Cisco Duo Reviews

We use it for two-factor authentication so that we're not just relying on the username and password but also on two-factor authentication, whether it's through SMS or through the application.

People use very weak passwords, so it's very easy for attackers to get in and compromise accounts. This is why we need two-factor authentication and why we are with Duo Security. It helps us to not only rely on the username and password but also implement another layer of protection. Attackers are not going to be able to compromise accounts because of the two-factor authentication.

It has definitely reduced embedding. We found a lot of problems with attackers being able to compromise accounts. Now, when they try to access accounts, they are not able to do so because there is an added layer of protection. Once we know that a username and password are compromised, we just reset the password to protect the company.

I like the two-factor authentication, which gives another layer of protection.

It's very important for our organization that this solution considers all resources to be external. Our company has thousands of people who access from outside, and it's hard for us to know which one is legitimate and which one is illegitimate. Having two-factor authentication with Duo helps us to implement a second layer of authentication so that we know for certain that the people who are accessing accounts are legitimate.

It's a great solution for securing access to the applications and network because we can integrate the solution with all types of applications. The system has the ability to integrate customized applications built in-house and those that were brought in from outside. It integrates with network access as well, such as when you want to access a different node. It has multiple ways to authenticate applications, network access, etc., which helps us a lot to spread the solution across all our assets.

That the solution helps support hybrid work is very important to our organization because people access accounts from everywhere. Duo Security gives us the second layer of protection.

The solution provides a single pane of glass management to help us monitor all of the access.

Duo Security helped us remediate threats more quickly.

It is not easy to maintain network connectivity.

Duo Security should have more customized use cases. For example, if a client needs to have more customization, it would be better to connect directly with Duo's R&D to try to discuss the issues together in order to add customizations.

I've been using this solution for the last two years.

The stability is definitely good.

The scalability is great. The solution is deployed in multiple locations, and we have around 30,000 people.

The technical support is good. They are helping us, and I would give them an eight out of ten.

Positive

We switched to Duo Security because it's easier to implement and can be spread across all the applications.

We have definitely seen an ROI from a protection perspective. It helped us a lot to protect against compromised accounts.

Price-wise, it's not cheap, but it's not expensive at all either. It's in the middle.

I would rate Duo Security at nine on a scale from one to ten.

Essentially, we use it as a two-factor authentication for our users when they are trying to log into the corporate network or another dev network that we have.

Overall, it provides functionality and security with the two-factor authentication. We can ensure whomever is logging in isn't someone else who might be sharing a username or password.

It is a good source of security as far as ensuring that there are no rogue agents attempting to access the network. Duo has enabled us to mitigate rogue access requests to our network.

With everything that went on over the past three years, we can authenticate through the VPN, or anywhere that you are at, giving our workers the ability to work hybridly and tackle day-to-day jobs without having to come into the office.

Our workers know what they are doing is secure. They don't have to worry about buying other equipment and we don't have to worry about supplying other equipment. We can just use Duo to facilitate, making it easier to do their day-to-day jobs.

The ability to work online and offline with two-factor authentication is the best feature. Usually, with products, you have two different tokens. For this product, there is just one. 

It is a good product to assess the access. Overall, it has a timely response as far as when you need to click. It is very interactive. It is not like you have three seconds, then it is gone. It gives you the time to do it.

It provides single-pane-of-glass management, which is pretty easy and straightforward. Because we manage multiple access tiers, it allows us to essentially manage everything from one viewpoint and not have many viewpoints for the same product. This is important because it is a time and resource saver. It also saves us money.

The single-pane-of-glass management user experience is pretty good. It is one of the best ones that I have worked with so far.

The biggest challenge is integrating it into all our end user utilities. We use it for other networks, not just our personal network. So, the challenge is just integrating it across the board.

There is not much improvement as far as the front-facing part of it. For the back-end, there could be a few more security features applied. Obviously, as they grow, it will get better.

I have been using it for about seven months.

The stability works well with what we have, and we have a big Cisco infrastructure. It is pretty seamless for us.

Maintaining network connectivity with Duo is pretty easy. The timeout isn't too bad. It obviously depends on your security thresholds, but it is pretty easy.

It is pretty scalable. We have run it through its paces.

I haven't had to work with their technical support division. I am guessing it is good since I haven't had to deal too much with them.

This is the first time that I have worked in a VPN environment.

