Cisco Duo Reviews

Our primary use case is multifactor authentication for our VPN users. We didn't have multifactor authentication before. After we integrated Duo Security with our systems, everyone has been using it, and it has given us peace of mind when dealing with VPNs.

The most valuable feature of Duo Security is the ability for the user to easily approve access. The application prompts the user, and they can see the location and the IP address. This makes it easy for the user to approve it and go through the process of logging in to the VPN.

Duo Security can be used for any type of authentication apart from that for VPNs. It saves time and prevents problems because it is user-friendly.

Integration between Duo Security and FTDs needs improvement. Integrating Next Generation Firewall safety with Duo Security currently requires a proxy agent between Active Directory and the appliance. It's an additional factor that we need to think about. It would be great to have direct integration with FTD so that we don't have to worry about middleware products. For the rest of the Cisco Secure solutions, the APIs need improvement.

Duo Security needs to improve the delivery of text messages to the users. This has been a big pain point for us over the years. Though we understand that the local telecoms are the ones responsible for the final delivery of the message, there should be a way to improve the process. Some users don't use the application and rely on SMS messages. It is a problem at times because the messages are not delivered.

We've been using Duo Security for almost six years.

We use Cisco Umbrella, ISE, FirePOWER Services, Next Generation Firewalls, FTD, ASA, and Duo Security.

The stability of Duo Security is great. We receive notices for any problems or issues in a very timely manner.

The solution is generally easy to scale. If you have the ability to deploy Duo Security yourself or can leverage third-party integrators, there should not be any issues with scalability.

Cisco support for Duo Security has been great. We haven't had many cases, and most of the ones we have had were related to SMS and text messaging delays.

On a scale from one to ten, I'd rate technical support at eight. They are quick to provide solutions but can improve on working with third-party service suppliers so that end-user experience is better.

Deploying Duo in our environment was very easy because of the pre-staged configuration. It was very quick, and in one to two days, we had a VPN concentrator using Duo Security.

Duo Security was initially deployed using a consultant, but afterward, we deployed multiple additional VPN concentrators ourselves.

The return on investment has been huge in terms of protection from cyber-attacks. We have been able to protect our employees by having multifactor authentication. This is invaluable for companies in the current threat landscape.

In terms of support, it's always great to have happy users who are able to easily log in to our environment through VPN without having to bother about non-working software agents or any other type of authentication platforms.

My advice to you if you are evaluating Duo Security would be to do your research and compare it to other competitors. If you are a Cisco-oriented company, you will see that there are several benefits to using Duo Security. You will also see that it has the edge over other solutions on the market.

On a scale from one to ten, I would rate Duo Security at eight. The stability and user experience are great, but there's room for improvement in terms of text message and SMS delivery.

We use it for security in general. We were looking for something that would integrate with what we already had and that would give us an extra layer of security on top of what we were doing. Since a lot of people were starting to use a lot of handheld devices and equipment at home, we wanted another layer in there.

It hasn't done as much in terms of remediation as it has just flat-out in prevention. Duo has done a very good job in making sure that a problem doesn't become a bigger problem. It's done that very well.

We like the different ways that it allows you to push notifications to people. It can do text, a phone call, and email. We liked the versatility for all of our different end-users, regardless of their level of understanding of the technology.

It does a very good job of helping workers feel safe and secure and supported. Some people view it as just another layer of things that they have to go through, but the simplicity of use, such as being able to call in if they need to, or receive a text, takes into account all levels of end-users and what it takes to get that authentication from them.

It is also important that the solution considers all resources to be external. When you already have certain pieces of security in place, it's really difficult to just rip everything out and replace them. You need something that can start as a standalone solution and then slowly work its way into the rest of your corporate network. When we changed buildings, we had a lot of people working at home for the first time and suddenly using different devices to do their day-to-day jobs, so that aspect became very important.

When it comes to supporting an organization across a distributed network it becomes very important, again, because the traditional method of backhauling security solutions to a central point gets very dicey. It starts to generate a lot of traffic across a wide area. And what happens if some of that can't get back to you? Or what happens if you're dealing with low bandwidth or other scenarios? Plus, depending on where you're at, they may view that as some kind of encrypted back tunnel and not let that happen. Whereas Duo, because it's more distributed and it's trusted out there, allows you to drop something in on a footprint on a very large scale. Before, it would've been a nightmare to get all that configured properly and working.

In addition, the single pane of glass management is very important because security is an extremely complex issue. If you have all these different windows to look at, you're not sure if somebody was looking at this window at this particular time, or if they were over there at that window and missed something. The single pane of glass is very important because the biggest enemy of security is complexity. If you miss something because somebody is not watching the right dashboard, it can blow right by you.

