Cisco Umbrella Reviews

We're actually in the process of using this to replace our current web proxies. We use both, side-by-side, at the moment. The plan in the future is to eventually get those replaced with Umbrella so that we can have an overall, overarching proxy either that's based in the cloud or whatever we need. But this currently is our most convenient way of replacing web proxies across all of our locations at our company.

It's definitely made things more centralized. Our current setup is that we have proxies, either physical or virtual, throughout our different locations. Each location has its own proxy at the moment. What's nice about Umbrella is that we can just go into the site and see all of our locations in one place and look at all of our computers, users—everything. It's not divided into separate proxies that we have to go into and figure out which person's using which proxy. Umbrella lets us just see everybody at once, which is really handy for us, and we don't have to spend too much time messing around with figuring out who's where and which location needs this change. [We can just make] changes throughout every location at once, rather than one at a time with those proxies that we currently use.

The past couple of years, [the fact that the solution helps support hybrid work has been] especially important because now we can't use those proxies if people aren't onsite. The way our network was set up was that we had it filtering through the firewall and the firewall was taking certain subnets and filtering those through the proxy. But obviously, when people work from home, we had to get a VPN connection set up. Before COVID, we did not have a work-from-home solution at the time, so everybody had to be in the office. Obviously, that all changed very quickly and Umbrella became a much bigger priority for us because that was our main replacement for those proxies at the time.

We had to expedite the process of setting it up, but what was nice about Umbrella was that it was so user-friendly, it was so easy to set up on our end, that it didn't take as much time as we thought it would. It just simplified the entire process throughout the couple of years that we have especially needed it. But what's cool about that is that now, it's a permanent part of our network. Thanks to the last couple of years, we use it all the time now. It wasn't just a temporary solution for hybrid work because now we use it for both. We have the ability to do hybrid work, but we also have the ability to use it for our employees onsite as well.

[When it comes to threat remediation] most of it is automatic so we don't really have to worry about it too much. Umbrella will just block something if it detects it as malware. That is a super convenient feature for us, that we don't have to manually review every single site. If we do have to review a site, it's nice to have that investigative tool. We put in the URL and it gives us a risk score, depending on how dangerous that site might be. That's super helpful for us to analyze that site, take a look at it, and make a decision on whether we need to block it, or if it can be unblocked. Every situation is different, but Umbrella makes that summary page very convenient for us. It allows us to make decisions much faster and more efficiently.

Our cyber team is a bit different from our network team. We have a separate team for that, but it's nice because they also use Umbrella for a lot of that, depending on what the site is. We use the investigative tool for the risk score, but it also comes with a few other tools, and part of that is just so that they can assess what's safe and what's not safe and what might be detected as malware. Obviously, they have other tools for that as well, so Umbrella is just one cog in the big system. But it definitely allows for easier communication between our teams because we both use it and we can both understand it. It's user-friendly enough so that we can make decisions with them based on what Umbrella tells us and how we interpret that information depending on the site, the situation, the risk score, everything.

We have a lot of employees, a few tens of thousands. We get probably hundreds [of threats blocked] every day. I wouldn't be able to give an exact number on how many are blocked. The main ones we look at are the ones that people request us to specifically look at because they might not think that something was supposed to be blocked, or something is not working properly, and we can go in and investigate that. But there are probably hundreds to thousands of blocks per day on the sites, across all of our locations. That automation allows us to relax a little bit easier and know that our network is much safer with Umbrella on it than it is off. The automatic side of it is basically saving our jobs. That really helps, and we're able to look at anything. Overall, as a program, it has saved us a ton of time and stress by not having to worry about malware or viruses or anything malicious.

One of the coolest features, for me at least, is to be able to type in a website and have it  give an overall summary of how safe that website appears. Part of that is just so that we can investigate. And if there's any sort of confusion between our cyber team and us, we can look further into that site and dive more into that risk score that Umbrella gives us. We can just analyze [those sites] and make sure that we're unblocking safe sites and blocking sites that we deem could be harmful for our employees.

I would say it provides single-pane-of-glass management. We still, of course, use those old WSAs, but in the long run, our plan is to get those replaced with Umbrella. We have locations in Japan, Korea, China. So it's a little bit more difficult to go through one proxy for all of those, especially because it's a bit slower. What's nice is, [with] Umbrella being in the cloud, we can just go into the site, see everything from the management console in that page. Nothing is slow [and] nothing is hosted by us so that we don't have to worry about network issues or management issues. Everything is just laid out right in front of us from the Umbrella dashboard on the internet, in the cloud. And that makes it super helpful for us to just manage all that from one spot across all of our locations across the world.

We aren't a very big team, so that's the main thing. Going through filtering web traffic or blocking sites or unblocking sites, whatever we need to do, can be a bit tedious, especially when we have all these different locations and we would have to go into each location specifically to perform these tasks. Umbrella, being one pane for managing, being all-encompassing, allows us to quickly go in, make a change, and it applies to either every location, if we want it to, or we can have policies in place that only apply to certain users or certain computers. And that makes it super useful for us because we're not messing around with jumping into all these different locations and manually doing each and every one individually. It is extremely helpful for us and it improves efficiency exponentially.

I have personally been using Cisco Umbrella for almost a couple of years. Our company implemented it about five or six years ago. Most of that time was spent getting it set up, but we've really been using it more within the last two or three years now, so it's still pretty new to us at the moment.

[In terms of maintaining network connectivity] obviously it depends on the situation. With Umbrella, it's a bit easier, for sure. There are times where Umbrella, on their side, is having an issue and we're notified of that issue. But in that case, there isn't really much on our side that we can do. To that extent though, the pros outweigh the cons. It's pretty rare that Umbrella is having a problem. The way that our network is set up is that we can reroute traffic pretty quickly using our other Cisco devices, so it's not usually a big issue for us. We have fewer problems with Umbrella than we do with our physical WSA proxies that we currently use, because that is something that we would have to troubleshoot on our end, and we're not always there on site to be able to do that. Then we have to go through someone else who's over there and they have to console us in and we have to troubleshoot whatever's going on over there.

With Umbrella, it's nice to have them tell us what's going on so that we're aware of the situation. If there are any problems, then we'd know what the issue was and how we could work around it. That makes it a bit simpler for us.

Network connectivity isn't really a huge issue for us with Umbrella, specifically. Our use case mainly is just for blocking internet traffic, making groups. We have social media groups where we allow certain computers in places to have access to certain social media sites that we wouldn't normally do. We have other sites being blocked, depending on their use case. That's mainly our function with Umbrella. Internet connectivity is usually not a huge issue regarding Umbrella with us, but if it ever is, it's nice that they communicate the issue to us, [so] that we can work around it.

