Cisco Umbrella Reviews

One of our purposes for acquiring Umbrella was to block phishing links that we get in emails and to manage risky websites. We're using it for our internal network and the roaming client for external users.

Blocking malicious websites and preventing users from going into them, as well as the phishing attacks that usually come with malicious links, were the challenges. With Umbrella we can block them.

We use it in our Active Directory domain and for about 175 users. We use it on desktop computers and on laptops for external users. It's all on-premises, protecting servers and workstations.

It has improved our company a lot because we now see where the users are going and prevent them from going to malicious websites. It has reduced, by a lot, the chances of hackers getting into our organization.

With Umbrella, it's our IT staff who we feel secure. Sometimes the end-users, our clients, don't fully understand the purpose of the tools when we install them, such as the roaming client. And sometimes they get false positives and they don't fully understand why. But for us, as IT admins, we feel a lot more comfortable with the tool in place, because we know that it's unlikely our users will go to a malicious website. Umbrella is protecting us.

Umbrella has also helped us remediate threats more quickly. It's really good for securing our infrastructure from end to end. Umbrella's footprint is really small. If you want to secure infrastructure, such as servers, you don't have to install an agent. You just have to use DNS forwarders and point them to the umbrella servers. That's easier. It helps us protect our infrastructure for sure.

The Global Block List is one of the most valuable features because it's really easy to block domain names as well as URLs. Sometimes you don't want to block the whole site, you just want to block one URL. The Global Block and Allow Lists are the best features for us.

Cisco Umbrella also provides a single pane of glass for management. It's really helpful and it's important for us because we have multiple locations. Without a single pane of glass, if you want to block websites you have to go to every location, in each firewall, one by one. But when you have a single management portal, it's a lot easier.

The user experience is good because, as IT and admins, it's easy to use. But that's not only for admins, it's also true for the clients because they know the reason a website is blocked. The user experience is pretty smooth because they can report a false positive or a malicious website that has not been blocked in Umbrella. We are happy with the user experience.

And when it comes to applying and maintaining network connectivity consistently across all workplaces, Umbrella is excellent. We can track, among the different locations that we have, where the users are trying to get to. That means the risk of disruption is reduced by using Umbrella. And in that way, Umbrella contributes to maintaining network connectivity.

The user interface is pretty nice. Once you know how to do tasks, it's easy.

There are some situations where we would like to block things for specific user groups. I know that Umbrella does that, but it's not that easy. When you go to the Global Allow and Block Lists, that's the easy part. But when you want a specific task for specific rules and policies for user groups, you have to go three levels down in the menu, and it's hard to find where you do that task.

Also, the policies are not that easy to manage.

I have been using Cisco Umbrella for around a year and a half.

The stability is really good. They have about 99.99 percent uptime. I can't think of a significant disruption in the service.

We are a small organization, but from what I have seen, it is very scalable.

We have never requested support.

The initial deployment was straightforward.

The solution is on-premises but the management is cloud-based.

We did it all by ourselves.

We have seen return on investment by reducing the risk we had in the past. That has saved us from having to invest a lot of time in support, which is something we had to do when a user didn't know what they were doing and got infected. We now spend less time on end-user support.

The pricing is pretty fair. It's good.

In my former company, we used Area 1 for DNS protection, not Umbrella. I knew OpenDNS before it became Umbrella. In fact, I used OpenDNS for my personal accounts. In my current company we evaluated Area 1, but in the end, we loved Cisco's support and that is one of the reasons we went with Umbrella. But, obviously, the features in Umbrella are pretty good.

Once our end-users understood why we use Umbrella, that it was for improving our organization's security, it improved their morale. Nowadays, they are aware of cyber threats and they know that Umbrella is one of the tools that we use to prevent a breach. They feel more secure now.

Resilience helps a lot in cyber security. One of the things that makes Umbrella great is that you don't have to detect threats by yourself. Wherever in the world a new threat is detected, it's in the Global Block List of Umbrella and we don't have to manage those threats one by one.

That kind of resilience is more and more important for our organization every day. Fortunately, our C-level now understands the risks and what the organization could lose. They understand the impact. With the support of management, cyber security is really important for our organization.