The single pane of glass management does a pretty good job of helping to optimize the user experience, in my particular role. And from what I hear from my team, they're very happy with it. They feel it does a good job for the clients and they love the simplicity.

There could be improvements made to the dashboards and more integration with the rest of the Cisco ecosystem. Duo was clearly purchased, and Cisco has a lot of other panels for their Firepower products, et cetera. They need to continue bringing it, Umbrella, and the endpoint pieces even more together and make the integration a little more seamless among all of them.

Our company has been using Duo Security for about two years.

It's very stable. I don't think we would have gotten it if it wasn't stable. It obviously had set quite a reputation before Cisco acquired it, and that has continued.

The scalability has worked great for us. We've not had any issues with it.

My team gives demonstrations of Duo regularly. The number-one piece of feedback that we get from people is that they like the simplicity. They like the windows, that it's easy to set up, and the features. There are different features and you don't have to turn them all on right away. You can turn on the basic features and get the authentication piece. They like the ability to then drill down and turn on some of those extra features because they don't have to ramp up straight away. They can turn on the basics and be in good shape. Then, if they want to keep tweaking it and turn on all the other pieces, it scales really nicely that way.

End user-wise, we're probably up to about 600 to 700. Our central office is out of Harrisburg, PA and we have a couple of warehouses across the U.S. where I believe they use it too. It's a bit of a distributed model, but it's not a massive distributed model.

I have not personally had to deal with tech support, but my engineers who have had to deal with them have said that they've been very on the ball with quick responses. There have been no major issues.

We did not use a solution for authentication.

It was a little interesting in the beginning when we first put Duo out there because everybody was concerned about text messages on their personal cell phones, and use of their cell phones, and who actually owns their cell phones. We dealt with a lot of what was more along the lines of company policy issues, back and forth.

But after we got past the initial rollout, everybody seemed to calm right down and we don't get any complaints or negativity about it now. It's just part of normal life. Before Duo was pushed out, there were a lot of other companies that were starting to do the same type of thing. That helped ease the release of the Duo product in our organization because people were already starting to get somewhat used to having that kind of stuff happening.

Licensing and pricing are a little bit out of the area that I play in, but I think the pricing is in pretty good shape. 

One of the issues that we used to have is that Umbrella, Duo, and Cisco Secure Endpoint all had different license quantities that you had to buy. That made it really difficult to buy a complete solution with all the other pieces. I had to buy 25 of this one at a time, and 10 of that at a time, and 15 of another one at a time. They seem to have fixed that and the number of seats that you buy now matches across all the different products.

We shopped around for other layers of security but I don't think we specifically shopped around for the authentication piece. When we looked at everything, and the dust settled, this was the easiest piece to put on top of what we had and to give us another layer of security.

Duo hasn't eliminated trust, but it has certainly been a piece of what has helped build our whole hierarchy. We're moving forward and starting to put other pieces in place too on top of that, things that sync a little better with it.

Duo is beneficial to the overall connectivity. It doesn't cause any issues. It doesn't cause an excessive amount of delay, from what we have seen. The nice thing about it is that it just sits on top of whatever else is already in place and it doesn't cause disruption to whatever else you're using.

I rate it highly because it's something that can grow with you, whether you have very little security or a lot of security, whether it's already Cisco or not, and whether you have a mixed mess that you're trying to put into some kind of order. It will go in any direction with you and grow. It will get better as you improve the stuff around it and it will start to integrate with Cisco solutions. It's one of the best products because you have the ability to go with or without Cisco, and it gets better as you add more.

With Duo, MFA allows the network to have an authenticated user sign-on seamlessly. If someone's entering a password and their user credentials and they want to get access to the network, the Duo app will have a code that the end-user has to input, which then authenticates them. It's a second layer of security before they can access the network. Even if a third party gets your username and password, without that Duo access, they won't be able to access your network.

We don't have to worry so much about the end-user that's logging in.

Multifactor authentication is the most valuable feature.

As for establishing trust for every access request, that's exactly what this solution does. Outside of having a username and password, you have to get authentication from Duo as well.

You can never eliminate trust, but what Duo Security does do is add an extra layer of security. When it comes to the internet, networks, inbound traffic, and outbound traffic, you're always subject to a potential threat. Duo Security just adds another layer.

It's a great addition to the security of any network infrastructure.

In terms of helping workers feel safe, everyone knows that the information within the enterprise is safe because the people that are logging in have been authenticated in more than one way.