In my experience with Umbrella support, sometimes the response times take a bit more time than we would like. Obviously, it depends on how they're contacted. But usually, when I contact them via phone, their support team is great. They help me out with everything. But sometimes, if you go through email, it can take quite a while to get a response. Obviously, if it's through email, the issue's probably not as pressing as it would be through a phone call, but the response times could be a little bit better. Email, I usually just avoid. I usually just call them now.

They're super helpful. In terms of response times, it could be a little bit better. Some issues are more urgent than others, but if it's an urgent issue, obviously we just call. Sometimes it takes a little bit [of time] for them to get back. I would probably rate them a seven out of ten.

Neutral

We've had to deploy connectors across certain locations, but [in] all the locations we have a domain controller and that needs to be deployed on those domain controllers throughout all of our different places. I've done a couple of deployments. Most of it was already deployed just by the time I got here. 

[In] my experience of how deployment went, it was very easily laid out, very simple. The instructions were super clear. I didn't have any issues with that. As more of a newcomer to the entire industry, this has been much easier than I expected it to be. Umbrella, as a product, is very simply laid out, very user-friendly. I couldn't praise it enough for helping me out with my job. 

While the support [can] sometimes take a while, overall they're super helpful, they make it very easy and they make you feel like you're not doing anything wrong. They're super friendly and make everything super easy for you. Umbrella as a product, overall, is very user-friendly, as a newcomer to my company.

The plan is to replace those physical proxies that we have. In terms of return on investment, getting rid of those across each location [has been valuable]. In terms of the efficiency with time, it's definitely saved us a lot of time and money troubleshooting different issues and securing the network and helping people access what they need to access. Just in terms of time and efficiency, it definitely has a return on investment.

Trying to replace those physical ones as well, getting rid of those, just having this be the all-encompassing way of filtering traffic and unblocking, of making policies, it definitely saves us a lot of time with the solution that's offered.

In terms of [our employees] feeling supported, they have the ability to submit a request to us very easily. When they get blocked from a site, it's not just one page saying you're not allowed here. They have the ability to submit a request to us so that we can look further into that site. That makes our employees feel more included in the process of helping the company access the sites that it needs to use, [as does our] communicating with those employees [about] why a site might be blocked; or a site that needs to be blocked based on what they find and what they're doing for their job. The important thing is that they're able to talk to us in case there's a site that they think that they need to access and helps them feel included in the entire process.

Like I mentioned earlier, it's one cog in the big system that we have out of our solutions for cybersecurity. We also use products like AMP, we have certain firewalls that also block certain things, the way they're configured. But overall, Umbrella, if we're talking about users on the internet, using sites or accessing different websites, is a big help in determining what exactly they need. We can go into Umbrella and help them understand why something might be blocked, or if they need to get into something, we can make certain policies within Umbrella. It's obviously just one tool out of the many that we have, so these configurations are pretty involved and even I don't know how they all work. It's divided amongst our team. For cybersecurity in general, it's great. It simplifies it. It's very useful in terms of the automation and how it blocks everything, and how all that stuff is interconnected. I would say that it is a lifesaver for us.

As somebody who is pretty familiar with networks and just learning everything, but being an inexperienced network manager, I would say that it makes the entire process very painless, very super simple to understand. In my experience, it's a nine out of ten.

In my previous company, there was a gap in being able to put controls on users when they were away from the network. We thought, "Okay, Umbrella can do this for us," and it was at a reasonable cost for our security budget.

With Umbrella, it didn't matter if the users were in the office or they were going to go out. When I trained them I said, "If you go to Target, Starbucks, or anywhere else you can get on a hotspot, you're going to be covered with our rules, so we can make sure you're protected and that our company device is protected."

It gave our users, from all of our sites, something like a first line of defense, including monitoring all the exit points of our offices. We also used Cisco AnyConnect on everybody's laptop so that any time they were out, we were making sure to secure their machine and keep an eye on it.

Having a single pane of glass allowed us to quickly monitor and find out what was happening at that moment. We could see active connections going to a public address on the internet. At one point there were so many of them, thousands and thousands to one public address, which was more than normal. I had to contact Cisco support, and say, "This is what I'm seeing. Something's not right," and they said, "You're right." In the main screen, we switched over to investigation and we found that it was a bad actor. The bad actor was checking for domains that are flying around, and he found a few of ours that weren't paid for. He bought them and then he started controlling where they were going by redirecting them. That raised a big red flag for our company. They never had any idea that that had been going on for a very long time.

There were other bad actors who had some of our domain names as well. I had to work with legal and we actually purchased back a few domain names from people. As a result, we taught our guys internally, "When you do a domain and you're going to do tests in the lab, make sure that we put purchase orders in. It's so cheap, let's buy them so that we have control of them, and not allow this again." That was a big awakening.

Another benefit of Cisco Umbrella was related to our wireless. If we had a vendor come to our company, I'd have to get permission for him to use our wireless. I'd have to put in a ticket with his machine name, the IP he would have, and ask for a two-hour window. But I could tell that vendor, "In the same way that you are helping us with the product we purchased from your company, we're going to help protect you at no charge. When you get on our wireless, we're going to have it set up so that everything you do is monitored, just like everybody else here in the company. Even though you don't work for our company, you'll be protected and that will help protect us." They would stare at me, and I'd say, "I know a lot of companies don't do that, but we're doing that because we want to make sure you have a good experience and that we have a good experience by staying safe."

I was able to make use of Cisco Umbrella because it acts like a proxy. The company also had content security, which I used on-prem with Blue Coat products. Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do.

The single pane of glass management was one of the really good features. From that single pane, not only could you look at what was happening security-wise, such as what was being blocked by domains and IPs, but you could check for your roaming users. With a deployment of AnyConnect, or just the Umbrella agent, on 5,000 machines, you could watch the main glass and see how many roaming users were out there that had it on their machines. And even if they were in the office, it was always active, talking to Cisco's cloud.

You could see numbers. I was able to watch, as we were deploying, how many people were getting the agent. I could see activity such as how many blocks we were getting, what types of blocks they were, and whether they were in categories. I would ask why those users were going to those categories that they shouldn't be going to. Maybe we needed to just refresh them with an email saying, "Hey, remember, we don't do this kind of thing."

Cisco's Umbrella client product is superb. It worked so well for us and was easy to deploy.

The design of the screens could be improved. Sometimes you're trying to look for information, for what you think is critical that should be on that first screen of the dashboard so that you can quickly take screenshots to have people help out, but you have to hop between screens to find little pieces of evidence.

