Cisco Umbrella Reviews

We use Umbrella to front-end all of our DNS requests and that way they protect any of our end-users from going to any kind of malicious site. It doesn't matter if they're in-house in one of our locations, or if they're remote and working from home. That was the biggest part was the fact that we could protect our end-users, even when they're not in the office.

We were actually trying to solve other challenges, which included just to protect the onsite, but once COVID hit, it pretty much made it a very easy transition for us. At one point, when COVID was at its highest peak, we had everyone working remotely. We didn't have to worry about how we were going to restrict our access on the internet, because Umbrella was already handling that for us.

It made us more secure, which is a very important thing for a financial institution.

The support for hybrid work was the biggest thing. It protects our users, whether they're in the office or they're out of the office. We get the same policy in both locations. We can assign policies based on individual group memberships and it travels with them no matter where they go. It helps no matter where they are.

Since it's based on user DNS requests, it's right from the endpoint all the way through the network to be able to identify those locations and restrict access if necessary. It's not just the malware sites, which is very important, but it's also just content in general. There are business reasons for restricting access to certain content.

Since we implemented Umbrella, we are seeing a fairly significant amount of threats being blocked. A good 20 percent of all the activity, on average, that we see is actually being blocked by Umbrella, because it's either violating policy or it's some kind of malware.

Both monitoring the activity, so that we can investigate anything that may pop up, and the ability to restrict the access, or filter out what content end-users can view or go to [are valuable features of Umbrella]. Also, the fact that it blocks them from any known malicious locations.

It works really well and the best part about it is the fact that it's transparent to the users until they try to go somewhere that's either restricted because of content or restricted because of the fact that it's malicious. Then they simply get a popup and that's all there is to it. So from their perspective, it's very easy. They don't have to do anything in order for it to work.

There is a single portal that we go to that handles being able to set up policy, look at activity, or even manually add sites that we think that we want to restrict, even if it's not considered a particular category or a particular malware. The single-pane-of-glass management is very important. We have a very small team. We can't spend a lot of time going from product to product to product to either investigate or set up policy. We need to have one place that we can go to and set everything up.

It's really easy. It's an easy portal to go to, it's cloud-based, so we can get to it from anywhere. The ability to set up the policy is pretty straightforward. There are a lot of tie-ins with other products, like SecureX and other things, that make it just as easy.

It's cloud-based, so as long as you can get to the cloud, you're golden.

The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical.

I have been using Cisco Umbrella for about four years now.

It's been extremely stable. In the last four years, I do not recall a single outage. There has been nothing that I can think of that actually affected the performance of the system at all in the last four years.

We've never had an issue with scale. We've scaled it up to every user that we have in-house. When we deployed the gateways, we deployed two for HA purposes, but from a scale perspective, it's DNS queries. It doesn't take much. Our whole organization is on it.

Support for Umbrella is very good. There's a way to contact them directly from within the portal and we use that periodically.

I give them about a nine out of 10. There are issues with Cisco's tech support, like all the rest of them.

Positive

Umbrella was actually the first [solution we used in this area]. Once we discovered that that was a big hole we had—we didn't have anything that was controlling content for our internal end-users—we could run into problems with regulation, problems with compliance. It could run into issues with HR, as well as security issues associated with malware. We knew it was a hole, that we were missing. Umbrella filled that hole for us.

There were two pieces of the deployment. One was the cloud deployment, which got us set up in the cloud to begin with. We also had gateways that were installed on-prem, in-house.

We were able to get the gateways up and running in about an hour. The cloud deployment was all done by the Umbrella organization on the back-end side. To deploy to the end users, all we needed to do is set up a policy that said, "This is what you use for DNS." Once that was set up, we were done. Deploying that was done in a group policy and that group policy was pushed in a matter of minutes. The entire solution was probably deployed in just a few hours.

We did it all ourselves. Cisco handled the back-end side with the portal itself, but the rest of it, we did ourselves.

