Dan Brunnquell - PeerSpot reviewer
Director Of Information Technology at a financial services firm with 11-50 employees
Real User
Top 5
Works exactly how it's supposed to and gives confidence that when our laptops leave the building, they are protected as if they were behind our firewall
Pros and Cons
  • "When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances."
  • "There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad."

What is our primary use case?

We use Cisco Umbrella to secure our gateway. All of the DNS forwarding coming out of the company from any site or all the DNS requests are forwarded through Cisco Umbrella, and then they determine if that is a safe address and if the content coming back is safe. They will either reject the addressing out of hand, or they'll look at the Layer 7 content and reject that from making it back to us.

We are using the Secure Internet Gateway (SIG) Advantage package. In terms of deployment, effectively, it's deployed from our private cloud. It's in our data closet on our servers.

How has it helped my organization?

It enables us to finally allow laptops to be used as workstations and allow data to leave the building. In the past, laptops were only used for VPN access, but they would connect back to their data inside the company. This has allowed us to have a level of confidence that they're protected as if they were behind our firewall. So, now, we've got work-from-home people who literally have their workstations with them.

We have six sites with 60 to 70 users. The baseline configuration allows for additional protection for any DNS requests as they leave those sites, and then the secondary policy is for the mobile devices as they leave the premises. When they're connected to public WiFi, they have an additional policy that kicks in for that time that they're not connected back to the company. So, when they're on public WiFi without a VPN, the tool will actually put that second policy in place that's more aggressive and offers a higher level of protection when it's not sitting behind the firewall. All that is automated. It's all built into the agent.

We don't allow WiFi inside of our network for connection to our actual business network. As soon as a device is docked, it disables WiFi on that mobile device.

What is most valuable?

When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances.

What needs improvement?

There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad. I can't geofence out. I can plot top-level domains, but .com and .net go global. I can certainly block a China (CN) or a Russia (RU) domain, but that doesn't give me the same level of granularity. 

Apparently, Cisco Umbrella has got that as a feature request to allow an administrator to say, "I specifically only want traffic to and from these countries. Everything else should be dumped." That way, when they're sitting behind my network or they go out in the wild, they have that same level of traffic being blocked.

Buyer's Guide
Cisco Umbrella
May 2024
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: May 2024.
772,422 professionals have used our research since 2012.

For how long have I used the solution?

I have been using it for 14 to 15 years.

What do I think about the stability of the solution?

We've had no issues. It has done exactly what it's supposed to do.

What do I think about the scalability of the solution?

It is cloud-based. So, scalability should not be an issue. 

Any increase in its usage is all relative to the growth of our staff. Currently, we deploy the laptops for people who need to work from home or are traveling between the banks. That's roughly about 20% of our total staff. Some people aren't going to be working from home, and some of their jobs can't be done from home. They have no need for mobile devices. If there is a need to work from home, its usage will increase. It is there if we need it to scale, but at this point, it is not scheduled to change.

How are customer service and support?

Once I became a paying customer, it was much better. The preliminary training is there, but when you get into the nuances and the details of some of its capabilities, you need to talk to tech support. Once you're a paid customer, you get direct access, and then it's good. When I'm able to get a hold of them, their technical support is a 10 out of 10.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I didn't use any similar solution previously. 

How was the initial setup?

I was a hundred percent involved in its deployment. We had a couple of issues. The proof of concept was done without a lot of planning. So, there were some mistakes made along the way. If I was doing it again the second time, I wouldn't make the same mistakes. 

The default configurations have your baselines. Those are never supposed to get changed, and I changed and tweaked those for our proof of concept. After a couple of weeks, I had some additional guidance from the Cisco Umbrella team. You leave the baseline configuration, and then you clone and create a new configuration that sits in front of it. So, everyone gets the baseline, and you don't change that. If you want to change it, you make a new policy and then make the changes to that. If you change the baseline default policy and you make a mistake in it, you've to back that all out. If you make it in the new policy, in the worst case, you just delete it, and automatically everyone goes back to baseline. So, there's still a policy in effect. That was a training issue that should have been resolved. Now that I've done it, if somebody asks me, I would say that this is the way you've got to do it.

What about the implementation team?

It was just me taking care of its deployment. In terms of maintenance, once it's configured, unless you're retweaking and adding or removing something that was blocked, it pretty much runs itself.

What was our ROI?

I have less maintenance to resolve, fix, and reconfigure VPN clients personally, and the feedback from the end-users is that they're more productive.

What's my experience with pricing, setup cost, and licensing?

We were using the free version, and we implemented the paid version about two months ago.

I'm paying a fair price, but everything is negotiable with Cisco. One of the benefits that I got by having Cisco Umbrella is the licensing of the Cisco AnyConnect VPN client. There has always been an issue for years and years with Cisco Meraki in terms of VPN clients and using the native built-in Windows client. It keeps reconfiguring itself. By using Cisco AnyConnect as the VPN client, it's not affected by Windows patching or people typing in passwords by mistake. It's more resilient and doesn't change. With just Meraki solution, there was an extra expense for the Cisco AnyConnect VPN client. By having Cisco Umbrella, that licensing is now included.

