Cisco Duo Reviews

We mostly use it for multi-factor authentication with email platforms like Office 365 as well as other apps.

We were looking to deal with email phishing attacks and brute force attacks, and the like, and Duo has helped a lot. We're more secure with multi-factor and have seen the number of phishing attacks and brute force attacks go down.

Logging in with Duo is baked into anything that we log into, including any applications, email, and web apps. We integrate it with a product called Jump Cloud, which is our cloud-based identity management system. We have also integrated it into WebEx and Box. Duo runs all of our security and MFA, and it's worked out well.

It's helped a lot of our customers with multi-factor in their identity management systems, on-prem and in the cloud. That way, when users log in, they get the MFAs to be able to log in to any resource on the network.

And because everybody is working remotely now, Duo checks all the boxes for hybrid work.

When it comes to remediating threats, it has helped us do so quickly. We don't even see a lot of the threats anymore because it's working behind the scenes. It has definitely decreased the number of threats in the last year compared to what we used to see.

The ease of use and the ease of management of all the users have been key for us. The setting up of devices in Duo has been really easy as well. It's better than all the other ones I've worked with.

Another important feature is that Duo considers all resources to be external because even the internal ones look like external ones, and people click on stuff and get caught. It's very important to be more cautious than ever.

Also, the single pane of glass management works very well. That feature is very important because we have a lot of admins who have to manage Duo, and it's much easier when it's a single pane of glass. That single pane is also great because it's easy to enroll new devices.

One area that might be improved is that setting up SMS texting is not as easy as using the app, even though it does support it.

Also, a faster management user interface would help. It tends to lag a little bit.

I've been using Duo Security for three or four years.

It has been stable. We haven't really had many issues with it. It maintains network connectivity across all workplaces and works great. I don't have any complaints.

It can scale to as many employees as you have. It can go from five employees to 1,000 employees. I don't see any issues with the scalability.

Their technical support is great.

We did not have a previous solution.

The initial deployment was pretty straightforward. We had a small number of challenges, but nothing we couldn't get by. It was pretty smooth, overall. Setting it up and enrolling new devices into the environment was a breeze. That was the easiest thing.

We do it ourselves.

We see ROI in that users feel more secure and their morale goes up. You get to keep those employees a lot longer if they feel better working for an organization that's investing in security. A big benefit is keeping your employees.

Everybody loves it. They feel a sense of security when they get that prompt to send them a text, or an email. It makes them feel like they're working for a company that is really taking the time to secure the environment. It gives them a good feeling when they get a second form of authorization.

The pricing is pretty competitive. It's pretty cheap. Anybody can adopt it. We don't have customers that haven't used it because of the price.

We evaluated Microsoft Authenticator and Google Authenticator. With those solutions, you don't have the granularity of management of the MFA environment that Duo offers.

Our Duo is all cloud-based, there's nothing on-prem. We typically integrate it with our cloud apps.

Resilience in cyber security is a game-changer. We have the same challenges that every organization goes through with security: phishing attacks, ransomware attacks, et cetera. I wouldn't say it has eliminated 100 percent of them, but it definitely cuts a lot of that stuff out. Every organization should have something like Duo, or MFA in general. But if they're going to do it, they should do it with Duo just because it's so easy to manage and it is resilient.

For management that wants to build more resilience within their organization, they have to implement multi-factor authentication across that organization for everything. It shouldn't just be for email but everything internally as well. 

We use it for two-factor authentication for end-user and administrator login. We wanted to secure our endpoints.

The single pane of glass management is very important and it is part of the reason we went with Duo. Anything we can do to save time for our administrators, help desk staff, and engineers, is valuable to us.

I wouldn't mind seeing some options for remembering a device for a short period of time or a specific login, particularly for administrative engineering staff, as we may be logging in to four or five different services. We're having to use it a lot. I understand it, it's just part of it. That's not specific to Duo. That's two-factor authentication in general.

I've been using Duo Security for about a year.

It's stable. We haven't had any downtime that I can recall or any problems with maintaining network connectivity.