They should work with their customers to find out, when they're troubleshooting, if they're going through multiple screens just to get little pieces of information. Maybe they could design an overall security screen for an event and pull that stuff in so that it's on one screen, rather than having to go search for it. Right now, you're always going back and looking on the left-hand side, going down the column, and trying to remember where something you need is. You have to click all over the place to go find what you're looking for.

I used it at my previous company for about four years.

It was always up. We never had any problems. It was always there.

Scaling was very simple. Since we were using a VPN, we had Cisco AnyConnect on all the user machines, with Umbrella built into it, and that deployment was just blasted out and it was seamless.

The Cisco Umbrella support group was wonderful; very strong. I loved it. I never had one issue with them. They were willing to be there with us, and walk us through things every bit of the way.

Positive

We didn't have a whole lot going on in terms of security and when I got a new manager, he asked, "How do we protect the people when they're out in a store?" That's when we saw that's where the flaw was. We were protecting everything on-prem but the gap we found was that when users were traveling around, we were not seeing where they were going. We were holding them to a standard internally, but when they were outside they were doing whatever they wanted.

What a simple product. It's a fast deployment. Then, you can start designing how you want to do your policies and what you're going to block. But once we told them what public addressing they were going to see, within a few hours we would see them go green. We said, "It's already seeing the data. Let's start applying policies, and we can start controlling all this."

We looked at metrics. As I mentioned, one of the benefits we received was finding the bad actors who had collected our domains that weren't paid for. That helped us to put the magnifying glass to use and say, "Hey, we have something going on." 

I also worked with an outside company that Cisco purchased. I sent them our data from Umbrella and they actually mapped out our data and found bots on our network. There weren't many, but there were a few. The guy shared that with me on the screen and said, "If you buy the service to have us be part of your Cisco deployment, we'll take your data, continually analyze it, and give you reports." 

There was one bot in particular that was just sitting there. The guy at the other company said, "That bot that you're seeing, it's asleep. Look again in a few hours," and it popped up. He said, "It just woke up at that point to try to do a command call." He said, "But we're blocking them, so you're not getting any threats." We didn't know that we had bots in there, and that was a big benefit.

I also had to run numbers for reports. One of them looked at our category-blocking on Umbrella, such as blocks of alcohol sites, social media, weapons, government. I would provide monthly reports to show how many blocks we had from our users trying to go to these types of categories, and it really woke up management: "Wow. That thing is blocking." 

Our investment in this worked, and we were showing it by numbers. It wasn't only that we found bots and bad actors, but we were also controlling things  by blocking phishing and categories. It was protecting us and no one was able to get past those blocks.

The pricing was marvelous. We only had to pay for licenses and they worked a very nice deal with us. It was a much better way to go because it was within budget. It was an easy cost for us to handle.

We did not evaluate any other options. We invited Cisco to come in and do a demonstration, and it was so strong. I also come from a Cisco background of many years. In addition, the industry reviews rated them very well and we took that as our lead.

When they came in and showed us what they could do and how easy it was to monitor every one of our sites within a day, after we put in our external public addresses, it was a no-brainer. It was up and live by the next day, after just a few hours. It was easy to use and set up and we could use it like our internal proxies. We could manage the content and know what was going on and investigate things. We knew what sites people were going to. It was wonderful. Everything we needed was there. We didn't have to go any further, and we knew Cisco would have our back.

All the users understood why we were putting the security control in place, to show that not only were they going to be protected at work on company-owned devices, but whenever they would go outside, we were also going to help. We had to mitigate the chances that they would get something on their machines and make sure that we stopped anything that shouldn't come in and affect our network or expose us to anything.

With Cisco Umbrella, employee morale was very high. We hardly had any complaints at all. One of the reasons is that, when doing regular security troubleshooting, we would go to Umbrella as our first line investigation. We might find a domain or IP that was being blocked by Cisco, something they consider a risk. We would check it out and if it didn't look to be bad we could bypass the block and allow that AD group or set of users to go to that site, because they had to do business as usual. With that ability, we had very few problems, if at all. Overall, it was smooth, with everybody happy, including management. They were happy that we had our first line of defense and that it worked out very well.

I introduce Umbrella to any company that I'm involved with. Cisco is already taking the correct steps right now, as a CASB for any cloud activity as well as DLP. Once they circled around to help companies with protection when they move to the cloud, that was the right direction. I'm not using Umbrella every day anymore, but I'm a proponent of it as a first defense for your company at a reasonable cost. And you don't have hardware to manage. You just rely on Cisco, get your support contract, and work with them to have them help fix things.

I'm a firm believer in Cisco Umbrella and I would definitely use it everywhere I go. I'm speaking to companies in the health industry and telling them, "Guys, you can't just have four people working on security and think you're going to do everything in the world to protect your hospital. You're going to end up on the news." I try to introduce them to this type of solution, to at least have something there to mitigate and help out.

I had implemented Cisco Umbrella at a previous company. I'm now working at another company where I'm not using this solution. We've got another solution here.

The policy of the company was to make sure all outgoing traffic was sent through a filtering service, and OpenDNS, and then Cisco Umbrella, was chosen for that purpose. Once it was taken over by Cisco Umbrella, it had far more capacity and far more functionality written into it. 

In terms of the deployment model, I just used Cisco services. It would be through Cisco's private cloud. My site wasn't big enough. So, I didn't deploy the Cisco service on-premises. 

It was really valuable to me in protecting the outgoing data of the company. It was good for reporting. Every computer had the Cisco Umbrella program installed. So, I had good reporting on any issues related to outgoing data, such as whether there were any phishing or dodgy sites connected. It protected that part of the business.

A combination of Cisco ASA, Cisco Umbrella, and Cisco AMP connecting to the SecureX portal gave me all-around security for the site because they all reported into a central reporting server. If there were any issues, I could have got full details, even if a crypto locker attempt was made. I never had any security incidents that I'm aware of. So, it was a very effective tool.

It kept itself updated. So, I didn't have to worry about continuing to push out new installs of the program.

I felt safe, supported, and secure, and so did the owner of the company. It worked silently in the background, and no one else really knew it was working on their computers. When we went into lockdown with COVID, I was happy knowing that all the computers that left the business had the app installed and were going to be functioning securely. We got no viruses and no issues on any computer on the network, which is quite unusual. A lot of other people or a lot of other companies I spoke to reported that they had quite a few issues.