I think we got our return on investment within the first month of its use, because of the increased security that we had in the organization; the ability to have a product that is protecting our end-users. We do educate our end users today, but Umbrella doesn't require us to go through as in-depth an education process to say, "Okay, you're going to have to do the research. You're going to have to figure out what sites are bad. You're going to have to figure out where not to go." We don't have to do any of that. That's all handled by Umbrella. We just need to let them know that we're protecting them on the back-end side.

Its value exceeds its pricing.

We looked around to see what was available. There were a lot of content filtering solutions available, but one of the things that Umbrella brings, in addition to content filtering, is that awareness of known threat sites. Their tie-in with Talos, Talos being that organization that does all that research and feeds that into Umbrella, means that we not only have known malware sites from six months ago, but we're getting feeds from Talos within hours.

The impact on our employees' morale has been good. Anytime the employees understand that we're doing something from a technology standpoint to secure the organization more, that makes them happy. It's something that they don't have to concern themselves with as much and it improves morale quite a bit.

Resilience in cyber security is extremely important. We're a financial institution, so cyber security is very high on our organizational goals, all the time. Making sure that cyber security is resilient against any of the latest attacks that are coming out is extremely important. It's a constant thing. Cyber attacks are increasing every single year. The methods that are being used are increasing every single year. If something were to happen, not only would we have a financial impact, but we have a reputational impact. For a financial institution, a reputational impact could be just as devastating as a financial one.

Umbrella helps us with that overall security. It gives one less attack vector for the bad guys to get into. We're protecting those end-user devices and we're protecting those end-users from going to places that could be malicious. The fact that it's doing that for those end-users increases our overall security without us having to rely specifically on end-user education in that particular attack vector.

For leaders who are looking to increase resilience within their organizations, I would say that what is necessary is to do as much security, in-depth, as you can. That includes using Umbrella to protect your users and using lots of other security products and being able to secure every aspect of your organization.

I would rate Umbrella absolutely a 10 out of 10. It's literally a lifesaver when it comes to being able to protect our endpoints.

We use Cisco Umbrella to secure our gateway. All of the DNS forwarding coming out of the company from any site or all the DNS requests are forwarded through Cisco Umbrella, and then they determine if that is a safe address and if the content coming back is safe. They will either reject the addressing out of hand, or they'll look at the Layer 7 content and reject that from making it back to us.

We are using the Secure Internet Gateway (SIG) Advantage package. In terms of deployment, effectively, it's deployed from our private cloud. It's in our data closet on our servers.

It enables us to finally allow laptops to be used as workstations and allow data to leave the building. In the past, laptops were only used for VPN access, but they would connect back to their data inside the company. This has allowed us to have a level of confidence that they're protected as if they were behind our firewall. So, now, we've got work-from-home people who literally have their workstations with them.

We have six sites with 60 to 70 users. The baseline configuration allows for additional protection for any DNS requests as they leave those sites, and then the secondary policy is for the mobile devices as they leave the premises. When they're connected to public WiFi, they have an additional policy that kicks in for that time that they're not connected back to the company. So, when they're on public WiFi without a VPN, the tool will actually put that second policy in place that's more aggressive and offers a higher level of protection when it's not sitting behind the firewall. All that is automated. It's all built into the agent.

We don't allow WiFi inside of our network for connection to our actual business network. As soon as a device is docked, it disables WiFi on that mobile device.

When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances.

There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad. I can't geofence out. I can plot top-level domains, but .com and .net go global. I can certainly block a China (CN) or a Russia (RU) domain, but that doesn't give me the same level of granularity. 

Apparently, Cisco Umbrella has got that as a feature request to allow an administrator to say, "I specifically only want traffic to and from these countries. Everything else should be dumped." That way, when they're sitting behind my network or they go out in the wild, they have that same level of traffic being blocked.

I have been using it for 14 to 15 years.

We've had no issues. It has done exactly what it's supposed to do.

It is cloud-based. So, scalability should not be an issue. 