It's pretty easy to maintain network connectivity once it's set up; the end-user uses it to log in. It's not something that you have to constantly manage and deal with apart from pushing updates. It's pretty much self-managed.

In terms of consistency across workspaces, it works all the time, except for when a forced update is needed.

It helped us remediate threats more quickly. For instance, if someone accesses your credentials or you leave your laptop open and someone gains access when it times out, you still need the Duo code that is sent. A new code is always needed to be able to access that laptop or even that phone. Then, from there you're able to safeguard the information that your company has.

Nowadays, data is the number one commodity, so protecting that at all costs is really important. Duo helps with that with end-users. The thing about end-users is that they are volatile. You can't really control what someone does. So, Duo security helps with managing that by having them implement a new time code that's always sensitive.

Technical support could be improved. I don't think all support should have to go through an agreement.

I've been using this solution for seven years.

It's very stable. There aren't many issues with Duo.

The scalability is just fine. If you scale a certain amount, you have to upgrade and update your license. Outside of that, it's fine.

We are a large organization that deals with a lot of high transactional payments, and we have a large number of users, maybe 100,000 a day, and inbound user traffic.

If you open up a TAC case and they get to you quickly, it's fine. If you have a service agreement that says that they will get back to you within one to two hours, that's fine because you can resolve an issue. Now, if you don't have that agreement and are just a regular user, they take 48 hours to get back to you, and if you and the network team or the security team can't figure out the issue, a lot of money could be lost in two days.

Because there's always room for improvement and because I don't think all support should have to go through an agreement, I would rate technical support at eight on a scale from one to ten.

Positive

Anytime your network is secure and it's not breached or there's no downtime or infiltration of your perimeter, there's always an ROI.

With regard to pricing, for a small business buying a one-off, it's pretty expensive. If it's an enterprise that has thousands of employees, however, it's really nothing to protect your data because if your network goes down or it's breached, you're losing millions of dollars every minute. When it comes to a large enterprise, it's priced where it should be because you're talking business to business. You're not talking business to consumer.

To leaders who want to build more resilience within their organization's security, I would say that you can't go wrong with Cisco products when it comes to security. You can start with Cisco Umbrella, then go down to their firewalls, and then the next-generation firewalls. Then, you can move down to their end-user security endpoints.

The whole lineup through their security portfolio is really strong. If you're spending $50,000 on a suite and a $100,000 total contract value, you can enter a 3.0 Enterprise Agreement. Then from there, you can lock in prices for one, three, to five years. So, when it comes to any enterprise, when you're talking about security, if you use all of Cisco's security features, from end-user out to your data centers, you'll be pretty well off.

If you have security concerns, implement Duo for your end-users.

Overall, I would rate Duo Security an eight on a scale from one to ten.

We use it for two-factor authentication so that we're not just relying on the username and password but also on two-factor authentication, whether it's through SMS or through the application.

People use very weak passwords, so it's very easy for attackers to get in and compromise accounts. This is why we need two-factor authentication and why we are with Duo Security. It helps us to not only rely on the username and password but also implement another layer of protection. Attackers are not going to be able to compromise accounts because of the two-factor authentication.

It has definitely reduced embedding. We found a lot of problems with attackers being able to compromise accounts. Now, when they try to access accounts, they are not able to do so because there is an added layer of protection. Once we know that a username and password are compromised, we just reset the password to protect the company.

I like the two-factor authentication, which gives another layer of protection.

It's very important for our organization that this solution considers all resources to be external. Our company has thousands of people who access from outside, and it's hard for us to know which one is legitimate and which one is illegitimate. Having two-factor authentication with Duo helps us to implement a second layer of authentication so that we know for certain that the people who are accessing accounts are legitimate.

It's a great solution for securing access to the applications and network because we can integrate the solution with all types of applications. The system has the ability to integrate customized applications built in-house and those that were brought in from outside. It integrates with network access as well, such as when you want to access a different node. It has multiple ways to authenticate applications, network access, etc., which helps us a lot to spread the solution across all our assets.

That the solution helps support hybrid work is very important to our organization because people access accounts from everywhere. Duo Security gives us the second layer of protection.

The solution provides a single pane of glass management to help us monitor all of the access.

Duo Security helped us remediate threats more quickly.

It is not easy to maintain network connectivity.

Duo Security should have more customized use cases. For example, if a client needs to have more customization, it would be better to connect directly with Duo's R&D to try to discuss the issues together in order to add customizations.

I've been using this solution for the last two years.

The stability is definitely good.

The scalability is great. The solution is deployed in multiple locations, and we have around 30,000 people.