Which other solutions did I evaluate?

There were a couple of other options, and I discussed them with another consultant. As a regulated industry, we have to do vendor management, and vendors have to be vetted. So, Cisco was already a vetted vendor. There are other companies that do the same thing, but Cisco didn't require me to do any more vetting. They were already a vendor.

What other advice do I have?

When it's configured the way it's supposed to work, it turns itself on and off based on the status of the VPN or the dock condition. Once it's configured, it does exactly what it's supposed to do. 

If you're doing a proof of concept on it, fully understand how the policies are configured and what the flow is. You should understand the hierarchical status of the policies to configure it right the first time. You don't really want to guess it.

I would rate it a 10 out of 10.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Theofilos Tzachristas - PeerSpot reviewer
IT Systems Engineer at a tech vendor with 501-1,000 employees
Real User
Top 10
The solution is easy to use, you don't need an expert to operate it
Pros and Cons
  • "The interface is well organized, so you can easily find everything. Even if you don't have much experience with Cisco, you can easily navigate the solution and find your way around. Everything has been done well, from the deployment to monitoring."
  • "Cisco Umbrella hasn't integrated customized reporting yet. With Cisco Secure Endpoint Hub, I can see a report on user downloads and set it up to constantly get an email alert. Based on my understanding, Cisco Umbrella can't do that. You can set it up with third parties, but it would be better if that were built into the platform."

What is our primary use case?

Cisco Umbrella enables all of our end users to browse the internet and internal networks securely. It can block different things like sites and applications that they shouldn't access according to company policies. For example, we can block different applications or specific site categories.

We also use Cisco SecurePort and SecureX, which is a platform for integrating various Cisco products. We have already integrated Cisco Secure Endpoint and Cisco Umbrella through SecureX, which offers a single pane of glass so you can see all the problems. We have also integrated our Meraki firewalls and access points. We have 500 users, and each of them has the Umbrella agent installed. If you're working in the office, you don't need it because every computer is protected by Umbrella. 

How has it helped my organization?

The main benefit of Cisco Umbrella is to prevent the end users from becoming victims of phishing attacks or malicious links in an email. It isn't necessarily about making the users more efficient or productive, but it could help with that. For example, if someone mistakenly clicks on a link and their device is infected, we may need to take it offline for a day or two in order to resolve it. We don't have these incidents, so we can ensure that users won't be affected by any malicious activities and can continue doing what they're doing without worrying about other departments getting infected.

Umbrella lets you inspect client Internet traffic as if it were flowing through a traditional data center security stack. The main thing you can do is check the destination they're trying to access, but you cannot inspect the package. You can see the URL, but you cannot fully inspect the way we're actually using it. The primary goal is to block or allow specific URLs. We don't do any inspection or use any proxy to inspect traffic. 

I would say that we save money using this product because it's easy to use, so you don't need an expert to operate it. It requires some expertise, but it's simple to monitor and maintain. Also, when we want to set up offices in new areas, it's easy to integrate. 

Umbrella is constantly discovering new vulnerabilities. The solution's ability to discover zero-day attacks without significant changes to the platform is crucial. For example, we prohibit certain categories of websites like gaming or gambling, and the categories are constantly updated. We don't need to update the categories to add new websites or constantly check those reports because we know that Umbrella does what it's supposed to. 

What is most valuable?

The interface is well organized, so you can easily find everything. Even if you don't have much experience with Cisco, you can easily navigate the solution and find your way around. Everything has been done well, from the deployment to monitoring. 

The application is really stable. We never have problems with Cisco not working for our end users. We have an internal communication hub. The office implementation is integrated with our security systems and firewalls, but we also have users worldwide working from home. Our employees are pleased with the user experience, and we've never had reports about Umbrella not working properly or being unable to access a site. It's integrated with Cisco AnyConnect, so our users can access it through a VPN solution.

Umbrella actively processes and blocks malicious DNS queries daily, which is helpful for us because we're a small team. We heavily depend on the tool to do its job properly. It works nicely out of the box. You have to do a little initial configuration, but after that, it blocks everything we want and nothing we don't. We've gotten some false positives with other products, but we've never experienced that with Cisco Umbrella.

Guest internet access is easy to configure. We set more restrictive policies for our guest users, but it hasn't been difficult to spin up consistent policies in three or four different offices. We just attached the policy that we have for guest users to a specific wireless SSID.

Umbrella combines multiple security functions into a single dashboard. If you use Cisco SecureX, there is a dashboard in Umbrella, but you have to look at different areas. In Cisco SecureWorks, you can add the tasks and dashboards you want to monitor, but Umbrella is more standardized, so you cannot make many changes. In addition to the dashboard, we have some daily reports and email alerts. It does what we want. 

What needs improvement?

Cisco Umbrella hasn't integrated customized reporting yet. With Cisco Secure Endpoint Hub, I can see a report on user downloads and set it up to constantly get an email alert. Based on my understanding, Cisco Umbrella can't do that. You can set it up with third parties, but it would be better if that were built into the platform. 

For how long have I used the solution?

I joined this company a year ago, but they had already been using Cisco Umbrella for more than three years. 