Any increase in its usage is all relative to the growth of our staff. Currently, we deploy the laptops for people who need to work from home or are traveling between the banks. That's roughly about 20% of our total staff. Some people aren't going to be working from home, and some of their jobs can't be done from home. They have no need for mobile devices. If there is a need to work from home, its usage will increase. It is there if we need it to scale, but at this point, it is not scheduled to change.

Once I became a paying customer, it was much better. The preliminary training is there, but when you get into the nuances and the details of some of its capabilities, you need to talk to tech support. Once you're a paid customer, you get direct access, and then it's good. When I'm able to get a hold of them, their technical support is a 10 out of 10.

Positive

I didn't use any similar solution previously. 

I was a hundred percent involved in its deployment. We had a couple of issues. The proof of concept was done without a lot of planning. So, there were some mistakes made along the way. If I was doing it again the second time, I wouldn't make the same mistakes. 

The default configurations have your baselines. Those are never supposed to get changed, and I changed and tweaked those for our proof of concept. After a couple of weeks, I had some additional guidance from the Cisco Umbrella team. You leave the baseline configuration, and then you clone and create a new configuration that sits in front of it. So, everyone gets the baseline, and you don't change that. If you want to change it, you make a new policy and then make the changes to that. If you change the baseline default policy and you make a mistake in it, you've to back that all out. If you make it in the new policy, in the worst case, you just delete it, and automatically everyone goes back to baseline. So, there's still a policy in effect. That was a training issue that should have been resolved. Now that I've done it, if somebody asks me, I would say that this is the way you've got to do it.

It was just me taking care of its deployment. In terms of maintenance, once it's configured, unless you're retweaking and adding or removing something that was blocked, it pretty much runs itself.

I have less maintenance to resolve, fix, and reconfigure VPN clients personally, and the feedback from the end-users is that they're more productive.

We were using the free version, and we implemented the paid version about two months ago.

I'm paying a fair price, but everything is negotiable with Cisco. One of the benefits that I got by having Cisco Umbrella is the licensing of the Cisco AnyConnect VPN client. There has always been an issue for years and years with Cisco Meraki in terms of VPN clients and using the native built-in Windows client. It keeps reconfiguring itself. By using Cisco AnyConnect as the VPN client, it's not affected by Windows patching or people typing in passwords by mistake. It's more resilient and doesn't change. With just Meraki solution, there was an extra expense for the Cisco AnyConnect VPN client. By having Cisco Umbrella, that licensing is now included.

There were a couple of other options, and I discussed them with another consultant. As a regulated industry, we have to do vendor management, and vendors have to be vetted. So, Cisco was already a vetted vendor. There are other companies that do the same thing, but Cisco didn't require me to do any more vetting. They were already a vendor.

When it's configured the way it's supposed to work, it turns itself on and off based on the status of the VPN or the dock condition. Once it's configured, it does exactly what it's supposed to do. 

If you're doing a proof of concept on it, fully understand how the policies are configured and what the flow is. You should understand the hierarchical status of the policies to configure it right the first time. You don't really want to guess it.

I would rate it a 10 out of 10.

Cisco is a very efficient and on-point solution that controls the whole network and settings on one page. We can monitor the entire network.

The solution could be faster as the process is very slow.

I have been using Cisco Umbrella as a reseller for four to five years.

I rate the solution’s stability an eight and a half out of ten.

We have deployed it to small businesses.

I rate the solution’s scalability an eight out of ten.

The initial setup is straightforward and takes few hours to complete.

I rate the initial setup a nine out of ten, where one is difficult, and ten is easy.

ROI is pretty good. I rate it as eight out of ten.

You need to buy an additional license for customer services. The licensing is moderate.

I recommend the solution.

Overall, I rate the solution as eight and a half out of ten.

Our primary use case for Cisco Umbrella is for content filtering and for different access lists. We have different lists for different departments of what they can access.

