, you can lock in prices for one, three, to five years. So, when it comes to any enterprise, when you're talking about security, if you use all of Cisco's security features, from end-user out to your data centers, you'll be pretty well off.

If you have security concerns, implement Duo for your end-users.

Overall, I would rate Duo Security an eight on a scale from one to ten.

This solution provides MFA (Multifactor authentication) to protect access to the ERP system for a diverse population of employees at a public higher-education institution.

By deploying Duo, we have virtually eliminated the risk of direct deposit redirection as a result of credentials that have been compromised via phishing.

The feature that we find most valuable is Duo's ability to provide MFA via mechanisms that do not require a smartphone. We have many users who either refuse or are unable to use a smartphone. Buying them hardware tokens is out of the question, as well. The availability of mechanisms that can achieve MFA, but do not rely on either of those two supplementary elements, is critical for our user population.

Reducing or eliminating the "telephony credits" system used by Duo would be great.  I recognize that they are meant to provide transparency around the cost of using what is supposed to be a limited-use feature set, but I would just rather have the ability to use unlimited telephony and roll that cost into the annual subscription.