What do I think about the stability of the solution?

I have never experienced any outages or downtime. It works all the time.

How are customer service and support?

I rate Cisco support nine out of 10. We had to open a ticket because we had some issues installing the agents, but we haven't had trouble since then. The technical team responded and fixed our issues quickly.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used a similar SaaS solution by Palo Alto, but Cisco Umbrella seems to be quite unique because it's a DNS layer. I'm not sure if any other company is doing the same thing. We integrate Cisco Secure Endpoint and Cisco Umbrella to provide end-user detection and prevention. It does what it's supposed to do with most of a lot of admin work. It's a gateway.

How was the initial setup?

I wasn't part of the deployment, but it seems to be straightforward based on what I have seen. It requires a few adjustments to the firewalls and some integration, but it seems relatively simple. We needed to help the users working from home install the agents for Umbrella and AnyConnect, and this was also straightforward to deploy with Kandji, our MDM system.

After deployment, Umbrella doesn't require much maintenance because it's a SaaS application like Gmail. You don't have to do anything except the admin work, such as adding websites or categories. However, Umbrella uses an agent, so we need to update the engine. We can automate all these things, so the maintenance is minimal. 

What was our ROI?

It's hard to quantify a return, but the cost of a malware attack or customers losing private information is potentially very high. I don't have the numbers for those things, but Cisco Umbrella helps us to avoid those issues. A breach can harm our reputation and damage the entire organization.

What's my experience with pricing, setup cost, and licensing?

Cisco Umbrella is reasonably priced for what it does. I don't have any numbers to compare it with because I don't recall what the other solutions cost. 

What other advice do I have?

I rate Cisco Umbrella nine out of 10.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Cisco Umbrella
May 2024
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: May 2024.
772,422 professionals have used our research since 2012.
Global CTO at a wholesaler/distributor with 1,001-5,000 employees
Video Review
Real User
Hassle-free implementation, effective user safeguarding, and high level support
Pros and Cons
  • "The primary advantage of Cisco Umbrella is its ability to safeguard our users no matter where they are working from - whether it's in the office or remotely, as per the new work model that has emerged globally. This integrated security solution has simplified our lives by combining all the necessary security measures in one product. Additionally, deploying the product is all it takes to protect all our users."
  • "Although Cisco Umbrella has an excellent global network footprint, there is still room for improvement and growth in this area. Additionally, there are bandwidth limitations associated with the connectors that need to be addressed. To be a viable solution for larger offices, Cisco Umbrella must continue to expand and improve its capabilities in these areas."

What is our primary use case?

We started using the standard version of the Cisco Umbrella to upgrade to a newer version last year.

How has it helped my organization?

As a company with a global presence spanning over 110 countries, Cosentino requires a uniform security solution that can ensure the safety of its users. Our search for an ideal solution led us to seek one that was easily deployable, integrated seamlessly with our existing systems, and offered robust protection. After thorough market research, we found that Umbrella was the most suitable solution for our needs.

Cisco Umbrella has notably enhanced the perception of security among our users. The solution is seamless and transparent for them to use, and they feel protected at all times. This makes it an excellent solution for users in terms of their experience. Additionally, as mentioned earlier, the quick deployment time is critical for our organization, and Umbrella has significantly improved it.

Cisco Umbrella is an ideal product for our organization because it is a standardized solution that can be implemented uniformly across the entire organization. It adheres to industry standards and provides the same high level of security to all users, regardless of their location or role within the organization. This consistency in security measures ensures that every user in the organization is protected to the same degree.

Thanks to the standardized solution offered by Cisco Umbrella, our IT staff has been able to focus on other projects. Once deployed, we no longer have to worry about security in that particular area. The solution is easy to deploy and seamlessly integrated with our infrastructure, making our lives much easier in this regard. Overall, it has significantly reduced the burden on our IT staff and allowed them to focus on other critical projects.

Cisco Umbrella has enabled us to consolidate our various tools and applications by providing comprehensive security coverage for our users, whether they are working in our office or remotely from home. With Cisco Umbrella, we can address all our security needs related to browsing and network security. While it's not mandatory, we have eliminated the need for most physical firewalls worldwide by leveraging Cisco Umbrella's capabilities. This solution has proved to be a game-changer for us, as it simplifies the deployment process significantly, as previously discussed.

What is most valuable?

The primary advantage of Cisco Umbrella is its ability to safeguard our users no matter where they are working from - whether it's in the office or remotely, as per the new work model that has emerged globally. This integrated security solution has simplified our lives by combining all the necessary security measures in one product. Additionally, deploying the product is all it takes to protect all our users.

What needs improvement?

Although Cisco Umbrella has an excellent global network footprint, there is still room for improvement and growth in this area. Additionally, there are bandwidth limitations associated with the connectors that need to be addressed. To be a viable solution for larger offices, Cisco Umbrella must continue to expand and improve its capabilities in these areas.

For how long have I used the solution?

I have used Cisco Umbrella for approximately four years.

What do I think about the stability of the solution?

Cisco Umbrella has generally been a stable solution for us, although we have encountered some issues with the new connectors. Currently, we are experiencing some minor problems with disconnections or other issues, but these occurrences have been infrequent.

