We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks.
Network Specialist at Syswind Kft.
Easy to deploy, simple to manage, and extremely scalable
Pros and Cons
- "The solution is very easy to manage. We found the initial setup, for example, to be quite simple."
- "The product can be pretty expensive."
What is our primary use case?
What is most valuable?
It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple.
Easy to deploy.
Efficient protection on the DNS level and even higher. The sandboxing feature analyse and handle the complicated security risks.
What needs improvement?
The product can be pretty expensive.
For how long have I used the solution?
I've been using the solution for two to three years at this point.
Buyer's Guide
Cisco Umbrella
November 2024
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
817,457 professionals have used our research since 2012.
What do I think about the stability of the solution?
We haven't faced any issues. There aren't bugs or glitches. It doesn't crash or freeze. We find Cisco to be reliable.
What do I think about the scalability of the solution?
We have a variety of customers. The number of users on each umbrella varies from one to a few thousand. Most companies may just have a few hundred users. It's basically suitable for companies of all sizes. It scales well, in that sense.
The Cisco Umbrella IT operation resource needs are equal for a large and small company. (no need to hire more engineers or operators)
Overall, the scalability is excellent. It's quite flexible.
How are customer service and support?
While I have been in touch with Cisco technical support in the past (and they've been quite good), for Umbrella, I find I don't need any support.
Which solution did I use previously and why did I switch?
I've dealt with other products on a different scale. I'd say that Cisco Umbrella is far and away much better than the other cloud security products on the market.
How was the initial setup?
The initial setup was not complex. It was pretty straightforward. We found it to be rather easy, from beginning to end.
The deployment times vary and depend on which Umbrella you use. However, we've found it should only take about a day to get up and running. An IT team can manage it. They don't necessarily need an integrator.
The solution doesn't really require too much maintenance. You probably wouldn't need a dedicated person to maintain it.
What about the implementation team?
We are integrators ourselves, however, the initial setup is so straightforward, typically an in-house IT team can manage a setup.
What's my experience with pricing, setup cost, and licensing?
The solution is costly. It doesn't come cheap. The licensing also comes with additional costs for extra services (such as sandboxing feature, L3/L4 firewall, etc...).
What other advice do I have?
We are Cisco partners. We have a business relationship with them.
We use various types of Umbrella.
I'd recommend the solution. It's one of the best on the market and it works well in different environments. It's also extremely easy to deploy.
Overall, on a scale from one to ten, I'd rate it at a nine.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Cisco Partner
Sr. Info. Security Analyst at a financial services firm with 10,001+ employees
You can use any programming language and integrate it with your products.
Valuable Features:
The various powerful query options are the most valuable features of this product to me. Using the Investigate API, we can gather the detailed history of a domain, whois information, NS records, etc. All of this information helps us determine whether a domain is malicious or not.
Improvements to My Organization:
It helps us identify malicious domains.
Room for Improvement:
I would be happy if they could add the whois information of an IP. That would further help us determine whether an IP is malicious or not by identifying the domains associated with the IP, whether there are any known bad domains associated with the IP, and more.
Use of Solution:
I have been using this solution for two months.
Deployment Issues:
I did not encounter any issues with deployment, stability or scalability.
Implementation Team:
We implemented it in-house.
Other Advice:
The APIs are very powerful. You can use any programming language and integrate it with your products. It can be really handy for security analysts.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Cisco Umbrella
November 2024
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
817,457 professionals have used our research since 2012.
System Administrator at a educational organization with 1,001-5,000 employees
OpenDNS allows us to maintain low network resource overhead on our small network. It helps us enforce compliance over logically separated networks.
What is most valuable?
OpenDNS allows us to maintain low network resource overhead on our (relatively) small network. Intuitive, flexible web filtering controls also help us enforce compliance over logically separated networks at our school for teachers, students, and non-academic staff.
Given the small to medium scale of our network architecture, our current gateway/firewall DMZ infrastructure is specced too low, and our budget too limited to accommodate more fully featured security appliances. While some organisations may utilise higher specced security appliances with powerful software features available directly on the device including user management, granular IP filtering and more, we must make do with lower spec appliances.
Furthermore, while our network is based around a gigabit fibre core, we have seen bandwidth utilisation increase greatly over the past several years due to cloud hybridisation of our infrastructure (AWS, Google Nearline, et.al.), and as a result are currently stretching the performance limits of what our current hardware stack can do. Given these limitations, the granular control which OpenDNS provides us for Web Content Filtering, malware protection and data logging are crucial in filling gaps in our network security stance.
To add, we are also an educational institution. Our standards for compliance, both internal and external, can be quite strict. We are beholden to security and compliance standards enforced by the Government of Japan, its Ministry of Education, as well as internal compliance enforced by our own Business Administration department.