I would tell the leaders of other organizations who want to build more resilience that cyber security is more important now because we are serving our internal and external customers. The problem with a cyber security risk, a threat or a disruption in IT services, is that it will probably cause us to stop producing what we produce. Our customers will have a bad experience, and that means it is not only a financial issue but one of reputation. I would tell such leaders to always keep cyber security in mind because it's not just about your IT guys, it's for the whole organization.

It's an excellent product. It has worked really well. The only reason I don't give it a 10 out of 10 is, as I mentioned, that there are some tasks that could be done more easily.

We have deployed an on-prem virtual appliance for Active Directory (AD) and user mapping. We have integrated our AD with it as well as all the pre-reqs that come with it.

It is a DNS solution. It stops us at the first layer of Layer 7, stopping at the DNS level. It just removes the burden for opening a connection, then looking at the firewalls and all the parameter devices. It has a single pane of glass that keeps you secure.

It has helped us in terms of the roaming client. That has helped us in terms of security. Whereas, previously the roaming client was bothering us, which got us into this solution. That has helped the end user with laptops and devices for different sites. This keeps us secure at all times wherever they go.

We are not using a DNS solution, but we have been using the firewalls and all the proxy firewalls instead, which has really helped us since we now know that the entire network environment is being secured by Umbrella. It gives us a real pat on the back that we are being backed by the Talos cloud and its security. We are monitoring in real-time. It works by itself to assess all the security features and parameters through Talos, which is really interesting and good for our environment.

The most valuable features are actually the reporting with all the visibility. It gives a hawk-eye view when we map AD with Umbrella. It gives us the visibility of every user, e.g., which sites and content are being used and who is accessing what. That has really been a good new addition for me.

We don't need to access multiple devices in order to give access to our internal resources. We are secured in having everything on a single pane of glass, which keeps us secure as well. We can enter the configuration to reach our destinations based on the main names. Other than that, it also secures us by not looking at only the destination, but also the predefined security parameters that Cisco Umbrella has provided. For example, if I coded command and control centers (CNCs), then most phishing websites, where there are known websites caught by Talos, are being categorized as the bad domain. That is where it gives us a nice, handy lift.

The single-pane-of-glass management is really important. In today's era, administration costs and operational expenses will cost you a lot, and it reduces that as well. You don't need extra resources to manage all your parameter firewalls, looking at every single device to allow resources internal access. By just introducing the single-pane-of-glass management, it has lifted the burden off of management, especially the network management.

It gives us a quick view into what we are looking at. We don't need to go to the different devices and see where our traffic is starving, etc. So, we have better visibility, when using Umbrella, from its single pane of glass.

We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run.

I have been using it for seven or eight months.

We used support when we were deploying the VAs. So, we have opened tickets a couple of times when we were stuck.

The technical support is alright. I would rate it as eight of 10. There was one time when I opened a ticket regarding the VAs, which didn't go quite well. However, it has been a good experience overall.

Positive

We did not previously use another DNS solution. This solution was our first.

It is very easy to maintain network connectivity. For medium- and large- enterprises, it is not going to take more than a week or so to deploy the solution. Or, you can deploy it with fewer complexities in a couple of hours. Therefore, it is not that hard to gel it into your existing network. So, it works like a charm for us.

In our environment, all traffic was going to the data center. It didn't take us much time, or the complexity of the network wasn't much, so it didn't bother us to pre-plan its migration. We just had to change all our DNSs on the perimeter firewalls and point them towards Umbrella, and that was it.

It has helped us to remediate threats more quickly.

It is pretty much handy in terms of what it offers. Actually, it is all about how it caters to your security. Every solution has their pros and cons, but Cisco Umbrella catches all the vulnerabilities and things that could hit any organization.

Previously, we were not tracking roaming clients, which were changing networks every time. I was wondering if something was hitting the endpoints, because we wouldn't know. When Cisco Umbrella joined our network, it explored all our networks. This was really interesting and a key part of why we chose it.

The end user isn't tech-savvy and doesn't care what is being done. As far as the system admin and network admins are concerned, their work has been reduced in terms of management and managing the entire network.

I would rate the solution as nine out of 10.

We use Cisco Umbrella for DNS security. We also have the roaming clients deployed on user laptops.