What do I think about the scalability of the solution?

While the solution is currently scalable, we recognize the need to continue expanding our connection points and bandwidth in order to accommodate future growth.

How are customer service and support?

The support provided by Cisco Umbrella is excellent. In addition to the standard support included with the product, we have also opted for an additional support layer provided directly by Cisco. We have been extremely pleased with the level of service we have received thus far.

While there are areas where improvements could be made, such as the RMA process, overall we are satisfied with the level of service provided by Cisco Umbrella.

I rate the support from Cisco Umbrella an eight out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

Deploying Cisco Umbrella proved to be a hassle-free experience for us. Since our SD-WAN is based on Cisco Meraki products, integrating Cisco Umbrella with Cisco Meraki was an effortless process. This integration has enabled us to implement the first SASE solution in our organization, and the combined solution of Cisco Umbrella and Cisco Meraki has helped us to set up new offices in less than 30 days, which is a significant improvement compared to the five to six months it used to take us earlier. This has led to a remarkable enhancement in our deployment speed, which is truly amazing.

What was our ROI?

Calculating the return on investment for a security solution is a challenging task, as it can be difficult to measure. While we have not performed a formal assessment of the return on our Umbrella implementation, I am confident that it has yielded a favorable outcome for our organization.

What's my experience with pricing, setup cost, and licensing?

The licensing and pricing structure of Cisco Umbrella is in line with standard systems on the market, and we have no specific requirements in this area. Overall, we have found it to be an acceptable pricing model for our organization.

Which other solutions did I evaluate?

One of the main reasons we chose to implement Umbrella over its competitors was due to its extensive global network footprint, which closely matched our own footprint at Cosentino. Additionally, Umbrella's user-friendly interface was preferred by our users over other solutions, making it a more appealing option overall.

What other advice do I have?

My advice to others would be to ensure that the Cisco Umbrella footprint aligns with the organization's needs. This is a crucial factor in ensuring that the product works well for the company.

I rate Cisco Umbrella a nine out of ten.

My main goal with Cisco Umbrella is to ensure protection for my users, regardless of their location. Additionally, the solution provides a positive user experience and is overall a great product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Aditye Kumar - PeerSpot reviewer
Principle Consultant at a energy/utilities company with 10,001+ employees
Video Review
Consultant
Enables us to inspect all the user traffic generated from anything
Pros and Cons
  • "By using Cisco Umbrella, you are sure of inspecting all the traffic. Whenever the user machine is connected to your network, it is inspected. That's the best thing. It means you are sure that nothing is being exported or imported without your choice. That is the best feature."
  • "If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel."

What is our primary use case?

I'm a principal consultant for one of the energy sector companies, which basically extracts oil and gas and also deals with solar energy. We are dealing with anything related to energy. It's a supply chain as well.

We have been using Cisco Umbrella for more than one year. Basically, after the COVID situation, when the hybrid model came, we needed to give work-from-home options to the employees and look into cybersecurity. We had to get some cloud security. That is why we have introduced Cisco Umbrella.

How has it helped my organization?

We chose Cisco Umbrella because it's a better option industry-wide. It can inspect all the web traffic from anywhere. When traffic is generated from any local internet, it might be anything. It doesn't qualify for cyber security for any company. That's why you have to have something to inspect all the traffic. Cisco is a good vendor for us. That's why we chose Cisco Umbrella.

By using Cisco Umbrella, you are sure of inspecting all the traffic. Whenever the user machine is connected to your network, it is inspected. That's the best thing. It means you are sure that nothing is being exported or imported without your choice. That is the best feature.

It generates alerts, and you can integrate it with your ticketing tool. When it's integrated, it can also generate a ticket. That means you know when something is wrong or what's going on. It has helped a lot during this hybrid model, and I don't think that this hybrid model is going anywhere. So, you can simply say that Cisco Umbrella is a good tool for the future as well.

It hasn't freed up our IT staff for other projects because no one thought about this work-from-home model before COVID. There were many alerts after Cisco Umbrella was installed, which means many staff members were invested, but its automation, such as automatically generating alerts and automatically assigning tickets to a queue, has helped a lot. We don't need to do any physical or manual inspection. It's being done automatically, which is a good point, but it hasn't decreased any resource hours.

What is most valuable?

It's the best tool to inspect everything. We can inspect all the user traffic generated from anything.

What needs improvement?

If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel.

For how long have I used the solution?

We have been using Cisco Umbrella for more than one year.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jennifer Moxey - PeerSpot reviewer
Network Security and Data Center Manager at Napier University
Real User
Provides insights, protects our users, and has good value for money
Pros and Cons
  • "The insight into what our users are doing via Cisco Umbrella is valuable. Knowing that we're protecting our users as they leave our network is also valuable now because we've got more hybrid working."
  • "They should provide more integrations and bring things together so that there is a more standard feel to their platform. We also use Cisco ISE, and it has a very different feel from Cisco Umbrella."

What is our primary use case?

We're using Cisco Firepower to replace the ASAs as perimeter firewalls to the university's network. We're predominantly using Cisco Umbrella for web filtering of staff and student web traffic that is generated from the university campuses.