I would give it about a nine out of 10 because nothing is perfect.

Our web developers use Duo Security as a WordPress plugin to provide security for our websites.

Duo offers dual-factor authentication for our logins. I put in my credentials and hit go. Then I get an alert on my Apple watch, and I approve it. That part is just phenomenal. 

Duo has some issues that we're trying to work through. For example, if I install it on a WordPress site and another admin needs to log in, they can't because Duo hasn't been set up for them. It doesn't appear that I can add permissions on a user-by-user basis. It's not obvious.  

I would also like to see password-free login. There used to be a password-free product where you used your phone and looked at the screen. I can't remember what it's called now, but it was great. It used blue wavy lines that constantly changed, so nobody could ever screen capture and use them to log in. That was by far the best solution. 

Duo bought them out and did away with them. They probably saw it as a threat because it was a better solution. And a couple of companies have tried to mimic that, but they have never come close. If Duo were to go back to something like that, I would be ecstatic. Passwords are supposed to be a thing of the past.

I've used Duo Security for about two years.

Duo Security is stable.

I don't know how Duo would scale. If I've got a hundred websites and I install it on several of them, scalability just means adding it to a new website. It would be as easy as adding it to the first. 

That's not an issue, but I  still haven't figured out how to add new users to a site that already has it installed. I checked their online documentation and haven't found an answer yet,  so we temporarily took it off on that particular site.

We tried several authentication solutions before, but I liked the way Duo works better. 

I rate Duo Security eight out of 10 for ease of deployment. It takes a minute or two to download and install the plugin. 

Duo Security is free.

I rate Duo Security nine out of 10. Duo is a solid solution, but it still has some minor issues with adding users. 

We use Duo Security for two different parts. One is for access to one of the servers, and the other one is for accessing the VPN connection.

It helped free up the time of IT staff. It helped them to manage the control within the users. They can control who gets access to which part of the system. For example, if there is a group of people who need a certain type of permissions, they can set them up easily. They can gather them in groups and give specific permissions. They can also give specific permissions to only one person.

It has been very useful in detecting or fixing threats that come into the organization.

It's a good thing for the authentication of your credentials. It's easy to use for the security part, and it helps to improve our security posture.

They can make authentication easier. It should be done in a shorter time. Sometimes, it can take a bit more time to get the answer on your phone. You have to wait a bit longer to get the SMS code and other things. There can be some internet or connection issues. They should make it faster because sometimes, it's urgent, and you need to access something as soon as possible.

I have been using this solution for about two years.

In general, all Cisco products, not just the Duo product, have a lot of stability.

Their tech support is pretty good, but there are some disadvantages. Sometimes, they take a long time to answer. I understand that some of the issues are not very easy, and it takes time to research them. I'd rate them an eight out of ten.

Positive

We didn't use any non-Cisco products. We were only using Cisco products. The IT part of our organization is using the Duo authentication system, and we are using another part of the server for authentication.

It's not very hard. It doesn't take long. The IT gives us an access code for it. 

I just downloaded the app, and after that, just got the security code from that department. I entered that, and it was done. That's it. If you are changing your device and they're just resetting your data, it can take two or three minutes maximum for a new device.

I'd rate Duo Security an eight out of ten.

We use it for security in general. We were looking for something that would integrate with what we already had and that would give us an extra layer of security on top of what we were doing. Since a lot of people were starting to use a lot of handheld devices and equipment at home, we wanted another layer in there.

It hasn't done as much in terms of remediation as it has just flat-out in prevention. Duo has done a very good job in making sure that a problem doesn't become a bigger problem. It's done that very well.

We like the different ways that it allows you to push notifications to people. It can do text, a phone call, and email. We liked the versatility for all of our different end-users, regardless of their level of understanding of the technology.

It does a very good job of helping workers feel safe and secure and supported. Some people view it as just another layer of things that they have to go through, but the simplicity of use, such as being able to call in if they need to, or receive a text, takes into account all levels of end-users and what it takes to get that authentication from them.

It is also important that the solution considers all resources to be external. When you already have certain pieces of security in place, it's really difficult to just rip everything out and replace them. You need something that can start as a standalone solution and then slowly work its way into the rest of your corporate network. When we changed buildings, we had a lot of people working at home for the first time and suddenly using different devices to do their day-to-day jobs, so that aspect became very important.

