Cisco Umbrella Reviews

We are a reseller and Cisco Umbrella is one of the products that we sell to our customers. We offer it as a managed service provider. This product provides security for remote workers and it helps to improve enterprise security in a very easy way.

It is mainly used for remote workers and for people that live outside the enterprise premises. It gives them security while they are on the road.

Because our clients' end-users are mainly on the road, it is very easy for them to get infected and lose information. After we installed the Cisco Umbrella solution, importantly, they have reduced the number of infected cases per month.

The most valuable feature is the website protection capabilities because it prevents end-users from entering bad sites that potentially have malware or could be used for phishing. Ultimately, it helps users avoid the wrong sites.

It is very easy to integrate.

I would like to see more intelligence built into Umbrella.

In the future, they should combine some of the Cisco AMP features that they already have, for anti-malware purposes.

We have been working with Cisco Umbrella for more than two years.

This is a very stable product and helps to improve the security posture of the enterprise.

We have clients that range in size from small to large-sized organizations.

Cisco's support is very good and, in fact, one of the best.

Because the product is very easy to use and very stable, we have not had to rely on support from the documentation or the community.

The initial setup is quite straightforward and easy, and the deployment can be completed in a matter of days. You deploy the agent to Active Directory, for all of the installations, and you're done.

We deploy this solution for our clients because we sell it as a managed service.

Outside of the United States, we have issues with the exchange rate that increases the cost.

Overall, this product works smoothly and perfectly.

I would rate this solution a nine out of ten.

We are in trial mode and use it for a distributed national environment. It provides category and security coverage for endpoints regardless of their location. As a mobile-first workforce, Umbrella always provides DNS-based security, even if endpoints roam in unfriendly waters. 

It provides centralized, device-agnostic management of the Internet experience. It has the ability to quickly block new threats. 

• Holistic approach
• DNS fronts most traffic.
• Quick console
• Instant management across platform
• Reporting is simplistic.  

• It needs better integration with external threat feeds to improve scoring. 
• I would like it to automatically feed to the customer's SIEM. 

It needs a better price point. 

We are using it for user navigation. We have another solution for the server, and Umbrella is used for the people in the company for web access and security purposes. It helps to avoid security problems and authorize different types of access to the users for different web services. 

I am a network administrator, and for me, it is the best solution because it is easy to manage. It is also effective for web access for the users.

With the old solution, we had a lot of restrictions because it was old technology and it was very important to provide different types of access. Umbrella is a cloud solution, and we can add access to new services or websites. It is a good product.

It is totally transparent for the users. When you have Cisco Umbrella on your computer, you cannot really see the product. It is very important for the users to not see the product.

It is very easy to manage, which is really important. We do not have time to manage this solution, and it is really important to have a good performance without any action or monitoring from my team. We work with Umbrella every day, but we don't need to make any changes on Umbrella because it is working.

It is easy to maintain network connectivity consistently across all workplaces, and it has been a good experience for our employees.

It provides resilience on all the sites. We have five sites, and all the sites have Umbrella.

It is user-friendly. It is easy to manage the solution. 

Their support should be improved. It is necessary that the support is efficient. It is not really easy to get a resolution for an issue from Cisco support. They should be faster and more efficient.

I have been using this solution for about three to four years.

It is very stable. I do not have a problem with this. We only had one bug three months ago, and we had a problem with the support, but before that, it has been a good experience.

It is scalable. We deployed it on different sites of the company. We use it for a lot of different services. 

We have about 600 users, but we have 1,000 licenses. We might increase its usage.

Cisco Umbrella's support is not really efficient. When we have a problem, it is difficult to have good support. It is not really easy to resolve a problem with Cisco support. Three months ago, we had a problem with it, and the support was not very efficient. I would rate them a six out of ten.

Neutral

We had a French solution. It was an old solution, and it was not sufficient for the company. Cisco Umbrella has been the best for our company.

It is not really easy, but because we have experts with us, it was not complex for us. We did this in one month because it was really important to give good services to the users.

We have seen an ROI, but it is hard to provide metrics.

We did a good negotiation, and at the moment, its price is fine.

I didn't look at other options. I only tested Cisco Umbrella.

It has probably helped us to remediate threats more quickly. It is a good solution for user devices but probably not for servers.

I would rate it a seven out of ten.

We are using the most updated version, although I cannot definitively give the number. I believe it is 1.6. 