How has it helped my organization?

Cisco solutions are simple, efficient, and effective. We're definitely seeing that our users are protected by using these solutions. We're using Cisco Umbrella to protect around 1,500 staff and about 15,000 to 16,000 students. At any one time, on our campus, we could have 3,000 student endpoints protected and about 1,500 members of staff with laptops who are working hybrid since COVID. So, they're protected when they're on campus and when they're off campus. As a university in Edinburgh with three main campuses, we have two internet connections where firewalls protect us from bad stuff on the internet.

Cisco solutions have invariably saved us time. Without them, we would've had ransomware attacks and cyber attacks. So, they have helped protect us as much as they can. I don't have the metrics, but it's a university, so we're probably quite often under attack.

Our operating expenditures (OpEx) haven't really reduced. With moving to subscription-based, our OpEx has probably gone up rather than our CapEx coming down. 

What is most valuable?

The insight into what our users are doing via Cisco Umbrella is valuable. Knowing that we're protecting our users as they leave our network is also valuable now because we've got more hybrid working. With Cisco Umbrella and Cisco Secure clients on all our hybrid working laptops, we know that our staff is secure even when they're working from home.

What needs improvement?

They should provide more integrations and bring things together so that there is a more standard feel to their platform. We also use Cisco ISE, and it has a very different feel from Cisco Umbrella. We also have some Meraki products which feel very different from others. It's like you have to learn something new with every product you buy.

For how long have I used the solution?

We've had Cisco ASAs, but we're just in the process of replacing them with Firepower, so Firepower is quite new. We've been using Cisco Umbrella since 2020.

How are customer service and support?

We have a good Cisco partner called Ping Network Solutions in Scotland, so anytime we need to reach out for a bit of advice, we can ask them. We had good pre-sale support with Cisco as well to ensure that we get the right products that match our requirements. I'd rate their customer service a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Instead of Cisco Umbrella, we used Zscaler for web filtering, but we've always had Cisco firewalls.

When we switched in 2020, Zscaler didn't seem to be developing their product as well. It didn't match our requirements anymore.

How was the initial setup?

I was involved in its deployment although I had a technical team working underneath me. It was easier than Zscaler because Zscaler made us have two instances, one for staff and one for students. It was very complicated, and we had to route traffic in different ways. Being able to do it by DNS with Cisco Umbrella was just easy.

I managed the team that was deploying it. My role involved making decisions about what traffic and which groups of users we put through first, some early field tests, and things like that.

What about the implementation team?

We did it all by ourselves.

What was our ROI?

We have seen an ROI. With Zscaler, we had more operational issues than we've had with Cisco Umbrella.

What's my experience with pricing, setup cost, and licensing?

You get what you pay for.

What other advice do I have?

We use Cisco Firepower, and we use Cisco Umbrella. Currently, these two products are not very integrated. We don't have the complete suite of Cisco solutions. We just have two that aren't joined. We also work with other technology partners, such as Microsoft, but in terms of the perimeter of our network, it has always been a solid product like the Cisco firewall.

I'd rate Cisco Umbrella a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Alfonso Reimunde - PeerSpot reviewer
Independent Business Owner at Practical Information Systems
Real User
Top 10
A proactive security layer that filters outside the network that is scalable and easy to set up
Pros and Cons
  • "The most valuable feature is the ability to filter malware sites that could infect clients or allow them to download infected files."
  • "The rule-making process for blocking sites or for blocking characteristics can use some simplification."

What is our primary use case?

I had an agreement with OpenDNS which was the original owner of the solution, and I was selling it as an MSP. In Spain, I offer it to a company called Ares Capital. At the start, it was designed to filter URLs for sites that management didn't want the people to access, such as adult sites and social media sites that may cause a loss of work time. A few years later, the solution introduced the ability to filter malware sites. We used that not as an accessory characteristic, but as the main characteristic. We moved from filtering unwanted sites to filtering malware and virus-infected sites. We still use some filtering for unwanted sites, but mostly for security reasons.

How has it helped my organization?

Cisco Umbrella was designed to allow hybrid work. When the COVID pandemic started, we didn't have to do anything at all because the computers were already set up for remote work. With Cisco, it doesn't matter where the computer is as long as the computer is using the DNS servers that Cisco Umbrella works with. If it's part of a laptop or wherever you are in the world, it works exactly the same as being in the office. 

It is very important the solution provides a single pane of glass management for our organization in order to help manage the complex software and programs that companies use. This saves a lot of time for managers.

The single pane of glass management optimizes the user experience by allowing the user to access restricted sites much faster and easier from a centralized location.

Cisco Umbrella helps us remediate threats quickly. The solution doesn't work with our internal network, it instead works with the DNS servers that are located all around the world. This means Cisco Umbrella doesn't have any effect on our network whatsoever. In fact, Cisco Umbrella is totally different from other solutions that are locally based, which filter on routers or firewalls. The solution acts as an outside firewall. The rules that are set up on the Cisco Umbrella management site affect the connection between the computers everywhere, but it doesn't slow them down.