It makes it really easy to accomplish content filtering. We don't have to do a lot of customization. You just click the box for the content category and it's up to date. 

This ability is very important to my organization because we're in the financial sector and security is at a premium. 

Cisco Umbrella is pretty straightforward and simple to use. We recently did social media blocking and it was really easy for our marketing department to access it. It's pretty straightforward. 

It helped free up IT staff for other projects. It saves us a lot of time by blocking potential breaches. It's very reliable.

Umbrella has definitely helped us improve our cybersecurity resilience by blocking malicious links and adware.

I would like for them to continue building on IPS and IDS functionalities. 

We have been using Cisco Umbrella for five years. 

It's been very reliable. I haven't had any issues with it. 

The scalability is easy. It's deployed through group policies. 

We're a Cisco shop. We have a lot of their products.

We have seen ROI through its pop-up blocking. 

We hope that Cisco will help us consolidate tools more than it is now by incorporating more IPS and IDS functionality. 

My advice to someone considering Cisco Umbrella would be to focus on how easy is to use the GUI and how easy it is to navigate. You pretty much just click a box and the content categories work. 

I would rate Cisco Umbrella a ten out of ten. 

If your needs vary by department, I would advise making different groups for different departments. It's easier to do it that way than to set it up and go back to tie it to different AV groups. 

Our customers use Umbrella for a security network. They want to have DNS connectivity and drop traffic before it becomes dodgy. 

Clients implement Umbrella with the full proxy. 

Umbrella enables customers to be secure. We are happy with this and this is the most important benefit for customers.

DNS is the most valuable feature of Umbrella. We want to have DNS integration with data directories and we have customers asking about the Azure Integration. 

We try to fit all the Cisco Secure products together. This is the value the customers can see as well. We enable the Firewalls, Umbrella, and AMP so that the customer can see the whole view of what Cisco is doing. 

Our customers want to be able to work remotely. They want Umbrella to work securely from the office and to work securely outside of the office. 

We have been using Umbrella for years now. We have an Umbrella internally as well. I sell Umbrella to customers. We offer the full setup to them.

We are resellers and integrators.

The stability is getting better.

The scalability is fine. The central management, that comes with most solutions, is really good. It's easier for us to go from two devices to 20 devices.

We have had quite a good experience with their support so I can't complain about it. Most of the time TAC cases are quite straightforward and do not take a long time to fix.

Positive

Our clients deploy on public cloud, private cloud, hybrid cloud, on-premise, or SaaS.

I am an engineer and do the initial deployment for them and make tweaks until it works for them. 

The complexity of the deployment will depend on the client's requirements. Some of them have straightforward requirements and some of them are quite detailed. The implementation itself is fine but there can be details where we need to check the documentation and make sure we're following what they require. 

Customers use the Firewall Migration for the migration mostly from the ASAs. We do the ASA to FTD migration, which doesn't work well.

Two or three engineers are required for the deployment. The installation is done by different engineers.  

We also do the maintenance. So whatever we deployed, we also support. We do all the support requirements, updating and reviewing the deployment that we did. We do the config that is required. For example, for the migration, if we deploy something, we come back to review what we did because we want to make sure that the customer is more secure than it was before. So we just rerun the same configuration, trying to find out if there's a gap that we can fix and make sure that the customer is secure.

The pricing changes too fast. We get the license and we need to relicense it because they already made changes to it. We always need to be on top of the licenses because they're always changing.

Cisco Talos seems to be working fine for our customers. 

My advice to somebody considering this solution is to try it. It's probably the best option to try it and see if it works. Do a proof of concept and proof of value for the customer.

Most of the time, it's for security reasons in terms of looking at what DNS requests are being done and other things like that.

It has certainly saved us time. If we go and look at what's rejected on the requests from the hospital itself, it has saved about 5% or 6% time.

It's there to keep everything secure. Hospitals are a very nice target for attacks. We have been under an attack from Russia once, which was a DDoS attack.

It secures our infrastructure from end to end so we can detect and remediate threats.