The technical support is good. They are helping us, and I would give them an eight out of ten.

Positive

We switched to Duo Security because it's easier to implement and can be spread across all the applications.

We have definitely seen an ROI from a protection perspective. It helped us a lot to protect against compromised accounts.

Price-wise, it's not cheap, but it's not expensive at all either. It's in the middle.

I would rate Duo Security at nine on a scale from one to ten.

We use it for MFA to secure our Outlook webmail and some other applications as well. We use Duo for pretty much anything that uses MFA. 

We were looking for increased security. We wanted to make sure that the person who is trying to log in to our services is actually who they claim to be. We wanted to lock down our applications more and provide extra security.

We have some on-prem servers for the gateways and it's in the cloud as well.

It has definitely made our company more secure. It's pretty easy to incorporate into any sort of application you want to. We also use it for single sign-on for certain applications and that has been nice. People hate passwords.

It's really great for remote workers and a hybrid workforce nowadays, for people who are trying to access their VPN or any applications from outside of the company. It helps us make sure it's someone who should be accessing those things. It does a good job.

It's definitely a factor in achieving that Zero Trust.

In a way, it helps us remediate threats more quickly. If someone is trying a brute-force attack, trying all the passwords they can, and they're not getting a response through Duo, you can see certain security threats that are happening and remediate them.

Duo has also had a big impact on employee morale. People like it. They feel that their data is more secure. Resiliency is very key to keeping people doing their jobs. Cyber security resilience has been very important for us. It used to be that security was not to be the main focus, but it's extremely important now. There are a lot of ransomware attacks and people need to be very cognizant of that. It's important to have redundant and resilient systems in place to support that.

It's nice to have that push notification with the app and it's pretty easy to use. Our users are usually pretty open to it, and it's pretty easy to onboard people.

It also seems like it's accurate, and you can add multiple devices to your account.

In addition, typically, if it detects that you're on an internal network, you can bypass the Duo portion of it. That way, people don't have to do MFA when they're on campus.

Another feature is the single pane of glass management. That's important for analytics and also for troubleshooting. It means there's one place that you go to at least start the troubleshooting process. It also helps with the user experience because you can manage all the user accounts from that one spot, including setting up new users, making adjustments, editing their preferences, et cetera.

It could be a little bit more intuitive when it comes to the sign-up process. I know they send out an email, but sometimes our users get a little confused. It could be an end-user problem, but Cisco could work on that a little.

I've been using Duo Security for about two years.

It seems very stable. I don't think there has been any point at which people have tried to use it and it has failed.

The scalability seems fine. As long as you get the licensing to support it, you can add as many users as you'd like.

We have five or six offices locally, and a few more in different states in the US. We also have one in Shanghai, but they're doing their own thing there. But everyone in our US offices uses it, they all get enrolled. Typically, people will install the app on their phones although they don't have to.

I don't think we've had to use technical support too often, which is a good thing about the product itself.

We didn't use an MFA before Duo.

When the solution was rolled out, I wasn't with the company, but we then expanded it in different ways and I have been involved in that. In terms of the initial deployment, from what I can tell, it was relatively straightforward. And from what I've seen since, it hasn't been too hard to expand it to other services.

It's definitely a valuable product to have.

We may have evaluated other options at a surface level, but we didn't really go too deeply into them. We pretty much went with Duo out the gate.

I would tell leaders who want to build more resilience within their organization to do it right now. It's definitely important and there are a lot of resources out there that can help them on that path. Duo helps with that.

It does what it's marketed to do.

Essentially, we use it as a two-factor authentication for our users when they are trying to log into the corporate network or another dev network that we have.

Overall, it provides functionality and security with the two-factor authentication. We can ensure whomever is logging in isn't someone else who might be sharing a username or password.

It is a good source of security as far as ensuring that there are no rogue agents attempting to access the network. Duo has enabled us to mitigate rogue access requests to our network.

With everything that went on over the past three years, we can authenticate through the VPN, or anywhere that you are at, giving our workers the ability to work hybridly and tackle day-to-day jobs without having to come into the office.

Our workers know what they are doing is secure. They don't have to worry about buying other equipment and we don't have to worry about supplying other equipment. We can just use Duo to facilitate, making it easier to do their day-to-day jobs.

The ability to work online and offline with two-factor authentication is the best feature. Usually, with products, you have two different tokens. For this product, there is just one. 

It is a good product to assess the access. Overall, it has a timely response as far as when you need to click. It is very interactive. It is not like you have three seconds, then it is gone. It gives you the time to do it.