I like the original functionality, which allows for providing secure DNS services. To define that, one's users can be on-net or off-net. This can be either in one's office or a remote location. This is the functionality that I find to be most prevalent in the area. 

While the way the solution works with the functions is fantastic, updates or the ability to secure the vault while offline for cloud-based services should be addressed. 

The integration with Cisco could be better. We already have something along these lines and so far so good. 

Local support should also be provided, so that there will not be a need to lump us in with the European pool. For other products, Cisco does have local support. There is a local number which can be reached should the need arise. The support should be more regionalized, as we are talking about an endpoint to endpoint solution. Owing to the number of people who interface with the tool and the response time, local support should be provided. The local support job should handle the app of Cisco Meraki.

I have been using Cisco Umbrella for over a year. 

Cisco Talks is just about the best technical assistance center in the world. I have no complaints or issues with it.

In the past I worked with Checkpoint Harmony, which is a similar tool that provides a certain level of endpoint support to users and a measure of coverage.

I like the responsiveness of the technical assistance center of Cisco Talks. As such, I will always go with Cisco. It was thanks to the technical assistance center that I went with Checkpoint Harmony on one occasion.

For organizations in which I have been involved, I start off easy and then proceed to compliant, since there is a need to ensure that one does not overly complicate his work. The deployment for each person is generally very difficult. We start with easy, at which point we are encouraged to have a good grasp of the technology, without which the entire environment will be locked down and nobody will be able to do anything. As such, I start with easy and migrate the customers to compliant over time. 

Each environment has two people who are responsible for deployment. 

In the region I'm from, that of EMAR, Europe, the Middle East, Eastern Asia and Africa, our organizations do not have many liquid cash assets, so the price could be better. 

We use the solution both internally and externally, as the company for which I work, Signal Alliance, is a systems integrator. 

One should keep an open mind when it comes to using the solution, start off easy and then proceed to compliant. 

I rate Cisco Umbrella as a seven out of ten. 

We use it to control how the end users can access our data center services and internet services, which gives us an inner view of the user behavior and how they are doing, and if any malicious activity is going on, knowingly, unknowingly, or both.

My organization's systems have not been hampered, thereby improving the security of the end users.

I have found the malware protection feature valuable. It is helpful and deliverable and is able to protect my entire organization from getting compromised. It also prevents us from visiting any malicious sites which are not visible to the users.

It could be improved by having a local data center and caching, which can provide protection support. I would like to be able to channel my intel and my network traffic to their clouds, and this feature is not available. Advanced protection or any malware file support, which might be required, is not available.

We have been using Cisco Umbrella for four months.

My impression is that it is stable.

My experience with technical support has been good.

The setup was straightforward and was easy to implement.

Our internal team and a partner both worked together to deploy Cisco Umbrella, and it did not take more than two weeks.

Pricing depends on the automation requirements of the organization.

First, understand the requirements and what you are looking for. Second, read the product literature and perform a Poc of that product. You will then be able to determine whether Cisco Umbrella is a good match.

We act as an MSP for our organization, and we use this solution as part of the service. We are the parent company and we acquire insurance agencies. Typically, these agencies have between twenty and one hundred and twenty people. We do not force them to move onto our system; However, we show them what value they will receive by us taking on their network infrastructure. This includes the firewall, switches, IP phones, email platforms, etc. 

This solution allows us to manage our four hundred locations under the same umbrella, with the same configurations. It makes it easier to troubleshoot and provide the same solution to everyone.

The most valuable feature of this solution is its reliability.

Security, overall, can always be improved.

The stability is good, and we have had very few problems with the equipment. The problems that we've had have been with our carriers. I can, pretty much, put a solution in place and not even worry about it.

My impression is that this solution is very scalable. It allows us to grow. We can add fifty sites per year, easily, and not really have to redesign from the ground up.

When we need technical support, they're usually very responsive. I usually get a solution or an answer between thirty minutes and a couple of days, depending on what the technology is, and whether the issue is critical or not.

The smaller sites typically use non-enterprise grade equipment, and we switched because it is easier to manage the solution, especially when it's set up to our standards.

The initial setup can vary in complexity depending on the size of the agency, as well as other factors including what they already have in place.

We do all of our integrations in-house.

We have most definitely seen ROI. In most cases, when we take over, we're always saving on monthly costs. The turnaround investment is usually under a year.

There is a one-time cost of approximately $800 USD per user, and then a yearly support fee of about $50 per user. Our fees end up being about $150,000 USD per year.