This is not to mention the sort of 'soft compliance' which comes from the families of our students regarding how we handle sensitive data and personal records.
It has been our experience that the following features available within OpenDNS have helped us meet compliance reporting requirements quite readily:
- Botnet Protection
- Malware Protection
- Internet-Scale Malware/Botnet Protection- Phishing Protection
- Stats and Logs
The management interface for these features is highly user friendly and it is simple and easy to make configuration changes on the fly. This is important to us as specific security policies can and do change on a weekly or even daily basis. The size of our department also dictates that we do not have any single engineer dedicated to network security (or even networking) and so it is crucial that each of our members have the ability to log in and manage this service when needed.
All in all, I can not recommend OpenDNS as a one-size-fits-all solution for security and compliance, especially for larger organisations. I can, however, strongly recommend that any Systems and Network Engineering team consider this product on its merits regardless of scope. Personally speaking, this tool has proven itself invaluable in allowing myself and my team to perform our duties efficiently and securely.
How has it helped my organization?
Because we have a small sysadmin team, the less time we need to devote to responding to threats, parsing data logs and putting out fires, the better. OpenDNS saves us time in this regard, as well as providing fast and easy configuration control.
What needs improvement?
Difficult to answer as we haven't yet pushed the outer limits of what this product can do.
Nonetheless, one thing to keep in mind when using OpenDNS is how it will interact with your internal network and DNS architecture. You run the risk of breaking any local subnet DNS lookups in a domain-bound enterprise environment. While this criticism can be applied to other third-party DNS providers, it is nonetheless one reason for withholding a perfect rating.
Additionally, OpenDNS will handle server caching differently than your local service provider. This can cause service slowdown or interruptions, and generally prevents OpenDNS from becoming the "one-size-fits-all" solution that some would like it to be.
Finally, although this has never posed a problem in our environment specifically, OpenDNS has been known to grab NXDOMAIN records and redirect traffic to their own internal ad pages. Some people may find this unethical; however, that might depend upon whether you are utilising paid or unpaid services from OpenDNS as well.
For how long have I used the solution?
I have been using for over a year.
What was my experience with deployment of the solution?
We currently have OpenDNS deployed across two sites providing coverage to more than 500 active clients. No problems so far. We will be further expanding this year and hope to leverage OpenDNS web filtering at our new sites as well.
How are customer service and technical support?
On the rare occasions we have used it, technical support has been prompt and professional, if a bit lacking in personal touch.
Which solution did I use previously and why did I switch?
Previous infrastructure relied on router/gateway-installed software for filtering and security. It simply isn't enough for a modern network, especially not one as complicated and security-conscious as education.
How was the initial setup?
With a basic understanding of networking, implementation should be straightforward. For non-technical people, there is probably enough documentation floating around that basic configuration is possible for anybody motivated enough.
What about the implementation team?
An in-house team implemented it.
Implementation was a no-brainer. We do recommend notifying and educating users in advance of implementation to avoid potential headaches caused by sudden changes to filtering policies and such.
What was our ROI?
ROI for OpenDNS: time saved, checkboxes ticked, and organizational leadership satisfied.
What's my experience with pricing, setup cost, and licensing?
Get a quote! You also need to weigh any licensing costs against potential risk factors. (I.e., what is the potential cost factor of not implementing this or other solutions?) OpenDNS licensing structure and policy is generally straightforward and easy to understand. In our case, managing a network in use by students, many of them younger, necessitates certain compliance and security implementations not found in typical corporate environments.
What other advice do I have?
Plan out your security coverage and filtering strategy in advance of purchasing and implementation. Think about what role you expect OpenDNS to fill in your security architecture. Do you have Layer 3 security in place? Where do your vulnerabilities lie and what threats can you expect to counter?
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Support Engineer at a tech services company with 51-200 employees
A cloud-delivered security solution with a useful DNS layer security feature
Pros and Cons
- "I like the DNS layer security."
- "It would be better if there was a little bit of flexibility for organizations that don't have SD One in their environment. Because of the complexity of the environment, it's not easy to actually turn on the feature of the secure internet gateway for our users. We have not been able to explore that option yet."
What is our primary use case?
We are using Cisco Umbrella temporarily for DNS security, but we want to migrate to secure the internet gateway, which is what we are working on at the moment.
How has it helped my organization?
Cisco Umbrella has improved our organization in the sense that we have more users working from home because of the pandemic. We have a lot of users working outside of the office.
Cisco Umbrella helps secure our environment more because we've deployed some of our applications to the cloud. Our 365 team applications are running on the cloud. Cisco Umbrella helps protect us by guiding threats in external parameters.
It's been helpful for us in the sense that we can see and guide what is coming into the enterprise using Cisco Umbrella in the cloud. This is good for users that are working outside of the office environment and working from other remote locations.
