Share your experience using Symantec VIP Access Manager

I am an IT system support person, and my use cases with Cisco Duo started out with helping clients at my firm and the firms my contracting agencies had by teaching them how to set up Cisco Duo and understand how to use it. Eventually, some of the systems I have access to on my own, usually the corporate systems and employee portals, were Cisco Duo-protected. It has been a split between using Cisco Duo and Microsoft Authenticator, depending on how the MFA has been set up. I started out as IT support, helping people install Cisco Duo on their Android and Apple devices, and I believe they actually had a computer client. Eventually, I had to use it in my own work to authenticate and gain access to the systems I support. Moreover, I have seen a lot of it used to access employee portals, either by end-user employees or my own employee portals.

My last access to Cisco Duo involved helping people either activate their Cisco Duo accounts on their individual Apple or Android devices, or if they were locked out, unlock their accounts or move them over to a new device.

The features I use in Cisco Duo include Duo Pushes to confirm my identity to the device, and eventually as MFA security was increased, I actually had to use exchange passcodes. Sometimes, I have to go into the site and get into Cisco Duo to retrieve the passcode, and many of them have been two-factor, where the sites send a passcode that I have to enter into Cisco Duo. It has been more of the latter.

I have not seen issues with lagging or crashing on Cisco Duo's end; it was usually on the client end, often because someone set up a bad upgrade or there were connection issues with the Cisco Duo cloud through the administrative site.

As support, I do not find it an issue with Cisco Duo product itself; it is more an issue of organization administration. Often, people do not receive expiration messages, and sometimes, for security reasons, accounts get disabled without notifying the end user, so they mistakenly think something has gone wrong when it really just needs to be re-enabled on the external system. It is primarily an issue on the administrative side of the firm I am working for.

I am familiar with Cisco Duo and have probably been using it since around 2020.

Cisco Duo seems very scalable. In my experience, I started with a small-medium business, and in my last contracting position, it was a large one for a major worldwide airline that had hundreds of thousands of devices that could use Cisco Duo, and it scaled very well. The administrative site was also very easy to navigate for locating people and devices. I also have a background in computer asset management, so I have the skill set to locate device records easily.

In terms of quality and speed of support for Cisco Duo, I find it just as fine as any other Cisco product. It is simpler at the endpoint; there is much less involved in calling technical support to resolve issues compared to other Cisco products. I have also dealt with firewalls and VPNs, and I can say that Cisco Duo administration is much less involved than other Cisco areas. I would rate support for Cisco Duo a 10, as I have never had a negative experience.

Positive

My experience with MFA is primarily Cisco Duo and Microsoft Authenticator, and I have used them both similarly, either as pushes for allow or deny or as stronger MFA requirements such as exchanging passcodes. From my experience, Cisco Duo seems a lot easier to install and operate. In helping add accounts to either my devices or to the devices of the people I am supporting, both systems work well. I can get passcodes or utilize QR codes. One thing I noticed about my current firm is their initial hesitation to consider QR code exchange secure, but eventually, it was re-enabled to reduce support times. As an administrator, I have done both, pushing activation to pre-installed devices already registered to a system or actually sending people a QR code to their email, and both methods worked fine with personal and corporate email.

The setup of Cisco Duo is easy. Most of the time, the setup took me walking the end user through the installation over the phone, but if they understood how to get to their App Store or Play Store, it takes probably under two minutes. Most of it depends on wide area network or internet speed; activating directly on a client device versus sending an activation email makes a difference. If it is all set up and requires only sending an activation code message, it is about a minute. Cisco Duo installs very quickly on Android and Apple devices, provided the Wi-Fi connection is good.

From what I was involved in with Cisco Duo, we actually conducted Cisco Duo pushes through the management systems, enabling that through MDMs, the Bomgar. I found it pretty easy to grab the latest version of the Cisco Duo installer to update the packages on our management systems. I do not remember having any problems; it is one of the easier applets to package or to already find packaged.

I am currently between jobs or contracts, but I believe for the MFA administrator, it would help if they set up the filters for gathering the data. Cisco Duo seems very scalable. In my experience, I started with a small-medium business, and in my last contracting position, it was a large one for a major worldwide airline that had hundreds of thousands of devices that could use Cisco Duo, and it scaled very well. The administrative site was also very easy to navigate for locating people and devices. I also have a background in computer asset management, so I have the skill set to locate device records easily. I have given this review an overall rating of 10.

My customers approach me to integrate with Okta Platform. I have configured multiple AWS accounts to Okta Platform.

My usual use case for Okta Platform is to onboard AWS accounts into Okta Platform and add the users AD groups into Okta Platform and add those AD groups to integrate with the AWS account, which is my job.

I find the most useful feature of Okta Platform is that it allows the preconfiguration of multiple applications, eliminating the need for customized application onboarding, which is very helpful for me to configure multiple applications such as AWS, Azure, Zoom, Salesforce, and more than 1000 applications in Okta Platform dashboard.

Okta Platform has had a lot of positive impacts on my organization. For example, it is very difficult to disable user access in multiple places, but once we implement Okta Platform, we just need to disable it at the AD level, and the rest gets taken care of by Okta Platform.

A couple of things need to be improved at Okta Platform level. In AWS, we are using tag-based policies to enforce the RABC, but when trying to configure tags in Okta Platform level, we are not able to configure them.

At Okta Platform level, we have not yet configured the machine-to-machine configuration. It is very difficult for me to create the API accounts to enforce. For example, when we generate temporary credentials in AWS, it is challenging to use Okta Platform level because there are no features to create CLI-based temporary credentials.

I would like to improve the tagging on Okta Platform. For every identity, we need to create a tag. Instead of hard coding in AWS, we use tag-based authentication, allowing access based on tags associated with resources.

From my perspective, everything is good on Okta Platform except for the tags that need to be improved.

I have been using Okta Platform for three years.

The stability of Okta Platform is good. We have not faced any major issues or outages in the last couple of months.

Because we are using the cloud for Okta Platform, it is automatically scalable. There is no need to inquire about scalability since it scales as required.

I do not often communicate with the technical support of Okta Platform.

I have never communicated with the technical support of Okta Platform.

Before Okta Platform, we used Entra ID or Azure AD for similar use cases.

The decision to stop using Azure AD and start with Entra ID is not my call, as management decides. From my perspective, technically, Okta Platform is very user-friendly for application onboarding, whereas Entra ID is a bit more challenging for onboarding applications.

I went straight with Okta Platform and did not consider anything else.

I did not evaluate other options besides Okta Platform.

I am not sure about the GenAI aspect, but Okta Platform is very helpful for integrating the identity center and allows us to create multiple individual accounts using the IAM or at the organization level using the identity center.

I am in the healthcare industry, but I am not sure how Okta Platform helps address specific industry or regulatory requirements.

I do not know about the regulatory environments of the healthcare industry regarding Okta Platform because I am not managing health standards or other governance standards.

I have not noticed any measurable security or operational improvements in my cloud-based workloads since implementing Okta Platform, but I find it very helpful to utilize MFA or UBIKeys or other security keys to enforce the login mechanism.

I do not know the pricing details of Okta Platform because I am not the appropriate person to discuss pricing matters. The purchasing department will take care of those.

I would rate this review as an 8.