We have one vendor, and interoperability is not an issue when we use Cisco.

This solution had been pretty good and it fits our needs. If we have business needs change then we will look at whether the current solution can do it. If not then we have to reach out and find something else.

My advice to anybody who is researching this type of solution is to do their homework when it comes to comparing products. Compare apples to apples, and ensure feature parity. I would stress that the support organization behind the product is very important. For us, any of the other products that we've used just haven't performed up to the standards of what we are doing.

I would rate this solution a ten out of ten.

We needed the product to enable a whitelist-only browsing mode for certain computers for a client. After that was implemented, I was able to configure a virtual appliance (which became the DNS server) to connect to a local AD server and relate traffic to an AD user name. From there, we could track and monitor where users were going and perform web content filtering to prevent video streaming and certain social media sites. This in turn positively affected productivity.

I don’t remember the specific examples of data I was trying to filter out but it was related to ads being hosted by a CDN such as Akamai. Links and images were being hosted there for quicker localized delivery yet the users were not actually going to those sites. Due to that it was showing that those sites were being visited the most, which wasn’t the case.

There was a positive effect on productivity because we could track and confront the users that were frequently using social media or streaming video during the work day. They weren’t wasting as much time after OpenDNS was implemented.

It gave us new capabilities and made users accountable for their browsing while at work.

I would like to have the ability to prevent certain sites/data from showing on the reports. I have had this feature request open for a couple of years. It would be useful to have for filtering out unuseful data.

I have been using this solution for the past two years. I previously used the free solution 6-8 years ago.

I did not encounter any issues with deployment, stability or scalability. I had a Sales Engineer assist with the setup for one portion, but was able to figure out the rest with no issues.

No

Excellent

Excellent, their Sales Engineer was very helping in getting the AD sync setup.

No

Initial setup was straightforward. Any questions I had were already answered on the forums.

A vendor team was only needed for one small portion, which was setting up the virtual appliance. I would recommend trying to figure out the setting on your own first before reaching out to support. I found it very simple.

We were able to resell the service for a 100-200% profit.

Due to past experience, I knew it would do what we needed and the website has an intuitive interface, so there was no reason to research alternatives.

The primary use case for this solution is for DNS based attacks and for malware protection. It has a malware protection engine.

If you install Cisco Umbrella Clients on the remote PC, you can do URL filtering, malware protection, and you can check the health and status of the device itself.

All of the DNS Queries are sent to Cisco Umbrella and you have more visibility of what users are asking, as well as what users are accessing over the Internet. 

You have all of the details and all of the information of what the users are accessing, even before they get access to the website. For example, if one website is malicious and it has some malware and some viruses in it, and a user sends a request to this URL, it will be reported in the Cisco Umbrella Cloud before the user gets the response back from the webserver. 

It will protect, give you more robustness, and faster responses, compared to any firewalls or any of the proxy web servers.

Based on the DNS, Web proxy, and other servers, it waits until after the DNS request. It will put in its action after the user gets it by the webserver when the response is coming back. 

In the end, the response from the malicious server will come into your network. Cisco Umbrella cloud has stopped it before that. You have one more layer of security on top of the URL filtering or on top of that server response.

The deployment was for two thousand plus users. We have multiple sites, and we have some remote users in different locations.

Cisco Umbrella is a fitting solution for DNS-based attacks and malware protection. It is a very good solution for that, and especially for remote users.

The most valuable feature is that it prevents DNS-Based attacks, which is quite common these days.

The DNS Query is first sent by the user and then it will communicate to the URL. If you are requesting for some URL it process also to an IP.

The basic functionality of Cisco Umbrella is to save this type of request and to have a more secure way to communicate the DNS Query back to the user. Any attack based on the DNS Query is stopped by Cisco Umbrella.

If you have a proxy, for example, if my DNS server is 172.19.222.21 and I make a server on the same IP or different IBN with the same DNS name, I can make a proxy and the user request will come to me and I can send this user any way I want. So based on these types of attacks, Cisco Umbrella protects the user.

The user requests a lot of DNS queries. Even if you don't know it or if the user is not accessing any URL, the laptops or any PC keep on accessing different URL's and you are not aware of it or if it is good or not. Cisco Umbrella gives you the visibility and you know what is happening from this laptop or this endpoint.

Cisco Umbrella does not have a Malware Protection engine itself. It would be useful if they had a malware protection engine running inside their own VM.

