Cisco Umbrella Reviews

Custom whitelist/blacklist/block page allows us as consultants to tune web content filtering for the SMB market.

OpenDNS supplements other security solutions to allow for blocking through DNS requests, which is common for malware to use to bypass other security mechanisms.

This product needs policy scheduling for enforcement by category. Notice in all the packages, there’s no scheduling. In the Insights or Platform package offerings, you can now essentially have multiple ‘policies’ per AD user or network group. What’s missing is that I still can’t set enforcement to block certain website use at this time of day or these days of the week. For instance, a company may allow streaming audio sites for music only for night shift workers to help them keep awake and versus dayshift workers.

I have been using the web-based, small-teams edition since 2007 (nine years).

We have never encountered issues with general deployment.

We would rate customer service and tech support after the Cisco acquisition a 5 out of 10.

We’ve used and deployed ZScaler, Websense, and other UTM-based blocking solutions. This product is not always the best if you need complex policy and scheduling, and other user soft-pass through authentication.

Initial OpenDNS setup is straightforward if you have a static IP address and you apply the DNS forwarders appropriately. This is literally a five-minute-or-less change.

We always implement for ourselves and for others in-house because of ease of use. Implementation-wise, companies should be aware that changing DNS forwarders might impact their global DNS operational needs. OpenDNS servers are also slower than something like Google DNS.

Pricing needs to be reduced for SMB based on the blocking capabilities and the lack of other features that you just cannot do in DNS, such as authentication-based filtering.

Also, scalability-wise, the pricing is more of a challenge for enterprise-class environments because of the pricing model.

OpenDNS is either a good complement to your existing web content filtering solution at the enterprise level, or it is a good free or easy-to-deploy alternative for home and SMB use.

It transparently protects users from rogue web sites.

OpenDNS filters DNS query/reply without any software to be installed on the client side, so in my mind, the transparency I was talking about relates to:

• No changes on the client side required, i.e. software or configuration changes
• The complete communication is not proxy’ed as such, only DNS query/response filtered.

It provides native integration into the multiple cloud services, for example, Microsoft OMS.

I used it during a two-week POC (proof of concept).

I have not encountered any deployment, stability or scalability issues.

Technical support is good.

This is the first time we used one of these products, one of the known DNS firewalls.

Initial setup is simple, although some pre-requisites were not communicated to us, and they can make the final solution a bit more complicated.

We implemented it in-house with the support of the vendor.

The product has been rejected by business due to the pricing; no ROI as such.

It is a great product in the company security portfolio. It can be used together with the proxy to provide end-user security. However, the cost of this product is too high for what some businesses can afford.

The feature that most interested me was protection against DNS-based attacks. Umbrella offers protection against malicious websites by stopping users from visiting them. This is important because of its host / endpoint protection, an important concept as businesses decentralize their operations and employees find themselves working from unmanaged sites on untrusted networks.

Employees can do their jobs and know that they'll be protected from malicious websites.

The product itself is excellent. What I'd like to see improved is the purchasing process; specifically, I'd like to see OpenDNS offer its customers the ability to purchase any number of licenses instead of a bundle.

Cisco & Open DNS don't make it easy to add additional users/licenses to an existing account. Instead they want you to go to their store (can't get to it while you're logged into your Umbrella console) and do a purchase, like you're in some line at the grocery store.

I have been using it since April 2015.

Deployment is straightforward, the product and the back end systems that support it are stable and the product is scalable as long as the customer purchases the necessary number of licenses.

The purchasing process could be easier. What I'd like to see is the ability to contact a live person at OpenDNS and over the phone be able to purchase additional licenses.

Technical support is good.

Umbrella is the first product of its type that I've used. Otherwise, my company has relied upon anti-virus products to protect hosts.

Initial setup was straightforward. I simply downloaded the client, installed it on a host and that was it.

Implementation was straightforward and was done in-house.

Regarding ROI, that falls into the category of security and that is always a tough sell to management.

What I'd like to see improved is the purchasing process, specifically I'd like to see OpenDNS offer its customers the ability to any number of licenses instead of a bundle.

Plan, plan and plan some more.

Web content filtering: Cisco ASA 5505 doesn’t have a straight content filtering feature, so we used OpenDNS and it worked like a charm. It is security beyond the firewall, and hence more beneficial, as it stops the threats before reaching the firewall and enhances security.

We were able to implement web content filtering to block unwanted traffic, and to prevent bandwidth choking and malicious attacks without deploying any hardware/software, within a few hours.

I would like the product to offer more security features, such as IPS, IDS, DDoS prevention, etc.

I have been using it for six months.

I have not yet encountered any deployment, stability or scalability issues.