When it comes to supporting an organization across a distributed network it becomes very important, again, because the traditional method of backhauling security solutions to a central point gets very dicey. It starts to generate a lot of traffic across a wide area. And what happens if some of that can't get back to you? Or what happens if you're dealing with low bandwidth or other scenarios? Plus, depending on where you're at, they may view that as some kind of encrypted back tunnel and not let that happen. Whereas Duo, because it's more distributed and it's trusted out there, allows you to drop something in on a footprint on a very large scale. Before, it would've been a nightmare to get all that configured properly and working.

In addition, the single pane of glass management is very important because security is an extremely complex issue. If you have all these different windows to look at, you're not sure if somebody was looking at this window at this particular time, or if they were over there at that window and missed something. The single pane of glass is very important because the biggest enemy of security is complexity. If you miss something because somebody is not watching the right dashboard, it can blow right by you.

The single pane of glass management does a pretty good job of helping to optimize the user experience, in my particular role. And from what I hear from my team, they're very happy with it. They feel it does a good job for the clients and they love the simplicity.

There could be improvements made to the dashboards and more integration with the rest of the Cisco ecosystem. Duo was clearly purchased, and Cisco has a lot of other panels for their Firepower products, et cetera. They need to continue bringing it, Umbrella, and the endpoint pieces even more together and make the integration a little more seamless among all of them.

Our company has been using Duo Security for about two years.

It's very stable. I don't think we would have gotten it if it wasn't stable. It obviously had set quite a reputation before Cisco acquired it, and that has continued.

The scalability has worked great for us. We've not had any issues with it.

My team gives demonstrations of Duo regularly. The number-one piece of feedback that we get from people is that they like the simplicity. They like the windows, that it's easy to set up, and the features. There are different features and you don't have to turn them all on right away. You can turn on the basic features and get the authentication piece. They like the ability to then drill down and turn on some of those extra features because they don't have to ramp up straight away. They can turn on the basics and be in good shape. Then, if they want to keep tweaking it and turn on all the other pieces, it scales really nicely that way.

End user-wise, we're probably up to about 600 to 700. Our central office is out of Harrisburg, PA and we have a couple of warehouses across the U.S. where I believe they use it too. It's a bit of a distributed model, but it's not a massive distributed model.

I have not personally had to deal with tech support, but my engineers who have had to deal with them have said that they've been very on the ball with quick responses. There have been no major issues.

We did not use a solution for authentication.

It was a little interesting in the beginning when we first put Duo out there because everybody was concerned about text messages on their personal cell phones, and use of their cell phones, and who actually owns their cell phones. We dealt with a lot of what was more along the lines of company policy issues, back and forth.

But after we got past the initial rollout, everybody seemed to calm right down and we don't get any complaints or negativity about it now. It's just part of normal life. Before Duo was pushed out, there were a lot of other companies that were starting to do the same type of thing. That helped ease the release of the Duo product in our organization because people were already starting to get somewhat used to having that kind of stuff happening.

Licensing and pricing are a little bit out of the area that I play in, but I think the pricing is in pretty good shape. 

One of the issues that we used to have is that Umbrella, Duo, and Cisco Secure Endpoint all had different license quantities that you had to buy. That made it really difficult to buy a complete solution with all the other pieces. I had to buy 25 of this one at a time, and 10 of that at a time, and 15 of another one at a time. They seem to have fixed that and the number of seats that you buy now matches across all the different products.

We shopped around for other layers of security but I don't think we specifically shopped around for the authentication piece. When we looked at everything, and the dust settled, this was the easiest piece to put on top of what we had and to give us another layer of security.

Duo hasn't eliminated trust, but it has certainly been a piece of what has helped build our whole hierarchy. We're moving forward and starting to put other pieces in place too on top of that, things that sync a little better with it.

Duo is beneficial to the overall connectivity. It doesn't cause any issues. It doesn't cause an excessive amount of delay, from what we have seen. The nice thing about it is that it just sits on top of whatever else is already in place and it doesn't cause disruption to whatever else you're using.

I rate it highly because it's something that can grow with you, whether you have very little security or a lot of security, whether it's already Cisco or not, and whether you have a mixed mess that you're trying to put into some kind of order. It will go in any direction with you and grow. It will get better as you improve the stuff around it and it will start to integrate with Cisco solutions. It's one of the best products because you have the ability to go with or without Cisco, and it gets better as you add more.