It worked 100% in terms of applying and maintaining network connectivity consistently across all workplaces. We never had any issues. The only issues we had were when sites might have been blocked because they were suspected of being within a filtering group. It would report back to the user and say, "This site is currently blocked by your administrator. Please click this button. An email will be sent to your administrator, and they can resolve the issue." I would then get the email, and I'd look at the site, and then I'd release it through whitelisting. It was very user-friendly in that regard.

It certainly helped to remediate threats more quickly because I was able to stay free of any virus outbreaks. It definitely locks out that part of the transmission where the virus will go out and attempt to download a package.

It worked silently and didn't use too many computer resources. It was really silent in its operation on the network. It had a really good impact on me. I'd love to put it in my new company, but we've gone down a different pathway. That's being resolved through Office 365 now, and I'm not proposing to change that technology.

I wanted to ensure that all outgoing traffic went through Cisco AMP servers. So, if we did get a crypto locking incident or any malicious sites that wanted to direct traffic to particular websites, they would be unable to do that because they would be blocked by the Cisco Umbrella DNS servers.

It also did website filtering for preventing access to porn sites and gambling sites. It had all other standard features. It had a good section where you could whitelist and blacklist websites.

I was able to implement it myself. It was really easy to install. You could install it on a server locally if you want to. If you have the biggest site, you would do that, but for my site, it was just directing all the traffic out through the Cisco Umbrella DNS. It was really handy. When the owners of the company went overseas, I knew that they would be secure because even if they were not on the company network, they would still go through the Cisco Umbrella servers. It was a complete solution for protecting the company with outgoing data.

The other useful feature was that if we were to get a malicious actor onto a server or service running somewhere, it would still have to go out through the Umbrella servers. So, it would more likely be blocked through there. It had multiple features that were super handy.

It had the ability to do a lot of app control. So, every single app that went through that portal was registered, but there is a general issue with the whole app control. As soon as you add a mobile phone to your network, all of the apps get registered through the system, and you can approve, reject, or just let them go through. When I looked at it, it was impossible to manage app control. There was just so much data. I didn't apply that service because I just didn't have the time to manage it. It would be good if there was a way to categorize applications. However, that's dangerous too because you can be turning off an app in a group because you don't know what it is doing. It could be a vital company app. So, App control is the main area in which they need to keep working.

Originally, Cisco Umbrella was called OpenDNS. I have used OpenDNS and Cisco Umbrella for about six years.

It is very stable. I never had any issue with it.

It is highly scalable. You don't even have to install it on your computers. You just change your DNS, and it'll start to work internally immediately. I never had any issues with performance or anything like that. I'm sure it would suit larger companies as well, but larger companies would install their own Umbrella service on their own systems and deal with the capacity that way. So, it is very scalable.

Their support is good. They always got back to me and answered issues. They showed me how to do my own debugging. They were always very professional and helpful. I would rate them a 10 out of 10.

Positive

We previously used proxy servers, but I wanted a more modern interface, and that's why I chose Umbrella.

It was super easy. I'm a general IT person, and I was able to deploy it. I read the documentation, changed some settings, changed the DNS on my servers, and then rolled it out to the team. It was a pain-free implementation.

I deployed it. It was pretty intuitive. I didn't have a consultant help me. I was able to implement the solution myself and manage it myself. That's a really good rating for an application. There are different systems you get to manage these days, and you can't have training on all of them. Because I rolled it out, I knew I rolled it out properly, and the system was working effectively. It was good. I liked using it.

The return on investment was that we kept the company secure. Nothing happened, which is the ultimate return on investment.

It was a little bit expensive on a per seat basis, but the company I was running was only a midsize Australian company, and it was a reasonable budget per computer for that system.

It started off being a free product, and then Cisco bought it, and it went to a reasonable price. I was using Cisco AMP as well. So, my per computer cost was reasonably high, but for a small company, it was within an acceptable level.

Not having reviewed other systems, I can't tell how they compare, but I know that when you do special security licensing with Microsoft, it is on par. So, it is probably standard within the industry.

At the time, we were using OpenDNS, and then OpenDNS went to Cisco Umbrella. Because we'd had such success with OpenDNS, we just stayed on with the product. So, I didn't evaluate any other products at that time.

It is just another layer that you need to wrap around your company to keep it safe unless you could just shut off that possible attack vector from external parties.

To leaders who want to build more resilience within their organization, I would say that they've got to keep doing it, and they've got to keep working on it. I'm constantly looking for better ways to secure the company. Cisco Umbrella would be a very useful addition to their set of tools. 

A part of my plan in the long term was to implement the full suite. I never got around to that, but it was really good to know that I could go right down to app-level control. It was a very successful product, and I'd certainly recommend it to any business looking to just add another layer of security around their company.

In terms of providing a single pane of glass management, security does involve multiple systems, and I could log them all into the Cisco SecureX system. From there, I could get my single point where I could resolve issues with viruses, et cetera. So, in itself, it was a single pane of glass for DNS protection. It was fine, but I don't think there is ever going to be a single pane of glass anywhere. You're always going to have many different systems that you're using, but overall, it had a lot of features. It did the job it needed to do.

I would rate it a 9 out of 10. It is just app control that I want them to develop more.

We use Umbrella to front-end all of our DNS requests and that way they protect any of our end-users from going to any kind of malicious site. It doesn't matter if they're in-house in one of our locations, or if they're remote and working from home. That was the biggest part was the fact that we could protect our end-users, even when they're not in the office.

We were actually trying to solve other challenges, which included just to protect the onsite, but once COVID hit, it pretty much made it a very easy transition for us. At one point, when COVID was at its highest peak, we had everyone working remotely. We didn't have to worry about how we were going to restrict our access on the internet, because Umbrella was already handling that for us.

It made us more secure, which is a very important thing for a financial institution.

The support for hybrid work was the biggest thing. It protects our users, whether they're in the office or they're out of the office. We get the same policy in both locations. We can assign policies based on individual group memberships and it travels with them no matter where they go. It helps no matter where they are.

Since it's based on user DNS requests, it's right from the endpoint all the way through the network to be able to identify those locations and restrict access if necessary. It's not just the malware sites, which is very important, but it's also just content in general. There are business reasons for restricting access to certain content.

Since we implemented Umbrella, we are seeing a fairly significant amount of threats being blocked. A good 20 percent of all the activity, on average, that we see is actually being blocked by Umbrella, because it's either violating policy or it's some kind of malware.

Both monitoring the activity, so that we can investigate anything that may pop up, and the ability to restrict the access, or filter out what content end-users can view or go to [are valuable features of Umbrella]. Also, the fact that it blocks them from any known malicious locations.

It works really well and the best part about it is the fact that it's transparent to the users until they try to go somewhere that's either restricted because of content or restricted because of the fact that it's malicious. Then they simply get a popup and that's all there is to it. So from their perspective, it's very easy. They don't have to do anything in order for it to work.