The employee morale has improved with Cisco Umbrella because they don't need to be as cautious when visiting sites knowing that the solution is taking care of their security for them. The only thing that could happen to an employee is that they may need to access a site that is blocked and they have to report that blocked site. When a site is blocked for an employee, a page appears on their computer and they can report that blocked site from there. The employee can send the administrator a direct message requesting access. A blocked site occurs infrequently and the administrator can unblock the site quickly.  

What is most valuable?

The most valuable feature is the ability to filter malware sites that could infect clients or allow them to download infected files.

Cisco Umbrella is one of the best solutions in the market because it's very simple to use and very simple to set up. We require some knowledge of filtering rules, but it doesn't take that long to get familiarized with them. We can manage all the working locations, even if they are far away from a single point and the solution is easy to use. The vendor is a pioneer in the central management of security compared to other antivirus companies.

Cisco Umbrella provides a single pane of glass management.

 Cisco Umbrella doesn't slow the network down because it filters outside of the network.

Cisco Umbrella is not a solution that we can rely on for everything, but for the cost, it is a valued layer of defense that we can depend on. Cisco Umbrella's resilience complements any antivirus solution well. The main advantage of Cisco Umbrella is that it stops attacks from happening before they reach the antivirus solution.

Cybersecurity resilience is important to our organization because we provide software-driven services. We need to contact people from all over the world, We need to be able to navigate through many different sites safely. This gives peace of mind to our customers. We visit thousands of websites every year and it is important to have a solution that takes into account that we are not visiting the same websites repeatedly.

What needs improvement?

The rule-making process for blocking sites or for blocking characteristics can use some simplification. For example, types of malware. This would make it easier to use because it has a learning curve.

There is a possibility of creating users that have explicit permissions to access sites that nobody else should access. This process can be cumbersome and it would be helpful if there was an easier way to create users and assign roles to special users.

Cisco could ease the process of defining the number of licenses and the price considering the number of licenses we require. Currently, we have to get a quote for anything over 100 licenses.

For how long have I used the solution?

I have been using the solution for ten years. Before the solution was acquired by Cisco it was OpenDNS Enterprise.

What do I think about the stability of the solution?

The solution is extremely stable. 

Maintaining network connectivity is very easy. We have not had any downtime in over 10 years. Cisco Umbrella doesn't work directly through the network. It works with the DNS servers that are outside of the network. The network itself doesn't affect it at all. Cisco Umbrella doesn't affect the internal workings, hardware, software, switches, or routers. As long as we have set up the DNS correctly in the computers, either locally or through Active Directory, everything works no matter what happens with our network.

What do I think about the scalability of the solution?

The solution is scalable. We started off with around 40 computers and now have over 200.

How are customer service and support?

I contacted technical support two or three times by email because I had doubts about a rule, but it was pretty straightforward. They responded back within 24 hours. I'm not sure if we can contact them now by phone because I have only used the email method.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we were using an antivirus company for antiviral protection. The problem with antivirus is that it's reactive. It does not proactively avoid infection. Cisco Umbrella is proactive because it blocks sites before we may get an infection. We don't react to infections; we proactively avoid infections. Although there are solutions now that do the same, Cisco Umbrella was the first to market.

How was the initial setup?

The initial setup is straightforward and only required one person. Setting up the solution usually takes between 30 minutes to an hour. However, the rules are always changing, so we never truly finish setting it up. We're always changing the configuration of the sites by blocking or allowing or adding new sites to the blacklist or whitelist. 

To change the local DNS settings to use the Cisco Umbrella service, we only need to make a few changes. If the computers are connected to Active Directory, we can deploy the configuration through Active Directory so we don't have to mess with anything else. The solution is based on the cloud, so we get a lot of detail and granularity in what sites the computers can access. However, if we want more detail, we can install a small agent on the computer so they can report to the servers.

What about the implementation team?

The implementation was completed in-house.

What was our ROI?

We have definitely seen a return on investment given the low cost of the solution.

What's my experience with pricing, setup cost, and licensing?

Cisco has a set price for a single license up to 100, but whenever we get over 100, we have to ask for a quote. Sometimes requesting quotes makes the process a little harder because people's trust waivers when having to ask for quotes. We want to see the prices upfront.

What other advice do I have?

I give the solution a nine out of ten.

The solution is very good, one of the best in the market because it is so easy to use and so easy to manage even from far away distances. The company has four locations, one in Madrid, one in Valencia, another in Alicante, and one in Barcelona. The solution allows me to manage all the sites from one location easily.

Given the rise in attacks and virus infections all over the world recently, it is important to have layers of security. The less intrusive solutions are better for us. I believe that Cisco Umbrella is a solution that everybody should have because the solution is easy to set up and manage. Cisco Umbrella gives us peace of mind, which is why I believe it is a great solution. I had problems in Spain when I tried to set up Cisco Umbrella for other companies but this was because people didn't know about the solution or trust it as much as they should.