What is most valuable?
I like the DNS layer security.
What needs improvement?
It would be better if there was a little bit of flexibility for organizations that don't have SD One in their environment. Because of the complexity of the environment, it's not easy to actually turn on the feature of the secure internet gateway for our users. We have not been able to explore that option yet.
For how long have I used the solution?
I have been using Cisco Umbrella for almost six months.
What do I think about the stability of the solution?
For stability, I will give it 30%
What do I think about the scalability of the solution?
Scalability is okay. I think it has that functionality. Depending on the perspective of the environment, you can scale to any capacity you want because this is a cloud solution.
How are customer service and support?
Technical support is okay.
Which solution did I use previously and why did I switch?
We had issues with our traditional secure web gateway. Our environment is not entirely SD One supported yet. We had problems with the SWG device for dot com users. We got advice from Cisco that Cisco data can do the same functionality for that. So, we'll be using it.
We were using Broadcom as our secure web, but we had issues with the number of connections that it could handle. That's the setback, and that's why we're opting for the Cisco umbrella solution.
We have a partnership with a company here, and we have a partnership with Cisco. Most of our appliances in the environment are Cisco products, and we felt that going for a product from them would serve our data. We didn't look at other products.
How was the initial setup?
This solution was deployed across different locations for different users.
We have six remote locations, and we have two data centers. It's deployed across all of those locations.
What other advice do I have?
I would encourage potential users to go for it.
On a scale from one to ten, I would give Cisco Umbrella an eight.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
The introduction of Cisco umbrella into our infrastructure was a tremendous change. It has helped to protect the infrastructure better. Because every traffic exiting to the internet is now being filtered. Also combined with Cisco WSA for web proxy, it is a good one.
Network Consultant at a security firm with 51-200 employees
One of the easiest ways to avoid phishing attacks
Pros and Cons
- "Cisco Umbrella is a totally different solution. They are the first to come up with this idea of security. It's a totally new concept of security for everybody, for every time, real time, perfectionism."
- "I would like them to make some videos, practical videos, the kind with steps that people can use to learn and deploy"
What is our primary use case?
We have small, medium and enterprise customers.
What is most valuable?
Cisco Umbrella is a totally different solution. They are the first to come up with this idea of security. It's a totally new concept of security for everybody, for every time, real time, perfectionism. The browsing is great compared to other products. You will be protected by Cisco rather than other security solutions where you must first be rerouted and then they will start working on the domain rather than this. This couldn't be compared to any other solution.
What needs improvement?
I would like them to make some videos, practical videos, the kind with steps that people can use to learn and deploy.
For how long have I used the solution?
You could say maybe two years or three years that we have been working with Cisco Umbrella.
What do I think about the stability of the solution?
Cisco Umbrella is very stable.
What do I think about the scalability of the solution?
Cisco Umbrella is very scalable.
How are customer service and technical support?
Cisco technical support is always fine.
How was the initial setup?
A couple of clicks that we have had it up and running. Cisco requires more documentation regarding to the basic configurations. That is what I can say. I don't think I'm expecting it from Cisco's side.
What's my experience with pricing, setup cost, and licensing?
You could say the price is a little bit high.
What other advice do I have?
If you start to talk about it, it's a really interesting new kind of security product rather than other places before it. There is a place to come on to find a solution. So this is one of the easiest ways to avoid phishing attacks. This is one of the strong products. I would rate Cisco Umbrella at a nine on a scale of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Chief Enterprise Architect at Expanded Reality
Great security and access control features
Pros and Cons
- "The security and access control features."
- "User interface could be a little smoother and more intuitive."
What is our primary use case?
We use this solution to provide Dorel filtering and security for our WiFi environment. I'm the chief enterprise architect and we are customers of Cisco Umbrella.
What is most valuable?
The security and access control features are the most valuable for us.
What needs improvement?
Improvements could be made with the user interface, it could be a little smoother and more intuitive.
For how long have I used the solution?
I've been using this solution for two years.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
I have scaled it in other companies and it scales very well. It's got a UV, it's got a decent user interface so once you go to Cisco training, they offer it when you buy the product so that if you are a small business looking for something like Umbrella, you can set it and forget it and it works. You can also tie it into your WiFi solution.
How are customer service and technical support?
Tech support at Cisco is great. Not just for this project. I've been working with Cisco equipment and Cisco tech for 25 years now and I've never had a problem with them.
How was the initial setup?
The initial setup was relatively straightforward. We had an implementation strategy and it wasn't particularly difficult.
What other advice do I have?
In general, Umbrella is a competitive solution for small or large enterprise. It's never the cheapest, but it's always in the competition, at least in my experience. I would recommend the solution, there's no reason not to go there, depending on your specific situation, of course.