They have some VM appliances with the installing enterprises for limited access for the DNS proxy to the cloud. If they had this feature running inside the VM, it would be much better.

It would improve this solution to have applications hosted on the cloud.

I would like to see the application that they promised. If you have an application running inside your environment, with multiple portals, as an example, we have our employee portal, ERP and some other portals. These portals will be accessed through the Cisco Umbrella Cloud, and the deployment will be a VPN-based deployment, Cisco Umbrella Cloud will be connected to your enterprise and afterward, you can just click on this application using Cisco Umbrella Cloud subscription, and you will have the access to your application anywhere in the world, and you don't have to publish it. You will save public IPs, and a lot of bandwidth because publishing requires bandwidth. 

All of the users from outside will be coming inside your environment and will be accessing the web servers, so there is no need to publish.

It will be some time before this feature is introduced. They are working on it and it is still not ready.

I would like to see IPS-based solutions. To have an IPS solution inside the Cisco Umbrella cloud. 

If there were an IPS product built inside the solution, it would be very good. It would be a one-box solution. With this one-box solution, you wouldn't need any extra security layers,  and you don't need any WAN solution.

There is a solution called Carbon Black. This solution can do sandboxing solution inside the PC. It checks the application which you are accessing, and what you are installing on your PC. It checks everything. It does a compliance check.

If these types of features are available on the Cisco Umbrella, so you wouldn't need any other solutions installed on your PC. It would be one solution that does everything together.  I would, like to see this.

It's quite stable. It's a very stable product, and, it's quite straightforward. We deployed this solution a year ago with no issues afterward. We didn't get any complaints. There are some categories, and filtering that will block you for something which is not malicious, but it is considered as a threat to Cisco Umbrella. You will need to white list some IP address or some URLs manually if it's under your corporate use for some reason.

This solution is quite scalable. It is a cloud-based solution. If your users are spread all over the world they can access Cisco Umbrella using an internet connection and it's quite straightforward. The scalability is quite robust and we can implement it anywhere in the world.

We are using this solution every day. Even if I try to access something now from my corporate laptop, the request will go to Cisco Umbrella, the DNS is configured as Cisco Umbrella.

Currently, we don't plan to increase our usage because we don't have more users at this time. If we scale or we are expanding and we have more offices, in the future we will increase the number of endpoints or number of users.

As we are running our virtual environment in our enterprise, it's not a problem. Normally if you are going to implement VMs, it will be a large scale deployment. If you have more than 2000 or 3000 users and you want a faster response from Cisco Umbrella, you have this VM.

If you have this type of environments, of course, you have a virtual environment, you have any hypervisor like VMware or Hyper-V and you have a big compute, you can manage two VMs from that. It's not an extra cost.

We have four people who have access to Cisco Umbrella. However, it doesn't require much administrative work. It does its job, and only needs a one-time concentration, afterward, all that needs attention is checking to if there are any blocks on anything.

If Cisco Umbrella blocks a user, they will notify the user. The user will get a message that they are locked under this condition and this category. The user will then notify us and complain that they have been blocked. We will check the status on the Cisco Umbrella portal and proceed to whitelist it if, it is a legitimate request.

The technical support is quite good. This solution itself is not complex and everything is cloud-based. If there are issues or if something indicates that you cannot manage two portals, you can just open a claim with Cisco Umbrella and they will support you. 

The only concern is that if something goes wrong, or, something is getting blocked and if something is not as per your requirements, you don't have any visibility. You will never know what was done to correct the issues. Because it is cloud-based, they will not show you what they are doing on the server level. Without having the visibility for the solution itself you will never know what actual solution is working behind the scene.

Before Cisco Umbrella, we were using the Infoblox solution. It was not an easy or flexible solution. Infoblox is an on-premises solution that requires a VPN, or all of the users need to connect to a VPN, just to get the DNS resolutions. This was not easy, and it was not easy to implement.

The initial setup was quite straightforward. When you subscribe to the Cisco Umbrella services they give you some public IPs. With these IPs you have a few options:

• You can copy these IPs and user features for the DNS and the communication will happen directly through the cloud. 
• You can install the VMs in your corporate environment having all of the communication through the VMs and the VMs will communicate to the cloud. 
• You can install a Cisco Umbrella application on your PC and install the external script that has the public IP for the DNS for the Cisco Umbrella.

The deployment strategy was straightforward, and it took approximately two days for deployment.