There is a single portal that we go to that handles being able to set up policy, look at activity, or even manually add sites that we think that we want to restrict, even if it's not considered a particular category or a particular malware. The single-pane-of-glass management is very important. We have a very small team. We can't spend a lot of time going from product to product to product to either investigate or set up policy. We need to have one place that we can go to and set everything up.

It's really easy. It's an easy portal to go to, it's cloud-based, so we can get to it from anywhere. The ability to set up the policy is pretty straightforward. There are a lot of tie-ins with other products, like SecureX and other things, that make it just as easy.

It's cloud-based, so as long as you can get to the cloud, you're golden.

The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical.

I have been using Cisco Umbrella for about four years now.

It's been extremely stable. In the last four years, I do not recall a single outage. There has been nothing that I can think of that actually affected the performance of the system at all in the last four years.

We've never had an issue with scale. We've scaled it up to every user that we have in-house. When we deployed the gateways, we deployed two for HA purposes, but from a scale perspective, it's DNS queries. It doesn't take much. Our whole organization is on it.

Support for Umbrella is very good. There's a way to contact them directly from within the portal and we use that periodically.

I give them about a nine out of 10. There are issues with Cisco's tech support, like all the rest of them.

Positive

Umbrella was actually the first [solution we used in this area]. Once we discovered that that was a big hole we had—we didn't have anything that was controlling content for our internal end-users—we could run into problems with regulation, problems with compliance. It could run into issues with HR, as well as security issues associated with malware. We knew it was a hole, that we were missing. Umbrella filled that hole for us.

There were two pieces of the deployment. One was the cloud deployment, which got us set up in the cloud to begin with. We also had gateways that were installed on-prem, in-house.

We were able to get the gateways up and running in about an hour. The cloud deployment was all done by the Umbrella organization on the back-end side. To deploy to the end users, all we needed to do is set up a policy that said, "This is what you use for DNS." Once that was set up, we were done. Deploying that was done in a group policy and that group policy was pushed in a matter of minutes. The entire solution was probably deployed in just a few hours.

We did it all ourselves. Cisco handled the back-end side with the portal itself, but the rest of it, we did ourselves.

I think we got our return on investment within the first month of its use, because of the increased security that we had in the organization; the ability to have a product that is protecting our end-users. We do educate our end users today, but Umbrella doesn't require us to go through as in-depth an education process to say, "Okay, you're going to have to do the research. You're going to have to figure out what sites are bad. You're going to have to figure out where not to go." We don't have to do any of that. That's all handled by Umbrella. We just need to let them know that we're protecting them on the back-end side.

Its value exceeds its pricing.

We looked around to see what was available. There were a lot of content filtering solutions available, but one of the things that Umbrella brings, in addition to content filtering, is that awareness of known threat sites. Their tie-in with Talos, Talos being that organization that does all that research and feeds that into Umbrella, means that we not only have known malware sites from six months ago, but we're getting feeds from Talos within hours.

The impact on our employees' morale has been good. Anytime the employees understand that we're doing something from a technology standpoint to secure the organization more, that makes them happy. It's something that they don't have to concern themselves with as much and it improves morale quite a bit.

Resilience in cyber security is extremely important. We're a financial institution, so cyber security is very high on our organizational goals, all the time. Making sure that cyber security is resilient against any of the latest attacks that are coming out is extremely important. It's a constant thing. Cyber attacks are increasing every single year. The methods that are being used are increasing every single year. If something were to happen, not only would we have a financial impact, but we have a reputational impact. For a financial institution, a reputational impact could be just as devastating as a financial one.

Umbrella helps us with that overall security. It gives one less attack vector for the bad guys to get into. We're protecting those end-user devices and we're protecting those end-users from going to places that could be malicious. The fact that it's doing that for those end-users increases our overall security without us having to rely specifically on end-user education in that particular attack vector.

For leaders who are looking to increase resilience within their organizations, I would say that what is necessary is to do as much security, in-depth, as you can. That includes using Umbrella to protect your users and using lots of other security products and being able to secure every aspect of your organization.

I would rate Umbrella absolutely a 10 out of 10. It's literally a lifesaver when it comes to being able to protect our endpoints.

I had an agreement with OpenDNS which was the original owner of the solution, and I was selling it as an MSP. In Spain, I offer it to a company called Ares Capital. At the start, it was designed to filter URLs for sites that management didn't want the people to access, such as adult sites and social media sites that may cause a loss of work time. A few years later, the solution introduced the ability to filter malware sites. We used that not as an accessory characteristic, but as the main characteristic. We moved from filtering unwanted sites to filtering malware and virus-infected sites. We still use some filtering for unwanted sites, but mostly for security reasons.

Cisco Umbrella was designed to allow hybrid work. When the COVID pandemic started, we didn't have to do anything at all because the computers were already set up for remote work. With Cisco, it doesn't matter where the computer is as long as the computer is using the DNS servers that Cisco Umbrella works with. If it's part of a laptop or wherever you are in the world, it works exactly the same as being in the office. 

It is very important the solution provides a single pane of glass management for our organization in order to help manage the complex software and programs that companies use. This saves a lot of time for managers.

The single pane of glass management optimizes the user experience by allowing the user to access restricted sites much faster and easier from a centralized location.

Cisco Umbrella helps us remediate threats quickly. The solution doesn't work with our internal network, it instead works with the DNS servers that are located all around the world. This means Cisco Umbrella doesn't have any effect on our network whatsoever. In fact, Cisco Umbrella is totally different from other solutions that are locally based, which filter on routers or firewalls. The solution acts as an outside firewall. The rules that are set up on the Cisco Umbrella management site affect the connection between the computers everywhere, but it doesn't slow them down.

The employee morale has improved with Cisco Umbrella because they don't need to be as cautious when visiting sites knowing that the solution is taking care of their security for them. The only thing that could happen to an employee is that they may need to access a site that is blocked and they have to report that blocked site. When a site is blocked for an employee, a page appears on their computer and they can report that blocked site from there. The employee can send the administrator a direct message requesting access. A blocked site occurs infrequently and the administrator can unblock the site quickly.  

The most valuable feature is the ability to filter malware sites that could infect clients or allow them to download infected files.

Cisco Umbrella is one of the best solutions in the market because it's very simple to use and very simple to set up. We require some knowledge of filtering rules, but it doesn't take that long to get familiarized with them. We can manage all the working locations, even if they are far away from a single point and the solution is easy to use. The vendor is a pioneer in the central management of security compared to other antivirus companies.