Any issues we've had have been local to a specific user. Maybe the phone number was not set up right or there was some conflict as a result of somebody changing a device, but it's always been pretty straightforward to get that kind of thing resolved.

We started off with a small deployment and, in one or two steps, sent it out to everybody and it scaled fine. We didn't have to change anything in our setup.

We have about 1,200 users across 60 branches around the U.S. We occasionally have people using it internationally and we're able to handle that fine with our geographic location blocking or allowing, as the case may be. It's a fully virtualized environment. We have a lot of remote users, people who work in remote fields. As long as they have a cell signal, it works.

I have not had to deal with any support for Duo. The less I have to talk to support the better, for sure.

This is our first venture into two-factor authentication.

We didn't have a specific problem we were trying to solve when we got it. We were just trying to add more and more security. We did have regulatory requirements for two-factor authentication and that is what drove it.

The deployment of Duo Security was mainly a project done by our network and security team, but I was involved in it to some extent. I found it pretty straightforward. As enterprise-wide security solutions go, it wasn't too bad.

We got it integrated with Active Directory. There were some struggles there that I don't know the specifics of because our network team was working on that. But once everything was set up, it was pretty easy to add a new user and do whatever we wanted to.

It took a little time for our users to get used to it, but everybody took to it pretty well. The users don't really have to interact with it other than getting their push notifications. For them, it's easy. It requires minimal training. It pops up and it's all pretty self-explanatory.

It's pretty easy to use as two-factor authentication systems go. We evaluated a few others, including the Microsoft two-factor authentication, a little bit, and one other, and Duo ended up being our favorite. Part of that was because we're in that Cisco ecosystem and we were able to integrate it with our other services that are all cloud-based. It fit in pretty well for us, and it would for anybody with a similar setup.

Duo was also the least obtrusive to the user and the ease of administration through the administrative portal was a little better.

Fortunately, we haven't had to evaluate it when it comes to helping us remediate threats more quickly, but we're confident that it will.

Regarding resilience in cyber security, two-factor is definitely a must-have. We're satisfied with it as far as that goes, in addition to it fulfilling our regulatory requirements.

For our use case, for logins, it just works.

We try to use the solution for pretty much everything that we can use with it. The tool helps us to get into our dashboard APIs, and log into Citrix, VPN, and servers. 

I love Duo Security's push notifications. It's simple, fast, and secure. From the user's perspective, the solution is seamless. The security aspect is great. 

We have been using the product for about two to three years in our company. 

I haven't seen any reason to think the solution is unstable. 

The product is very scalable from what I have seen. 

The solution's support is pretty good. It helped us quite a bit. Both Meraki and TAC have been pretty helpful. 

Positive

We switched to Duo Security due to the cybersecurity threats that came with COVID. There was a big one that came against us at one time, but we were able to squash it pretty quickly. The threat was not able to get into the mainframe because of the solution. 

The tool's setup was easy and we didn't require too much outside help to set it up. 

As a network and security guy, security is my return and it has been better with the product's use. 

I would rate the solution a nine out of ten. Duo Security can get spotty at the back end but it doesn't break. It would be great if I could use the product to log into the routers or switches in the infrastructure. We already have Active Directory enabled in our routers and switches. However, if we could do two-factor authentication, then it could go a long way since no one's getting into them unless you want them to. We are all for more security in healthcare. 

We use Duo Security to level up security and access to internal systems.

Duo Security has provided us with heightened security. That's the biggest benefit because, nowadays, security risks are big due to hacking. This solution narrows down a lot of things that we have to go through.

If you have to log in to something, you must go to Duo Security to confirm that you're who you are on your phone. From there, you go back to the app, and it allows you access.

When you come to the push in Duo Security, there are some integrations where you have to use the code instead of the push functionality. Sometimes, you have to go and push from the app, go to Duo Security, and then go back over after you've accepted the push. It would be good if a seamless web comes down, you press the button at the top, and it goes away while you're still in the app.

I have been using Duo Security for about two years.

Duo Security is a pretty stable solution.