Because we had over two thousand users, we created a script on SSCM. This is a software center manager for Microsoft, making the script accessible to all of the users. This script changed all the DNS IPs to the Cisco IP addresses. Once this was complete, we installed the Virtual machines, which are the DNS proxies for Cisco Umbrella and we configured the public IPs for Cisco Umbrella. These were the only two steps that were required, taking two days for two-thousand-plus users. It was quite simple, but, if you had to do it manually, it might take some time having to do one at a time for more than two thousand users.

If you have some automation, it is quite easy.

It has a public cloud and it is like a hybrid type of deployment. We have umbrella VMs installed in our enterprise areas, in DNS, in our remote offices, and our main HQ.

These VMs, are like proxy DNS servers. They will save a URL resolution and has a policy-based engine as well. For example, if you are searching google.com or something that is being searched quite frequently, it will store that data, and it doesn't communicate to the cloud every time, giving you a faster response with limited cloud access.

Our service provider is Cisco. They have their Telos Cloud, hosting the Cisco Umbrella Solution.

After this deployment, you need to do quite a lot of fine-tuning because there will be many false positives blocks, especially if you're using the malware engine. It will keep blocking some ADME files that are used in your corporate environment, or if it's an in-house developed application, it will be blocked because the code of the application is not registered with the Cisco Umbrella Cloud, It will keep on blocking, until you whitelist that code and whitelist that UUID, just to have this application running.

We did the implementation ourselves with some assistance from Cisco support. We didn't have any on-site engineer to do the deployment or implementation.

It only took two people for the installation process. I was on the network and phone system side and another colleague was installing the service on the Cisco Umbrella Solution.

We require four people who maintain Cisco Umbrella. 

This is a good solution, and there are many advantages to this solution. 

There is a return of investment. 

If you have this solution you don't need a big firewall or many security solutions in your environment. Because it's a cloud-based solution, you can access this over the cloud anywhere in the world. You don't need to build a big infrastructure. It will give you more return on the cost than you are putting on it.

We have Cisco ELA, it's an enterprise agreement, which covers everything under security, that is offered by Cisco Umbrella. With this, we have the complete Cisco Umbrella portfolio. We have everything related to security from Cisco Umbrella. This also includes the Cisco Umbrella suites.

We are paying yearly for all of the Cisco Umbrella applications and appliances.

Cisco has a model called ELA. With ELA, if you buy the solution you will have the complete security portfolio and you can pay it yearly or after three years, it depends on the contract.

It's a subscription-based solution. If you're running multiple solutions it is more cost-effective. For example, currently we have Cisco Umbrella, IronPort, WSA, Cisco CWS Cloud, and we have Cisco's FTD solution. If we were running these solutions separately it would be more expensive. 

If you are doing a VM deployment and you have a VM appliance, you will need some compute. 

The only additional cost will be for a server.

We evaluated another solution but the Cisco Umbrella solution is much more compelling. It doesn't have the on-premises appliances or any restrictions for the user to connect through the corporate environment.

If the user is anywhere and the user is connecting to the internet, they will make a micro VPN through the cloud and it will connect to the VMs in our corporate environment automatically. It doesn't require any manual configuration nor does the user have to initiate anything on the PC.

The other solution has a touch button application, on the PC. If you click it, it will create a channel with the appliance in your HQ or your remote office and then you will be able to connect to the internet or you can resolve DNS with queries. 

As this solution was not flexible, the management chose not to go with it.

If somebody is looking toward the Cisco Umbrella solution or if they have an NGIPS, NG firewalls, next-generation firewall solutions and if they are looking for DNS-based security, and if they are implementing it then Cisco Umbrella is a good solution.

Keep that in mind that it will make a lot of noise, users will be blocked at the beginning and many of the URLs will be blocked. It will need to be fine-tuned.

The fine-tuning is required one month after implementation. You will need to fine-tune the OpenDNS Cisco Umbrella database, just to have all the URLs there for your corporate environment, because there will be some false positive blocks. These issues will have to be fixed yourself. You will need to make sure that you are doing it. Other than that, it is a quite straightforward solution.

I would rate this solution an eight out of ten.

If the suggestions are implemented I would then rate it a ten out of ten. They would be one of the first companies on the market doing this. You will not find anyone on the market with any DNS security solutions like this for Cisco Umbrella. They are the market leaders for DNS-based security at the moment. If they have these suggestions in their portfolio it would be the best solution, covering every point of its endpoint security.