Duo specifically offers good MFA functionality. We needed support for our VPN and used GlobalProtect as well as Duo for additional security.

Duo has allowed us to add an additional layer of security to our organization. It prevents people from gaining access unless they have your credentials as well as a device. It has allowed us to establish trust for every access request and secures our environment. We are confident and comfortable with the way the solution handles this. We have tried other solutions but they've not met our expectations.  

Duo Security does a good job of helping to support our organization across a distributed network. It does a fantastic job at securing access to applications and networks. It is streamlined and straightforward.

Duo Security provides single-pane-of-glass management.

This solution has been most valuable for locking up our VPN solution and providing secure web protection. 

We have a 24 hour timer for our Duo cookie and we would like to reduce this to a shorter time when using Duo. We use Duo together with GlobalProtect and I am not sure which solution would be responsible for this improvement. 

I have been using Duo Security for the entire time I've been employed at my company.

This is a stable solution. 

This is a scalable solution. We have 20,000 users covered by this solution. 

We have not needed much help from the Duo support team. Using this solution has been surprisingly easy for us. 

We were running a different solution on a test gateway we had and it didn't meet our expectations so we moved to Duo. We have previously tested XAML. 

You pay per user when using this solution and the pricing is fair.

We have never had an issue in maintaining network connectivity across all workplaces. Duo Security has helped remediate threats more quickly and offers security end to end. Cybersecurity resilience is probably one of the most significant elements of organization because we work in the healthcare industry.

I would rate this solution a ten out of ten. This is because we have not had any vulnerability that has been exposed to or any other issues that we've had to deal with.

When our users are connecting to our Cisco VPN, Duo effectively ensures that they are who they say they are by taking a second factor into account, such as the cell phone that was used to create their profile. To do this, it sends them a second mode of authentication, such as a PIN or push confirmation. It also geo-locks who is allowed to actually log into our systems. We have it locked to the continental United States and Puerto Rico, and one outsourcing firm that we work with.

Once you have it set up, all you really have to do is add people to a group in the active directory and send them the instructions on how to do it. If you have a lower technical user base, you may have to walk them through it. But once it's set up, it really is automatic.

Not a single person from our IT staff really needed anything other than the instructions. Of the 15 people in our test group, nobody actually needed instructions on how to use it either — beyond what I just wrote up and sent them.

As we get to the older population in our company, the less technical population, we're probably going to have to walk them through it or hold their hands a little bit.

Within our organization, there are currently 15 employees using this solution. Eventually, we will have all 221 office staff users with it set up. Still, we'll probably top out at about 80 users a day.

We will increase the overall usage as our users increase. So, if we hire another 10 people, then we'll buy another license.

The multi-factor authentication process and the geo-locking features are great. It provides us with statistics about the devices that are used to perform the second authentication factor.

Upon successful connection, it tells us where and what device is being used to perform the second authentication factor. For example, when I log in with it, we'll see that I have my iPhone 11 and that it is located in the area via its IP address.

We had some trouble with the password reset function. When a user's password is expired, you can prompt them using Cisco AnyConnect — a password management feature — to change their password in the same channel during the login process. We had a lot of trouble configuring that. As a result, we now have a second channel that bypasses Duo to allow them to reset their password.

For this, we needed Cisco support, Duo support, and our network administrator all lined up. It should have just been something that they could have just configured, but they weren't able to do it in the same channel. We had to actually create a second channel. When you do this, people will try to log on and it'll tell them that their password is incorrect. They'll realize that their password is expired because it's been 90 days. Afterward, they'll have to then go back to AnyConnect, change the channel that they're logging into, attempt to log in, get the password prompt, disconnect from the AnyConnect, and then reconnect using the Cisco Duo multifactor authentication — this is extremely complicated.

Still, it's really only a problem for a small subset of users. The ones who ignore the notifications 10 days before saying, "Hey, change your password."  So, it's not as big of a deal as it sounds. Just by having a functional way to do it, it makes it so that if nobody's on staff, the user can reset their own password without having to call us in the middle of the night on a Saturday, because that's the best time for those passwords to expire. 

Also, it would be nice if it was easier to modify the splash screen that comes up when entering your username and password.

We actually just configured Duo Security — we're in the process of pushing it out. Currently, we've been using it for the past three to four months.