Duo Security is a scalable solution. You can easily download the app, log in, and you have access. Scaling is not an issue with Duo Security.

Duo Security's customer support is very helpful, going above and beyond what they normally need to do to get things fixed and resolved. I can always reach out to my reps, who try to figure out what's going on to help me.

Positive

Since I changed companies, I can't remember the old solution, but it was probably some Microsoft solution. It did almost the same thing as Duo Security, except that Duo Security has the push. So instead of going back and finding the code, it can easily just push to the app, allowing you access. So it's a little bit faster to access your systems than having to find these different apps.

We have seen a return on investment with Duo Security because getting hacked once would cost us millions. So investing in a solution like Duo Security saves us all that money.

Most solutions do what we're trying to use Duo Security for. It ensures a person has different access to the system via a different device like a YubiKey.

Duo Security has helped to improve our organization's security posture through reassurance in giving out access. Having something like Duo Security on the back end can help pinpoint who's logging in and ensure there is no random bot.

I highly recommend Duo Security because it's still seamless from my standpoint. I don't know how it would be on the back end, but it'd be a great application for any organization wanting to heighten its security on user access.

Overall, I rate Duo Security ten out of ten.

Our primary use case is multifactor authentication for our VPN users. We didn't have multifactor authentication before. After we integrated Duo Security with our systems, everyone has been using it, and it has given us peace of mind when dealing with VPNs.

The most valuable feature of Duo Security is the ability for the user to easily approve access. The application prompts the user, and they can see the location and the IP address. This makes it easy for the user to approve it and go through the process of logging in to the VPN.

Duo Security can be used for any type of authentication apart from that for VPNs. It saves time and prevents problems because it is user-friendly.

Integration between Duo Security and FTDs needs improvement. Integrating Next Generation Firewall safety with Duo Security currently requires a proxy agent between Active Directory and the appliance. It's an additional factor that we need to think about. It would be great to have direct integration with FTD so that we don't have to worry about middleware products. For the rest of the Cisco Secure solutions, the APIs need improvement.

Duo Security needs to improve the delivery of text messages to the users. This has been a big pain point for us over the years. Though we understand that the local telecoms are the ones responsible for the final delivery of the message, there should be a way to improve the process. Some users don't use the application and rely on SMS messages. It is a problem at times because the messages are not delivered.

We've been using Duo Security for almost six years.

We use Cisco Umbrella, ISE, FirePOWER Services, Next Generation Firewalls, FTD, ASA, and Duo Security.

The stability of Duo Security is great. We receive notices for any problems or issues in a very timely manner.

The solution is generally easy to scale. If you have the ability to deploy Duo Security yourself or can leverage third-party integrators, there should not be any issues with scalability.

Cisco support for Duo Security has been great. We haven't had many cases, and most of the ones we have had were related to SMS and text messaging delays.

On a scale from one to ten, I'd rate technical support at eight. They are quick to provide solutions but can improve on working with third-party service suppliers so that end-user experience is better.

Positive

Deploying Duo in our environment was very easy because of the pre-staged configuration. It was very quick, and in one to two days, we had a VPN concentrator using Duo Security.

Duo Security was initially deployed using a consultant, but afterward, we deployed multiple additional VPN concentrators ourselves.

The return on investment has been huge in terms of protection from cyber-attacks. We have been able to protect our employees by having multifactor authentication. This is invaluable for companies in the current threat landscape.

In terms of support, it's always great to have happy users who are able to easily log in to our environment through VPN without having to bother about non-working software agents or any other type of authentication platforms.

My advice to you if you are evaluating Duo Security would be to do your research and compare it to other competitors. If you are a Cisco-oriented company, you will see that there are several benefits to using Duo Security. You will also see that it has the edge over other solutions on the market.

On a scale from one to ten, I would rate Duo Security at eight. The stability and user experience are great, but there's room for improvement in terms of text message and SMS delivery.

We mostly use it for our AnyConnect VPNs and two-factor authentication.