Implementation was straightforward with minimal changes to existing infrastructure.

It was self-implemented.

We have tried a Linux-based proxy server, but that was complex to manage and wasn’t foolproof.

I highly recommend SMBs and enterprises use it to enhance their network security with minimal cost through the OpenDNS cloud solution.

Deployment and management are easy.

It made web filtering and malware protection easy.

I think there is some room for improvement with regard to the Windows client. While providing great protection for roaming laptops, on occasion users in the office would get the "yellow triangle" showing up over their wifi connection. It would state that the users were not connected to the internet, when in fact they were. This caused a few gripes and was difficult to troubleshoot. Other than that, not much else.

Only other suggestion might have been a URL to automate requests when checking if a blocked site is in fact a valid block.

I have been using it for two years.

Deployment and scaling are very easy. The only issue was as mentioned.

Technical support is excellent, with quick responses.

iPrism was inline, did not scale, and not easy to manage.

Initial setup was easy; just forward your DNS.

An in-house team implemented it; it was pretty straightforward. Just get the appropriate teams involved.

ROI was all about added security and a decrease in malware.

Pricing was fair.

Go for it; there is no better way to secure guest networks without any headaches.

The various powerful query options are the most valuable features of this product to me. Using the Investigate API, we can gather the detailed history of a domain, whois information, NS records, etc. All of this information helps us determine whether a domain is malicious or not.

It helps us identify malicious domains.

I would be happy if they could add the whois information of an IP. That would further help us determine whether an IP is malicious or not by identifying the domains associated with the IP, whether there are any known bad domains associated with the IP, and more.

I have been using this solution for two months.

I did not encounter any issues with deployment, stability or scalability.

We implemented it in-house.

The APIs are very powerful. You can use any programming language and integrate it with your products. It can be really handy for security analysts.

We have a number of terminals that are NOT on our MPLS network, so we depend on the OpenDNS services to provide URL filtering where we normally have no visibility or control.

By using OpenDNS, we block sites that are looked at as malicious and cut down on incoming threats.

One thing I can mention is network security. There's no real mention about the potential of malware & virus protection for locations that we are using OpenDNS on. In certain areas, we only have a few people on-site and there’s no real need for a firewall at that point.

That would be the only thing I can think of with OpenDNS that we have NO information on.

Otherwise, for me, I think it’s a good packaged deal. I wouldn’t really change anything.

We have been using this solution since 9/25/15.

I did not encounter any issues with deployment at all. It was pretty straightforward.

Their customer service is pretty good from what I remember. We called them at one point to ask a question about one of our devices not showing up and they were pretty quick at resolving the issue.

Previously, it was the Wild West at our locations that are not on our MPLS network. They were looking at whatever they wanted as they were only on a personal wireless device. We upgraded them to a Cisco 819 or a Cradlepoint but didn’t have much in the way of filtering or DNS with their GUI.

I believe, for the most part, initial setup was straightforward. You just have to look around and set it up, link it to the device, etc. It’s not too difficult where you couldn’t just figure it out, but to be sure, we called support and they confirmed what we were doing. They even helped by showing us the policy setup area.

We implemented this ourselves. We had the access points, set them up, tested them and shipped them out.

The pricing is fair. We’re paying under $40 per license for 60 licenses.

If you have locations where there are a small number of users that doesn’t merit a dedicated line with high monthly costs, it’s quite easy and efficient to give them some kind of access point and use OpenDNS for security and filtering.

The ability to use custom categories to block out websites was valuable because the predefined categories were either too restrictive or not restrictive enough. For example, one category would block everything from social media to webmail, while another category did not block either. So to be able to customize categories made it a lot easier.

This product has made it easier for our IT team to keep employees on track to work and away from distracting websites.

Perhaps an option to be able to block only specific users would be a way to improve the free version of OpenDNS. In our department, there are multiple users that need different levels of access. For example, those who work in the advertising department need access to social media, while those in the accounting department do not. The ability to be able to set different rules for each user would have been nice to have.

I have used it for about six months.

I did not encounter any stability issues.

I did not encounter any scalability issues.

I did not need to contact technical support when using OpenDNS. The product is very self-explanatory.

This was the first product we used for filtering websites.

The initial setup was very straightforward. I did not have any issues.

I was using the free version of OpenDNS, so I am not aware of the pricing.

We were choosing between pfSense and their packages versus. OpenDNS looked easier to setup, so we went for that first. Eventually, we moved to using pfSense’s SquidGuard, because it allows us to be more precise with filtering websites.

This product is very straightforward and simple to setup. I would recommend others to just give the product a try. I am sure they will be happy with the results. OpenDNS has different filtering levels, but I found it easier to just go for the custom level versus the ones they had set up already.