Cisco Umbrella provides a single pane of glass management.

 Cisco Umbrella doesn't slow the network down because it filters outside of the network.

Cisco Umbrella is not a solution that we can rely on for everything, but for the cost, it is a valued layer of defense that we can depend on. Cisco Umbrella's resilience complements any antivirus solution well. The main advantage of Cisco Umbrella is that it stops attacks from happening before they reach the antivirus solution.

Cybersecurity resilience is important to our organization because we provide software-driven services. We need to contact people from all over the world, We need to be able to navigate through many different sites safely. This gives peace of mind to our customers. We visit thousands of websites every year and it is important to have a solution that takes into account that we are not visiting the same websites repeatedly.

The rule-making process for blocking sites or for blocking characteristics can use some simplification. For example, types of malware. This would make it easier to use because it has a learning curve.

There is a possibility of creating users that have explicit permissions to access sites that nobody else should access. This process can be cumbersome and it would be helpful if there was an easier way to create users and assign roles to special users.

Cisco could ease the process of defining the number of licenses and the price considering the number of licenses we require. Currently, we have to get a quote for anything over 100 licenses.

I have been using the solution for ten years. Before the solution was acquired by Cisco it was OpenDNS Enterprise.

The solution is extremely stable. 

Maintaining network connectivity is very easy. We have not had any downtime in over 10 years. Cisco Umbrella doesn't work directly through the network. It works with the DNS servers that are outside of the network. The network itself doesn't affect it at all. Cisco Umbrella doesn't affect the internal workings, hardware, software, switches, or routers. As long as we have set up the DNS correctly in the computers, either locally or through Active Directory, everything works no matter what happens with our network.

The solution is scalable. We started off with around 40 computers and now have over 200.

I contacted technical support two or three times by email because I had doubts about a rule, but it was pretty straightforward. They responded back within 24 hours. I'm not sure if we can contact them now by phone because I have only used the email method.

Positive

Previously, we were using an antivirus company for antiviral protection. The problem with antivirus is that it's reactive. It does not proactively avoid infection. Cisco Umbrella is proactive because it blocks sites before we may get an infection. We don't react to infections; we proactively avoid infections. Although there are solutions now that do the same, Cisco Umbrella was the first to market.

The initial setup is straightforward and only required one person. Setting up the solution usually takes between 30 minutes to an hour. However, the rules are always changing, so we never truly finish setting it up. We're always changing the configuration of the sites by blocking or allowing or adding new sites to the blacklist or whitelist. 

To change the local DNS settings to use the Cisco Umbrella service, we only need to make a few changes. If the computers are connected to Active Directory, we can deploy the configuration through Active Directory so we don't have to mess with anything else. The solution is based on the cloud, so we get a lot of detail and granularity in what sites the computers can access. However, if we want more detail, we can install a small agent on the computer so they can report to the servers.

The implementation was completed in-house.

We have definitely seen a return on investment given the low cost of the solution.

Cisco has a set price for a single license up to 100, but whenever we get over 100, we have to ask for a quote. Sometimes requesting quotes makes the process a little harder because people's trust waivers when having to ask for quotes. We want to see the prices upfront.

I give the solution a nine out of ten.

The solution is very good, one of the best in the market because it is so easy to use and so easy to manage even from far away distances. The company has four locations, one in Madrid, one in Valencia, another in Alicante, and one in Barcelona. The solution allows me to manage all the sites from one location easily.

Given the rise in attacks and virus infections all over the world recently, it is important to have layers of security. The less intrusive solutions are better for us. I believe that Cisco Umbrella is a solution that everybody should have because the solution is easy to set up and manage. Cisco Umbrella gives us peace of mind, which is why I believe it is a great solution. I had problems in Spain when I tried to set up Cisco Umbrella for other companies but this was because people didn't know about the solution or trust it as much as they should.

Initially, we implemented the solution for the central branch in Madrid, and after that, we implemented it in the regional branches. We then differentiated between departments, and in the end, we were managing departments and offices.

We use Cisco Umbrella to secure our gateway. All of the DNS forwarding coming out of the company from any site or all the DNS requests are forwarded through Cisco Umbrella, and then they determine if that is a safe address and if the content coming back is safe. They will either reject the addressing out of hand, or they'll look at the Layer 7 content and reject that from making it back to us.

We are using the Secure Internet Gateway (SIG) Advantage package. In terms of deployment, effectively, it's deployed from our private cloud. It's in our data closet on our servers.

It enables us to finally allow laptops to be used as workstations and allow data to leave the building. In the past, laptops were only used for VPN access, but they would connect back to their data inside the company. This has allowed us to have a level of confidence that they're protected as if they were behind our firewall. So, now, we've got work-from-home people who literally have their workstations with them.

We have six sites with 60 to 70 users. The baseline configuration allows for additional protection for any DNS requests as they leave those sites, and then the secondary policy is for the mobile devices as they leave the premises. When they're connected to public WiFi, they have an additional policy that kicks in for that time that they're not connected back to the company. So, when they're on public WiFi without a VPN, the tool will actually put that second policy in place that's more aggressive and offers a higher level of protection when it's not sitting behind the firewall. All that is automated. It's all built into the agent.

We don't allow WiFi inside of our network for connection to our actual business network. As soon as a device is docked, it disables WiFi on that mobile device.

When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances.

There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad. I can't geofence out. I can plot top-level domains, but .com and .net go global. I can certainly block a China (CN) or a Russia (RU) domain, but that doesn't give me the same level of granularity. 

Apparently, Cisco Umbrella has got that as a feature request to allow an administrator to say, "I specifically only want traffic to and from these countries. Everything else should be dumped." That way, when they're sitting behind my network or they go out in the wild, they have that same level of traffic being blocked.

I have been using it for 14 to 15 years.

We've had no issues. It has done exactly what it's supposed to do.

It is cloud-based. So, scalability should not be an issue. 

Any increase in its usage is all relative to the growth of our staff. Currently, we deploy the laptops for people who need to work from home or are traveling between the banks. That's roughly about 20% of our total staff. Some people aren't going to be working from home, and some of their jobs can't be done from home. They have no need for mobile devices. If there is a need to work from home, its usage will increase. It is there if we need it to scale, but at this point, it is not scheduled to change.

Once I became a paying customer, it was much better. The preliminary training is there, but when you get into the nuances and the details of some of its capabilities, you need to talk to tech support. Once you're a paid customer, you get direct access, and then it's good. When I'm able to get a hold of them, their technical support is a 10 out of 10.

Positive

I didn't use any similar solution previously. 