I would rate this solution an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Engineer at a financial services firm with 1,001-5,000 employees
Stable, integrates well, and is easy to install
Pros and Cons
- "What we like most is security and how easy it is to integrate with other appliances."
- "In the next release, I would like to see the integration of VDI NSX with Cisco Umbrella."
What is our primary use case?
We are using this product for DNS security that is integrated with Active Directory. We are also using public DNS connectivity for the filtering of underlying threats.
What is most valuable?
What we like most is security and how easy it is to integrate with other appliances.
What needs improvement?
The different levels of security, such as backend security and internet security, need improvement.
In the next release, I would like to see the integration of VDI NSX with Cisco Umbrella.
For how long have I used the solution?
We have been using the entire Cisco Solution for three years.
What do I think about the stability of the solution?
In the two years that I have been using this product, it has been stable. We have not had problems.
What do I think about the scalability of the solution?
It's a scalable solution.
How are customer service and technical support?
My experience with technical support is that when you open a case, you get better support. I ordered a part and was told that it was not available. When I opened a case, it was better.
Which solution did I use previously and why did I switch?
In addition to Cisco Umbrella, we are using Cisco Firepower.
We use the entire Cisco solution that includes Cisco Umbrella, Cisco AMP for Endpoint, and Cisco Firepower.
How was the initial setup?
The initial setup is easy. It took a day to deploy.
What other advice do I have?
We use the entire Cisco solution and we are happy with the product integration.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Technician at a healthcare company with 51-200 employees
You can define custom categories if the predefined categories are too restrictive or not restrictive enough for you.
What is most valuable?
The ability to use custom categories to block out websites was valuable because the predefined categories were either too restrictive or not restrictive enough. For example, one category would block everything from social media to webmail, while another category did not block either. So to be able to customize categories made it a lot easier.
How has it helped my organization?
This product has made it easier for our IT team to keep employees on track to work and away from distracting websites.
What needs improvement?
Perhaps an option to be able to block only specific users would be a way to improve the free version of OpenDNS. In our department, there are multiple users that need different levels of access. For example, those who work in the advertising department need access to social media, while those in the accounting department do not. The ability to be able to set different rules for each user would have been nice to have.
For how long have I used the solution?
I have used it for about six months.
What do I think about the stability of the solution?
I did not encounter any stability issues.
What do I think about the scalability of the solution?
I did not encounter any scalability issues.
How are customer service and technical support?
I did not need to contact technical support when using OpenDNS. The product is very self-explanatory.
Which solution did I use previously and why did I switch?
This was the first product we used for filtering websites.
How was the initial setup?
The initial setup was very straightforward. I did not have any issues.
What's my experience with pricing, setup cost, and licensing?
I was using the free version of OpenDNS, so I am not aware of the pricing.
Which other solutions did I evaluate?
We were choosing between pfSense and their packages versus. OpenDNS looked easier to setup, so we went for that first. Eventually, we moved to using pfSense’s SquidGuard, because it allows us to be more precise with filtering websites.
What other advice do I have?
This product is very straightforward and simple to setup. I would recommend others to just give the product a try. I am sure they will be happy with the results. OpenDNS has different filtering levels, but I found it easier to just go for the custom level versus the ones they had set up already.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Cisco Umbrella Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Domain Name System (DNS) Security Secure Web Gateways (SWG) Internet Security Cloud Access Security Brokers (CASB) Secure Access Service Edge (SASE) Cisco Security PortfolioPopular Comparisons
Infoblox Advanced DNS Protection
Palo Alto Networks DNS Security
TitanHQ WebTitan
Infoblox BloxOne Threat Defense
Akamai Edge DNS
F5 BIG-IP DNS
EfficientIP DNS Guardian
Heimdal Endpoint Security
DNSFilter
Akamai Secure Internet Access Enterprise
BlueCat Edge
Webroot DNS Protection
EfficientIP DNS Firewall
EfficientIP DNS Blast
N‑able DNS Filtering
Buyer's Guide
Download our free Cisco Umbrella Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which is the better security solution - Cisco Umbrella or Zscaler?
- Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?
- What are the pros and cons of Cisco Umbrella vs. Zscaler SASE for a large global enterprise?
- What are the differences and similarities of Symantec Fireglass and Cisco Umbrella?
- Which product do you prefer: Cisco Umbrella or Palo Alto Networks DNS Security?
- Which solution is better: Cisco Umbrella or Palo Alto Networks DNS Security?
- When evaluating DNS Security, what aspect do you think is the most important to look for?
- Why is Domain Name System (DNS) Security important for companies?
- What DNS security tool do you recommend?
- Why is domain name system security important?
"You run the risk of breaking any local subnet DNS lookups in a domain-bound enterprise environment."
Surely that's simply a matter of only routing *external* DNS requests to Umbrella?