We use it for roaming clients. We also push all our DNS traffic to Umbrella. We do not allow any other DNS traffic. That is kind of how we have fully implemented Umbrella.

We were looking to bridge the gap for DNS security, especially for mobile clients. We wanted to be able to put that roaming client on their PCs and kind of bring that together.

It has improved our organization from a security posture perspective. We feel more confident now knowing that we can block phishing attempts or any type of malware that is DNS-related. This is a very nice feature that provides peace of mind.

Umbrella has absolutely helped us remediate threats more quickly. In fact, it has blocked a lot of threats that may have been able to go through in some instances. Knowing that they are blocking it and being able to find the PC that potentially has the threat on it, that has been very beneficial.

Umbrella has been very good for employee morale. It makes our job a little bit easier.

Cybersecurity resilience is very important for our organization right now. Umbrella does a good job of blocking ransomware, malware, bad threat actors, and phishing attempts.

Being able to control policy sets has been a very nice feature. Being able to have appliances that are separate, where we can send DNS traffic, has been very beneficial as well.

It is a good product for helping workers feel safe, secure, supported, and included. Having the roaming client is probably one of the key factors in being able to do that.

Cisco Umbrella provides single-pane-of-glass management, which is pretty important for my organization. We have a lot of products, including security products, that we manage. Being able to see a lot of those data sets in a single pane of glass is very beneficial for my team. We enjoy having it. It is very easy to use.

It is not very difficult to maintain network connectivity. 

We would like them to add more features to Cisco Umbrella.

We have been using Umbrella for about four years.

Stability has been great. Obviously, there have been some hiccups here and there on the connectivity side. That is out of our control, but it is understandable, as things are in the cloud. I have had more issues with Amazon than I have had issues with Umbrella, where I have had a very good experience.

It is very scalable. If I had more sites, all I would have to do is deploy more VMs and point traffic that way, which is very nice.

We are using roaming clients. We are also using the DNS appliances that we have deployed. I have over 15,000 users and 10 locations. We have deployed each appliance at every location, and then point traffic to that. There are 20 different servers that we are using for Umbrella.

The technical support has been very good. I have not had to open many tickets. I have only opened two in the five years that we have had it. Those two times, the support was very nice and supportive. I would rate them as 10 out of 10.

Positive

We have actually been using Umbrella since it came out. Previously, we just ran our own DNS. From a security product perspective, Umbrella has been the only DNS solution that we've used.

The initial setup is very straightforward. There is a lot of documentation available.

It was deployed in-house.

We have seen ROI. We can show our leadership that we are blocking and preventing things from coming into our network. Not only that, but from a threat perspective, if any of those things were able to infiltrate, then possibly the remediation damages would be way more than the cost that I am paying for Umbrella today.

As an educational partner, we get better licensing structures. We are very happy with that. It has been very nice that Cisco has partnered with the educational sector to bring that. 

Look for all the gaps that you have in your network, then try to find a product that is more rounded to essentially fill those gaps.

I would rate Umbrella as 10 out of 10.

I am using it at home for my personal defense. We also use it in our company.

A lot of my stance, even before Covid, has been the assumption that people aren't in the office, and if you're going to have a mechanism, it has got to be there for the most vulnerable. The most vulnerable are those who are furthest outside our firewall. That's how I've always constructed my sort of security posture.

I tend to use Umbrella as one of my favorite solutions because it allows me to mitigate problems before they strike the firewall. It allows me to set policies that are effective whether people are on-premise or working from home. It is fully functional for its purpose. It is not a replacement for a firewall or antivirus. It gives you a nice skin on your onion that is pretty strong, and that's what I like about it. It mitigates things before I have to deal with them, and I can see those reports. It also stops people from going to different places.

Its simplicity is most valuable. I can install it and get it up and running, and it can be pervasive across my business within a business day.

It is pretty simple and straightforward to install and configure. Its remit is reasonably clearly defined. When you look at solutions like Darktrace and Carbon Black, the mission objective isn't as clearly defined. Cisco Umbrella, Sophos Central, or some of the other solutions have a more standardized approach to antivirus, which includes enhanced response from the machine learning or deep learning perspective.