Initially, we implemented the solution for the central branch in Madrid, and after that, we implemented it in the regional branches. We then differentiated between departments, and in the end, we were managing departments and offices.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: MSP
PeerSpot user
Systems and Network Architect at a recreational facilities/services company with 1,001-5,000 employees
Real User
Prevented a countless number of attacks on our organization
Pros and Cons
  • "We immediately block impersonating users from accessing services over Cisco Umbrella-controlled devices."
  • "iOS devices and mobiles are huge in my environment right now, and I cannot run them on Cisco Umbrella 24/7."

What is our primary use case?

I use Cisco Umbrella mainly for content filtering. We use it to ensure that my users don't access something they shouldn't be accessing. It's just like pushing and scan prevention.

How has it helped my organization?

There are a countless number of attacks that Cisco Umbrella prevented from happening in our organization.

What is most valuable?

Suppose we see a very silly entry where a bad actor tries to impersonate a good website or service we continuously use. They buy the domain, misspell it somehow, and then inject that in a link. Suppose my email scanning tools did not detect or notice that for one reason or another, and we identified it later. We immediately block impersonating users from accessing services over Cisco Umbrella-controlled devices.

What needs improvement?

iOS devices and mobiles are huge in my environment right now, and I cannot run them on Cisco Umbrella 24/7. Each user has one desktop but three or four mobile devices on two iPads, and a phone or multiple phones and an iPad, or vice versa. I'd like to turn on my Cisco Umbrella on the network level, at least on my office premise. However, my security team would like to keep all devices on-network and off-network to be connected or managed by Cisco Umbrella all the time. So their use cases are higher and stronger than my mobile ones. Sometimes we try to work around my mobile ones with MDM, but sometimes it would be way more flexible to have both running side-by-side.

Also, in the Apple services or the Apple space, between my Cisco Umbrella and between my Apple updates, something breaks. I'm not sure if it's because of a policy that my company did before I joined them or if it's something that's happening due to a conflict in the configuration somewhere. So we always have to completely get the device or the endpoint out of any filtration to get the policies. We get everything pushed properly from Apple to the device and provision it afterward. Then we add the Cisco Umbrella roaming client to it.

For how long have I used the solution?

Cisco Umbrella has been running in my environment for about five years, and it was there even a couple of years before I joined my company.

What do I think about the stability of the solution?

We've never really seen any service outages or downtime with Cisco Umbrella. It is amazing for a product to be running such a long marathon for the amount of time that I have witnessed it.

What do I think about the scalability of the solution?

Cisco Umbrella is very flexible. Before, after, and during the years of the pandemic, my environment went up and down concerning headcount and use cases. Since Cisco Umbrella is pretty flexible, it was able to scale with us.

How are customer service and support?

On the technical side, we always get our questions answered in a reasonable turnover. There was an incident when I had two instances running, and I tried to research it first and run discovery with it. When I couldn't find the answer immediately, we called Cisco, and somebody over the phone was very helpful and told us within ten minutes that it wouldn't work for us.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was pretty straightforward. The solution's documentation is great. My environment needed a little bit of customization to match the deployment configuration or documentation, and it worked fine.

What about the implementation team?

We implemented Cisco Umbrella through an in-house team.

What was our ROI?

We have seen a return on investment with Cisco Umbrella regarding the working hours and the ticketing. The tickets do not have to get escalated to a network engineer or to a network person to look at. They could be worked on by someone on the app on tier one or tier two before needing an escalation if it even needs it.

Which other solutions did I evaluate?

I was onboarded to an environment where Cisco Umbrella was already running. I'm sure my predecessor evaluated other products during the same time, and then they decided to start and stick with Cisco Umbrella for the past six-plus years for its efficiency.

What other advice do I have?

The security team deployed Cisco Umbrella in our organization. I deployed the solution briefly on my network infrastructure, and then we decided to switch that off because we noticed a conflict when we had it running at two different places.

I cannot really speak so much on the infrastructure because until recently, whenever we installed Cisco clients on a machine that's running a server, the machine broke. The reason for that is something that happens in the trust relationship between the server and the domain controller. We opened a support case with Cisco Umbrella, and they told us the server was not supported. Servers are not meant for browsing, and the environment that they are in should not be open to the entire world.

My network team is not that large. For content filtering, when a request comes in to unblock a website saying that it is misclassified, it's super easy to give enough access or limited access to the support desk agent or analyst that's getting your clients' calls. The turnover time is much quicker and much shorter. We do not have to deal with maintenance windows or change management times because it's easy to go to a portal or website and change it versus changing a configuration on a firewall. It helps a lot with hybrid environments, especially during the unprecedented times we had a couple of years ago when we all decided to work from home. My environment was 90% ready to work from home, and one of the reasons for that was Cisco Umbrella.

In a 2000-user environment, Cisco Umbrella has helped save at least 14 hours weekly.

Cisco Umbrella has changed the way that we have access to a tool. It helps us do content filtering. I do not need DNS servers running anymore on my network because I identify it on the Cisco Umbrella portal, and everybody gets the configuration within 30 seconds to a minute. I do not have to deal with DNS changes, especially for internal tools and websites.

Cisco Umbrella has helped our organization improve its cybersecurity resilience for the end clients by having that on-off network flexibility. I do not necessarily have everybody run on a VPN all the time.