It provides single-pane-of-glass management, which is pretty easy and straightforward. Because we manage multiple access tiers, it allows us to essentially manage everything from one viewpoint and not have many viewpoints for the same product. This is important because it is a time and resource saver. It also saves us money.

The single-pane-of-glass management user experience is pretty good. It is one of the best ones that I have worked with so far.

The biggest challenge is integrating it into all our end user utilities. We use it for other networks, not just our personal network. So, the challenge is just integrating it across the board.

There is not much improvement as far as the front-facing part of it. For the back-end, there could be a few more security features applied. Obviously, as they grow, it will get better.

I have been using it for about seven months.

The stability works well with what we have, and we have a big Cisco infrastructure. It is pretty seamless for us.

Maintaining network connectivity with Duo is pretty easy. The timeout isn't too bad. It obviously depends on your security thresholds, but it is pretty easy.

It is pretty scalable. We have run it through its paces.

I haven't had to work with their technical support division. I am guessing it is good since I haven't had to deal too much with them.

This is the first time that I have worked in a VPN environment.

I would give it about a nine out of 10 because nothing is perfect.

Our web developers use Duo Security as a WordPress plugin to provide security for our websites.

Duo offers dual-factor authentication for our logins. I put in my credentials and hit go. Then I get an alert on my Apple watch, and I approve it. That part is just phenomenal. 

Duo has some issues that we're trying to work through. For example, if I install it on a WordPress site and another admin needs to log in, they can't because Duo hasn't been set up for them. It doesn't appear that I can add permissions on a user-by-user basis. It's not obvious.  

I would also like to see password-free login. There used to be a password-free product where you used your phone and looked at the screen. I can't remember what it's called now, but it was great. It used blue wavy lines that constantly changed, so nobody could ever screen capture and use them to log in. That was by far the best solution. 

Duo bought them out and did away with them. They probably saw it as a threat because it was a better solution. And a couple of companies have tried to mimic that, but they have never come close. If Duo were to go back to something like that, I would be ecstatic. Passwords are supposed to be a thing of the past.

I've used Duo Security for about two years.

Duo Security is stable.

I don't know how Duo would scale. If I've got a hundred websites and I install it on several of them, scalability just means adding it to a new website. It would be as easy as adding it to the first. 

That's not an issue, but I  still haven't figured out how to add new users to a site that already has it installed. I checked their online documentation and haven't found an answer yet,  so we temporarily took it off on that particular site.

We tried several authentication solutions before, but I liked the way Duo works better. 

I rate Duo Security eight out of 10 for ease of deployment. It takes a minute or two to download and install the plugin. 

Duo Security is free.

I rate Duo Security nine out of 10. Duo is a solid solution, but it still has some minor issues with adding users. 

We use Duo Security to level up security and access to internal systems.

Duo Security has provided us with heightened security. That's the biggest benefit because, nowadays, security risks are big due to hacking. This solution narrows down a lot of things that we have to go through.

If you have to log in to something, you must go to Duo Security to confirm that you're who you are on your phone. From there, you go back to the app, and it allows you access.

When you come to the push in Duo Security, there are some integrations where you have to use the code instead of the push functionality. Sometimes, you have to go and push from the app, go to Duo Security, and then go back over after you've accepted the push. It would be good if a seamless web comes down, you press the button at the top, and it goes away while you're still in the app.

I have been using Duo Security for about two years.

Duo Security is a pretty stable solution.

Duo Security is a scalable solution. You can easily download the app, log in, and you have access. Scaling is not an issue with Duo Security.

Duo Security's customer support is very helpful, going above and beyond what they normally need to do to get things fixed and resolved. I can always reach out to my reps, who try to figure out what's going on to help me.

Positive

Since I changed companies, I can't remember the old solution, but it was probably some Microsoft solution. It did almost the same thing as Duo Security, except that Duo Security has the push. So instead of going back and finding the code, it can easily just push to the app, allowing you access. So it's a little bit faster to access your systems than having to find these different apps.

We have seen a return on investment with Duo Security because getting hacked once would cost us millions. So investing in a solution like Duo Security saves us all that money.

Most solutions do what we're trying to use Duo Security for. It ensures a person has different access to the system via a different device like a YubiKey.

Duo Security has helped to improve our organization's security posture through reassurance in giving out access. Having something like Duo Security on the back end can help pinpoint who's logging in and ensure there is no random bot.

I highly recommend Duo Security because it's still seamless from my standpoint. I don't know how it would be on the back end, but it'd be a great application for any organization wanting to heighten its security on user access.

Overall, I rate Duo Security ten out of ten.