The protection from users doing stupid things is valuable. The dashboard gives me the information I need.

Its price could be better.

I've been using it for about two years.

It's very stable. I've never seen any problems with it.

It's perfect for the things we have with it. There is a quick resolution. There are no problems at all. I'd rate them a nine out of ten.

Positive

I've not used a similar solution. We went for Cisco Umbrella because they are delivering good products. We also have all Cisco switches in place, and then we have Cisco ACI and DNA Center. We only don't have Cisco firewalls.

I am not aware of any tools that we could consolidate or get rid of by using Cisco Umbrella because it was installed about five or six years before I came here.

Cisco is expensive. For example, we are looking at Nexus Dashboard, and it's costing about 250,000 euros. I ask, "What do I get from it?" I'm still not convinced that we have to spend on it, so pricing is a problem.

It's a very good product. I'd rate it an eight out of ten. Overall, I am satisfied with the product.

Our clients use Cisco Umbrella compared with SD-WAN or Meraki solutions. They use layer 7 firewall and web proxy in most use cases and fewer DNS security functionalities.

Cisco Umbrella has replaced on-premises firewalls in our client's branches. Our client had one central cloud solution, and now, they no longer need the local firewall.

Our clients have found that Cisco Umbrella increases its security posture because there is a central policy that fits everything.

Though Cisco Talos is usually part of the backend, it is mandatory to have a good solution.

We've been implementing Cisco Umbrella for three years.

I have not seen any issues with scalability.

Cisco's technical support is pretty good. When a solution is available, they will find it. On a scale from one to ten with ten being the best, I'd rate Cisco's technical support at nine.

Positive

We sell both Cisco and Zscaler. If the client already has a Cisco solution, then Umbrella is usually a better fit. In cases when a customer already uses Zscaler, has another SD-WAN solution, or has a different vendor, Zscaler may be the first choice.

As a Cisco Secure reseller, we bring value to our customers through our technicians and engineers who consult with them and implement the solution. This is a benefit from our partner side.

The initial deployment is quite easy. It's internal, and with a few clicks, Cisco Umbrella can be up and running.

Cisco should make the solution cheaper.

The locks and management could be better. The product is fairly new, and it may take some time to get all the features up and running.

Overall, I would rate Cisco Umbrella an eight on a scale from one to ten.

What I find most valuable about Cisco Umbrella is its ease of use. I also value the clearness of the categories. We have not experienced any issues or incidents with the categories. However, we are looking more deeply at the product now. 

We are very new users of the solution and are still in the exploration stages, but we are happy with the product thus far. However, there are some features available in Fortinet and Palo Alto that are not available in Cisco, like objects, for example. I would like to see Cisco enable us to get objects from the internet. I would also like to be able to choose groups. 

I have been using Cisco Umbrella for two to three months now. 

For most of our technical support needs, we mostly go through our partner. However, for some infrastructure-related inquiries, we have had to contact Cisco's technical support and we were happy with the experience.  

Positive

The initial setup was simple. Deployment at our main sites took about three to four weeks. 

We received help from a local partner, NTT Global, during the deployment. They helped us set up Meraki and Umbrella. 

We hope to see a return on investment with Cisco Umbrella. We have a big team managing the infrastructure, so we hope to save time in the day-to-day protection of the tower, which would be the return on investment.

Globally, we also hope to save time on the LAN. We aim for a single pane of glass management model with the dashboard. 

From what I remember about the pricing, Cisco Umbrella is a bit more expensive than the quotes we got from its competitors. 

We looked at several products, including Fortinet and Palo Alto. We experienced a bug with Fortinet during testing and ultimately ended up going with Cisco Meraki products. We have not had an incident yet with Cisco Umbrella.

The solution helped us save time and this was a major reason we chose it. We expect to save 15% to 20% in time.

We are aiming to consolidate our entire network and LAN infrastructure with Cisco Umbrella. We are on the way to achieving that with this solution.