The nearest product to Cisco Umbrella is not even comparable. Cisco Umbrella's feature richness and compatibility are becoming an industry standard. We do not ask if an environment has a DNS server running in it or not. Instead, today we ask whether that is a Cisco Umbrella environment.

Overall, I rate Cisco Umbrella ten out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Christian Graber - PeerSpot reviewer
Sr Product Manager at Sunrise UPC
Video Review
Real User
Is easy to install, works seamlessly in the background, and is stable and easy to scale
Pros and Cons
  • "One of the great advantages of Umbrella DNS is that it's really simple to deploy. It's easy to install, the users do not notice that it's there, and it doesn't interfere with your work. The simplicity and transparency are great advantages of Cisco Umbrella."
  • "It would be good if the more complex versions of Umbrella are simplified so that we can offer them in a more standardized way. We, as a telco, do not operate the same as a traditional integration partner would, who can sell all its services. We try to have a standardized approach as much as we can so that we can sell the solution with as many services added to it as possible. If you look at the structure of businesses in Switzerland, 95% of them have 10 persons or less, and they do not have a security specialist. Therefore, the higher the automated and standardized features, the better it is for them."

What is our primary use case?

Cisco Umbrella is a first line of defense. It protects the users from going to sites that should be avoided. Cisco Umbrella also protects against malware and phishing. It's a simple and very effective product that works seamlessly in the background. It doesn't disturb you in any way unless you access a website you shouldn't. Then, it will interfere with it and stop you from going there.

What needs improvement?

It would be good if the more complex versions of Umbrella are simplified so that we can offer them in a more standardized way. We, as a telco, do not operate the same as a traditional integration partner would, who can sell all its services. We try to have a standardized approach as much as we can so that we can sell the solution with as many services added to it as possible. If you look at the structure of businesses in Switzerland, 95% of them have 10 persons or less, and they do not have a security specialist. Therefore, the higher the automated and standardized features, the better it is for them.

For how long have I used the solution?

We've been offering Umbrella for three to four years.

I've been working with Cisco's products for several years now. We in the B2B area of Sunrise work with Cisco kind of exclusively, it's really our main partner. I look after security products and Umbrella. The cloud-based security products around Umbrella have been the focus of my work.

As a reseller, the value we bring to our customers is the fact that instead of just selling them connectivity or access to the internet, we offer them a base level of security with it. I think that is highly valued by customers since security is typically a topic they struggle to deal with.

What do I think about the stability of the solution?

When it comes to the stability or performance of Umbrella, we have been very pleased. When you add security on top of unsecured transport, you may have certain delays, but our technical colleagues consider them to be not too bad. Stability has never come up in a customer context as an issue.

What do I think about the scalability of the solution?

When we look at the scalability of Umbrella, we can see the great advantage of it being a cloud-based service. Therefore, scalability is not an issue on our side. We can assume that it will always be around and that the performance will always be good.

How are customer service and support?

I've had very few interactions with Cisco support, and the ones I've had have been good. I'd give Cisco's technical support a rating of nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We sold a different solution previously, which provided a much simpler DNS protection. It did not have the power and is not really comparable to Umbrella. It was more of a consumer-level product that did not have much of an impact. I had it installed on my internet access at home, and it never intercepted anything I did. It's only once I installed Umbrella that I saw differences in the ways my DNS calls were intercepted. The main reason why we offer Umbrella is its business-grade security.

How was the initial setup?

One of the great advantages of Umbrella DNS is that it's really simple to deploy. It's easy to install, the users do not notice that it's there, and it doesn't interfere with your work. The simplicity and transparency are great advantages of Cisco Umbrella. Cisco could take Umbrella DNS as a good example and also improve on other products.

What's my experience with pricing, setup cost, and licensing?

Cisco solutions are generally perceived to be rather expensive. We have constant internal discussions as to whether we should offer lower-priced security solutions from some of the competitors.

What other advice do I have?

If you are looking for the first time at Umbrella, you should really understand what is behind the solution. Behind Umbrella is Cisco Talos, a research team within Cisco, which is one of the largest private ones in the world. All the input out of the activities of Talos goes into Umbrella and makes it a really valuable product.

As a service provider, we know that other service providers are using Cisco Umbrella, and that was a big factor for us in choosing it as well. Also, we had seen large telcos like TIM in Italy using it for many years and being satisfied with it.

Customers are always worried that somebody in their organization will click on something he or she should not click on. Umbrella does a good job of protecting a business from ruin in worst-case scenarios. It works in the background and is like an airbag.

I would rate Umbrella Easy Protect, which is the simplest on the Umbrella DNS side, at nine out of ten. Because Umbrella SIG is still under development and is very promising, I'd give it an eight out of ten.

Our partnership with Cisco is overall good. It has its ups and downs. Cisco is not always an easy beast to work with. Sometimes you see that traditionally they have a very strong enterprise focus, but we as a service provider have a different need than enterprises, and that sometimes has its challenges.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Buyer's Guide
Download our free Cisco Umbrella Report and get advice and tips from experienced pros sharing their opinions.
Updated: May 2024
Buyer's Guide
Download our free Cisco Umbrella Report and get advice and tips from experienced pros sharing their opinions.