I was a hundred percent involved in its deployment. We had a couple of issues. The proof of concept was done without a lot of planning. So, there were some mistakes made along the way. If I was doing it again the second time, I wouldn't make the same mistakes. 

The default configurations have your baselines. Those are never supposed to get changed, and I changed and tweaked those for our proof of concept. After a couple of weeks, I had some additional guidance from the Cisco Umbrella team. You leave the baseline configuration, and then you clone and create a new configuration that sits in front of it. So, everyone gets the baseline, and you don't change that. If you want to change it, you make a new policy and then make the changes to that. If you change the baseline default policy and you make a mistake in it, you've to back that all out. If you make it in the new policy, in the worst case, you just delete it, and automatically everyone goes back to baseline. So, there's still a policy in effect. That was a training issue that should have been resolved. Now that I've done it, if somebody asks me, I would say that this is the way you've got to do it.

It was just me taking care of its deployment. In terms of maintenance, once it's configured, unless you're retweaking and adding or removing something that was blocked, it pretty much runs itself.

I have less maintenance to resolve, fix, and reconfigure VPN clients personally, and the feedback from the end-users is that they're more productive.

We were using the free version, and we implemented the paid version about two months ago.

I'm paying a fair price, but everything is negotiable with Cisco. One of the benefits that I got by having Cisco Umbrella is the licensing of the Cisco AnyConnect VPN client. There has always been an issue for years and years with Cisco Meraki in terms of VPN clients and using the native built-in Windows client. It keeps reconfiguring itself. By using Cisco AnyConnect as the VPN client, it's not affected by Windows patching or people typing in passwords by mistake. It's more resilient and doesn't change. With just Meraki solution, there was an extra expense for the Cisco AnyConnect VPN client. By having Cisco Umbrella, that licensing is now included.

There were a couple of other options, and I discussed them with another consultant. As a regulated industry, we have to do vendor management, and vendors have to be vetted. So, Cisco was already a vetted vendor. There are other companies that do the same thing, but Cisco didn't require me to do any more vetting. They were already a vendor.

When it's configured the way it's supposed to work, it turns itself on and off based on the status of the VPN or the dock condition. Once it's configured, it does exactly what it's supposed to do. 

If you're doing a proof of concept on it, fully understand how the policies are configured and what the flow is. You should understand the hierarchical status of the policies to configure it right the first time. You don't really want to guess it.

I would rate it a 10 out of 10.

We use Umbrella to monitor user activity and make sure that our staff isn't clicking on malicious links. We also use it to protect us by being more proactive on links that are already known to cause harm or potential hacks. Overall, it's keeping everything in a safe box.

We had a lot of challenges with staff clicking on ad links, random Google search links. Most staff want to shop during the day or in their downtime and were clicking on random links and then causing potential network issues, bugs, and causing network downs. Umbrella has helped us limit that.

It has provided our organization with more stability. Even though staff would like to shop using certain links, it gives us the option to educate them: "Hey, some of these links, just don't click on those." We are pretty lenient. We understand people want to shop and do other things at work. We try to keep it work-related, but safe.

Everyone really just wants to be able to click and do what they do, just like at home. But for the IT side of it, it does benefit us by limiting all of the extra activity. It does give us some comfortability that we aren't going to wake up, or even come in in the afternoon, and the whole network is down because someone went to buy some shoes or they clicked on a malicious email and caused a chain reaction.

It's very important for our organization to support the hybrid workers because we're a health clinic. A lot of staff are going to be away, but with the COVID numbers still out there, we want to be able to provide the same support that we did before COVID. We want to give the same flexibility, the same availability to our patients, that we had in the past. Being remote or having hybrid, it does give us a different range of opportunities to implement different workflows. They can reach out with more telecommunication, more video conferencing, rather than having a patient drive out to a site to seek support. We can do remote assistance and, with Umbrella, it still gives us the opportunity to be secure through those communication links.

We don't really have metrics at this particular time for it, but just [anecdotally] from past troubleshooting, having to diagnose maybe five different areas, this saves us a lot of time and a lot of effort in isolating the actual issue. We can just open up Umbrella, go to the specific area that we feel is impacted, or just look at one of the key dashboards that are on the portal and identify the issue.

It's very easy to maintain network connectivity with Umbrella. Before, we were having a lot of issues, but since Umbrella has been implemented, we really haven't had to touch it. It's kind of self-sufficient.

The solution is a lot more proactive. It does have its own features where it constantly uploads known threats and blocks those. It takes a lot of the guesswork out of our environment, but it also gives us an opportunity, if there are some questionable links, to diagnose those without it impacting the environment.

The best feature is the visibility. We're able to see the specific user names of whoever clicked on a certain link. It also gives us a threat detection level. It allows us to maintain more [awareness of] who's doing what they shouldn't be doing. The most valuable asset of it is giving us the ability to categorize who should have access to what type of sites.

This solution does give us a single-pane-of-glass for this particular instance. We do have several products implemented that we manage, which this hasn't integrated with yet, but we have just been made aware of the SecureX implementation and we are looking into implementing that and bringing that into another single-pane-of-glass, but with more options available.

A single pane of glass saves time. It saves effort and the headache of having to open up multiple links and go to different dashboards for troubleshooting different areas. This does have a lot of options available for us to see who's doing what, what trends, what errors. We can set up our alerting through it as well. It is definitely a great dashboard.

The dashboard, the single pane, is very helpful, it's very visual. Everything is straightforward there; it's definitely important for management. Even when we bring it to upper management and explain why this product is beneficial for us, this gives us a good breakdown and makes a lot of details available for us.

So far, I haven't seen any areas that need improvement. As far as what we need it to do, it's doing just that. It's comfortable for us. It's working beyond our expectations. Something on our end that might make it better is alerting going to our ticketing system. It's not something that we have discussed, but that would be a proactive option for us to provide a learning experience for the staff.

We've had Umbrella implemented for about two years.

The stability is very great. Once it's deployed and you do your due diligence to make sure that everything is communicating and in sync, we've hardly had to touch it.

For our environment, it doesn't seem to have any issues with the amount of users and staff. We have been constantly growing since we deployed it without any impact. No negative impact is forecasted.

The support has been really good. I have only had to utilize support about three times. It's been more of a training area: "How do I get to this area?" and "What does this actually do? How can this benefit me?" From there, it still has been stable and smooth and doing everything that we expected it to do.

Positive

We had a different overall firewall solution, which was a Sophos firewall. But since we migrated away from that, we implemented the Firepower firewall and, in addition to that, added in Umbrella.

The reliability wasn't really there, with Sophos always having issues, even from the endpoint perspective. We had issues across the board and it was management's decision to look into a new solution.