Scalability is definitely up there. It could easily handle many, many, many more authentications than we are currently or ever would use. It could definitely go far beyond what we are currently using.

The technical support agents are definitely knowledgeable; they give us plenty of recommendations on how to do things. They are very quick to send us white papers describing how to fix things ourselves. 

Although they try to push us toward a self-help model, they do eventually get online with us via a WebEx chat with the Cisco reps and help us out. We've never really had any problems finding somebody from chat support that wouldn't jump on to the WebEx meetings with Cisco premium support.

We didn't have anything covering multifactor authentication. We were using Cisco AnyConnect with the tie-in to the active directory, but we just had the single factor — the username and password. Duo allowed us to greatly enhance our security. Now, not only do users have to know their username and password, but they also have to be able to receive the second-factor authentication in order to get in. The same goes for anyone trying to break in.

The initial setup was complex, but due to the support that we received during the onboarding, it was very simple with the exception of the password reset channel that I mentioned earlier that we tried to use but didn't end up doing. The way we have it set up now is actually how it was configured during the onboarding process. It just would've been nice to have had it functionally work — to have that all in one channel.

Regarding deployment, we have an in-house person, but we still had Cisco Duo onboarding support to assist us with the setup. If you have a CCNA, you'll probably be able to do it yourself, but it's just much easier to do it with onboarding support.

The functional part of the onboarding process only took roughly an hour. Including troubleshooting our channel issue, we spent roughly 16 hours before we just decided to go back to the original build.

Our licensing fee is currently on an annual basis.

There are two levels of support with Duo that we were considering. The first level of support is just the two-factor authentication — it doesn't do anything else. But the second level of support provides us with network access control. This basically allows us to say, "Hey, your iPhone hasn't been updated in 10 years, update your iPhone to continue using this service." Or, "Your Windows device does not have updates." It also provided us with the geolocation feature. We were experiencing a lot of break-in attempts from Moldavia. So, thanks to this feature, we just locked out Moldavia. If nobody in Moldavia can connect to our system, then nobody in Moldova can hack us. 

If you're interested in using this solution, be sure to get the onboarding team to set everything up during the onboarding phase. Set up a proxy server if you can and get them to do everything during the onboarding phase — then you won't have any problems.

Compared to the after-purchase support, the onboarding people are a lot more willing to just take over your computer and set things up for you.

Overall, on a scale from one to ten, I would give this solution a rating of ten — it's the best. 

We use Duo Security to level up security and access to internal systems.

Duo Security has provided us with heightened security. That's the biggest benefit because, nowadays, security risks are big due to hacking. This solution narrows down a lot of things that we have to go through.

If you have to log in to something, you must go to Duo Security to confirm that you're who you are on your phone. From there, you go back to the app, and it allows you access.

When you come to the push in Duo Security, there are some integrations where you have to use the code instead of the push functionality. Sometimes, you have to go and push from the app, go to Duo Security, and then go back over after you've accepted the push. It would be good if a seamless web comes down, you press the button at the top, and it goes away while you're still in the app.

I have been using Duo Security for about two years.

Duo Security is a pretty stable solution.

Duo Security is a scalable solution. You can easily download the app, log in, and you have access. Scaling is not an issue with Duo Security.

Duo Security's customer support is very helpful, going above and beyond what they normally need to do to get things fixed and resolved. I can always reach out to my reps, who try to figure out what's going on to help me.

Positive

Since I changed companies, I can't remember the old solution, but it was probably some Microsoft solution. It did almost the same thing as Duo Security, except that Duo Security has the push. So instead of going back and finding the code, it can easily just push to the app, allowing you access. So it's a little bit faster to access your systems than having to find these different apps.

We have seen a return on investment with Duo Security because getting hacked once would cost us millions. So investing in a solution like Duo Security saves us all that money.

Most solutions do what we're trying to use Duo Security for. It ensures a person has different access to the system via a different device like a YubiKey.

Duo Security has helped to improve our organization's security posture through reassurance in giving out access. Having something like Duo Security on the back end can help pinpoint who's logging in and ensure there is no random bot.

I highly recommend Duo Security because it's still seamless from my standpoint. I don't know how it would be on the back end, but it'd be a great application for any organization wanting to heighten its security on user access.

Overall, I rate Duo Security ten out of ten.