We use Firepower Defense as a firewall, and we have implemented the IPS system on the firewall. Previously, we had ASA, and two-factor authentication was with the code, but now, it's with a push notification. It has somehow made it easier for non-IT employees to easily connect to the VPN, but it, as such, hasn't saved any time. It didn't reduce any tasks. 

It hasn't helped consolidate any tools or applications because we're not using any other security components that can be integrated with it.

The two-factor authentication is valuable because that is the use case for which we are using it.

We first deployed Duo Security for our company with the VPN, and afterward, about a year later, we implemented it for a customer of ours where we offered infrastructure as a service. When I tried to establish a VPN connection through Duo Security, it did not function well on that version, which was the latest one at the time. So, I had to make a copy of the machine and then implement Duo Security with the VPN because it did not function well with the newer version. I didn't know why, but it did not function. I haven't tried to update it since then, but that could be an area of improvement.

I've been using Duo Security for almost four years.

It's stable.

It has good scalability.

They were helpful and fast 90% of the time. They have knowledgeable tech engineers. We didn't have many problems, but any problem that required a case to be opened was resolved quickly. I'd rate their support a nine out of ten.

We didn't use a similar solution previously. We went for this solution because of the consistency of Cisco products and the best cases that it provides. It fulfills our needs as a company.

It was straightforward. I had some issues, but mostly, I followed the complete path from sandboxing to testing and then going live in production.

We have two people, me and my colleague, but it's mostly me.

I am not involved in its pricing, but we haven't yet seen an ROI.

I'd recommend using it. You can read about the product and implement your infrastructure.

I'd rate Duo Security a 10 out of 10.

We use Duo Security for two different parts. One is for access to one of the servers, and the other one is for accessing the VPN connection.

It helped free up the time of IT staff. It helped them to manage the control within the users. They can control who gets access to which part of the system. For example, if there is a group of people who need a certain type of permissions, they can set them up easily. They can gather them in groups and give specific permissions. They can also give specific permissions to only one person.

It has been very useful in detecting or fixing threats that come into the organization.

It's a good thing for the authentication of your credentials. It's easy to use for the security part, and it helps to improve our security posture.

They can make authentication easier. It should be done in a shorter time. Sometimes, it can take a bit more time to get the answer on your phone. You have to wait a bit longer to get the SMS code and other things. There can be some internet or connection issues. They should make it faster because sometimes, it's urgent, and you need to access something as soon as possible.

I have been using this solution for about two years.

In general, all Cisco products, not just the Duo product, have a lot of stability.

Their tech support is pretty good, but there are some disadvantages. Sometimes, they take a long time to answer. I understand that some of the issues are not very easy, and it takes time to research them. I'd rate them an eight out of ten.

Positive

We didn't use any non-Cisco products. We were only using Cisco products. The IT part of our organization is using the Duo authentication system, and we are using another part of the server for authentication.

It's not very hard. It doesn't take long. The IT gives us an access code for it. 

I just downloaded the app, and after that, just got the security code from that department. I entered that, and it was done. That's it. If you are changing your device and they're just resetting your data, it can take two or three minutes maximum for a new device.

I'd rate Duo Security an eight out of ten.

Our primary use case for Duo Security is all user access to email.

Duo Security improved my organization by helping us secure all access points within the company infrastructure. 

Duo Security helped our company consolidate tools, including email and VPN.

What I find most valuable about Duo Security is that it is our one-stop application for multiple MFAs. 

Duo Security could be improved with the addition of more applications. 

Duo Security has not helped free up our IT department's time.

I have been using Duo Security for six months.  

Duo Security's stability is perfect.

Duo Security's ability to scale is perfect. We have 5,000 people using it in four countries. 

I have never used Duo Security's support. 

We previously used integrated multi-factor security from Microsoft 365 and Fortinet FortiToken. We made the switch to Cisco because we wanted to handle everything in one application.

I was not involved in the initial deployment. I do know however that 10 people were involved in the deployment. 

We have seen a return on investment because with Duo Security, we do not have to pay for multiple applications. Instead, we pay for one solution. 

The cost of Duo Security licensing is OK.