We just did one deployment through a virtual machine and that manages all of our routers and all of our users. We haven't had to do multi-site configurations or deployments. It goes towards the organization, uploads all of our users, and all of our statistics, and maintains things from there.

I'm not sure of the actual cost that went into it, but it's definitely a productive product for us.

The solution doesn't require almost any maintenance, unless you're doing triple checks, upgrades, or just being proactive in different areas. But for the most part, once it's deployed, you just give it about a week or two to check your levels and make sure everything is the way that you intend the product to work.

As far as the IT infrastructure team goes, we're all happy with the product. It definitely takes a lot of load off of our plate. We don't have to deal with certain sites being blocked. We have been able to set expectations, where these particular users have access to these types of sites, and certain sites are just blocked. That's just the company standard. From the staff perspective, they want to be able to browse freely, but we were able to set those expectations and guidelines and that we're working in the best interests of the site.

I'll rate it a 10 out of 10. It's been functioning very efficiently and effectively, and it's doing everything we need it to do. It takes a lot of load off of our team.

As a Cisco partner, try to test things on our own before we position the product to our customers or educate partners on it. So, the primary use case was to test things out and to be our own first customer. We started using it internally for our own purposes to secure our access to the internet with Umbrella.

We use Cisco Umbrella to secure internet connectivity and especially to focus on the threats introduced through web browsing. This is because most of the applications the workers use are browser-based.

The traffic, by default, is typically encrypted with HPS, and we use Cisco Umbrella to get more insight into that traffic. The classical security appliances have very low visibility into them. This is where we see Cisco Umbrella have the most traction.

In general, it increases the security level. It helps us prevent threats from being accessed. Also, the visibility into internet bounce traffic is increased. So, in general, it increases the overall internet security of the organization.

One valuable feature is definitely its simplicity in terms of deployment. It is very easy to integrate it into the environment without any heavy lifting. Users didn't notice that we implemented it. You can start with a very low monitoring mode and start observing what Cisco Umbrella sees.

In terms of helping workers feel safe, secure, supported, and included, the solution is pretty transparent to the end user in most cases. They don't necessarily get any confidence from it, but it's supposed to be that way. It's supposed to be as transparent as possible. However, when the end-user accesses a site that is blacklisted or treated as potentially suspicious, he or she will see a warning displayed. This gives them additional confidence that somebody else is taking care of the details and that they can confidently browse around. If they come across a suspicious site, they know that they will get a warning or advice on how to proceed.

Cisco Umbrella supporting hybrid work environments is important. Within our organization, even before COVID, a lot of us worked remotely from time to time. For companies that we work with, it has become a reality with COVID. Before, everybody was working on site, and now, that's no longer the case. It is important to have flexibility and know that even if we work from home or from another place we're still secure.

For all Umbrella-related things, it does provide single-pane-of-glass management, but it's one component. If I look at the typical employee, he is only one piece of the puzzle. Other solutions, like, for example, AnyConnect for remote access, are managed separately. For Umbrella-specific items, it's a single interface for management. For monitoring, policies, and troubleshooting a specific case, everything is in one place. I don't need to go through the logs to know where to look.

My organization is not very large, and I'd say my colleagues are pretty proficient. So, it's not a high priority to have single-pane-of-glass management, but it's always good if solutions are capable of integrating together. If by enabling single-pane-of-glass management the workflow is simplified and the day-to-day operations are a little easier, then that's something we definitely want to benefit from.

The administrator user experience is definitely optimized by single-pane-of-glass management, especially if the personnel are busy. Then, it helps if all the relevant details are in one place.

In terms of maintaining network connectivity, Umbrella on its own is pretty user-friendly. It is easy to set up and maintain. It's one of its strong suits.

For the branch and campus, it's very simple to apply and maintain network connectivity. For the home environments, there are options to integrate it into the employee's PC as well. Cisco Umbrella supports different methods for different environments so that you can achieve the level of implementation that you need. It's where it should be.

It's very efficient in securing the infrastructure from end to end so that we can detect and remediate threats. You can simply adopt it right into the environment, and you don't need to build the rule sets on your own. It utilizes best practices, and it's very easy to set up policies such as potential malicious categories on the internet, what you want to block, what you want to filter out, etc. It's very easy to implement those.

When you go through the reports, you can see what kind of threats were blocked. Luckily, we haven't had an incident where something got through and caused a security incident.

In terms of metrics on how Cisco Umbrella has been able to remediate threats, the numbers look pretty impressive. However, it's hard to assess how serious that potential threat really was. It's hard to put actual weight on the numbers to determine how meaningful those numbers are.

The value that resilience helps offer in cyber security is pretty high. Cyber security resilience is a high priority in our organization. It's important to our customers that we handle what we do for them in a secure manner.

I'd like to see this solution more closely integrate with other products Cisco has in its portfolio.

I would also like to be able to manage the identities, for example. If you define them in ISE, it would be good to be able to use the same identities also within Umbrella. It would simplify the use of multiple products within the organization from the same vendor.

I've been using it for about three years now.

Stability-wise, Cisco Umbrella is pretty robust. The uptime statistics are very high. There are, generally, no issues with stability.

Our organization isn't very large, but it's pretty scalable for larger organizations. At the moment, it's not a limiting factor.

Technical support is one of Cisco's strong suits. In my experience, the Umbrella team has been very quick to turn around requests. It's even been above average by Cisco's standard compared to the turnaround time for other Cisco solutions and products.

I would give Cisco's support a rating of nine on a scale from one to ten.

Positive

We deployed it by configuring local devices to redirect the DNS request to the SAS service Umbrella provides.

The solution is cloud-based. You just send your DNS request or your traffic to it. You can start with a monitoring-only mode. So for example, you can redirect the DNS request and start observing what Umbrella recognizes. Later, you can start defining the policies, setting up the enforcements, etc. You can very quickly get to the first results.

Actual ROI numbers are really hard to measure and determine. Generally, we see that customers who implement Cisco Umbrella and start using it tend to renew their licenses. They adopt the product, and they recognize the value it brings. I think this shows that there was a return of investment for them and that it achieved the desired level.

Licensing with Cisco can be a little complex, but I think it's comparable with that of other similar products. It's always hard to put a price on security, but the price is fair for the value it provides.

We're a Cisco partner, and we work with a lot of Cisco solutions. So, it was pretty easy for us to decide what we wanted to try and test. We didn't really do competitive selection and assessment, and it was pretty straightforward for us to go with Umbrella.

I would rate Cisco Umbrella at nine on a scale from one to ten.