The API is very Cisco orientated, which is absolutely fine if you're using Cisco Firepower and SecureX kind of products, but if you want to integrate with third parties, it is a bit tricky. There are some key API connectors for the more prevalent SIEM tools.

I would really like to see in Cisco Umbrella the ability to create customized reports and then assign the rights to view these reports to people within a group. I should be able to create a customized report, which is viewable by anybody who has the rights. I should be able to create groups within Cisco Umbrella, and then assign reports to groups and have those reports split out automatically only to those groups. I can kind of do it by restricting my email list, but it is a half-complete way of doing it.

I have been using this solution for probably 15 or 16 years.

It is fully functional for its purpose. 

I used to call them regularly. They're pretty good.

Its initial setup is very straightforward. It is a DNS redirect, so it takes literally about five minutes to configure it. The only thing that is tricky is going in and defining your policies, but that's what I call the evolution of the product. You start with simple monitoring, and then you refine it over time.

It has a reasonable price. It is certainly not as expensive as it used to be. It is in line with other offerings on the market.

There are a number of different flavors of Umbrella. They could bring Umbrella SIG down a bit because its price is a little bit high for what it does, but I also understand why its price is high.

I would advise having a clear idea of where you want your users to go, what do you want to do, and what do you want to restrict your users on. Have a clear point of view, and then look at it from the perspective of the role of the user within the organization. This is going to define your groups. You can then put users in groups, and then you've kind of related roles and groups, which makes management easier in the future.

I would rate Cisco Umbrella an eight out of ten. It is good and solid, but it is not perfect, so it is not a ten. There are areas of improvement, so it is not a nine.

We have a centralized security policy. For the end user traffic from the firewall to go out to the Internet, it traverses through the secure SD-WAN going back to the data center. It passes a lot of proxies, firewalls, and different security checks. Hence, there are some performance issues. Therefore, we asked Cisco to come in and see if there were any products that could improve this situation for the local Internet breakout, and this was the solution that they brought to the table.

We have a remote location that uses Viptela SD-WAN in conjunction with Umbrella.

It adds a lot of value to the environment. The end user has been much happier with their application performance after using it. I don't see any drawbacks with this solution. 

Hybrid work is also kind of important. Some users may be working from home these days, especially after COVID, as they don't necessarily have to come back to the centralized location for security checks. They can have security going out local from their home environment as well. 

The performance has been greatly improved, especially for some of the end users who kept creating tickets and complaining that it was really slow when everything had to go through the central tool for security checks. Now, everything is locally broken out. Also, security now has all the right filters and malware checks.

The malware piece protects the network from malicious attacks. We have had a lower case of security breaches. Therefore, that brings a lot of value to the table.

The content filtering piece is something that really ties back to what my customer is using because they do have some sites that they don't want end users to go to, in order for the security to be locally available, allowing the users to break out to the Internet. The content filtering is a key piece that our customers want to test and use. So, we tested, and it was successful.

The single-pane-of-glass management is very important. Management wants to look at a single frame, then expand it to get the information that they need, without relying on engineers to take it out. Sometimes, engineers need to go down multiple levels to get the information and package it, and then it is possibly not the information that they are looking for. So, it has to be done again.

I have been using the solution for about six months.

We haven't encountered any issues.

The scalability is good. There aren't any limitations with its scalability. We can scale it out.

We have had some tech cases. However, a lot of times we have our account engineers who help out. They are very savvy and knowledgeable. If something is unknown, they will reach out to internal Cisco for help. They are pretty good. I would give them 9 out of 10.

Positive

We did previously use a different solution. 

We wanted to do the local breakout, but our previous solution wasn't able to do it. We spent quite a bit of time testing the other solution, but it just didn't work. This is why we reached out to Cisco.

We did some testing. Network connectivity was a bit of a challenge at the beginning, but we were able to get the right help from Cisco. The POC probably took a month or so

Application performance has greatly improved and there are less operational issues. Productivity has been going up because we have less operational issues. Also, we have happy customers.

Usually when we have a good solution, we share it with our peers who can then bring it to their customer's attention, if they need to solve the same problem.

I would rate this solution anywhere between 8 and 9 out of 10 because it addresses the needs of my customer, but leaving room for improvement.

We are using this solution for DNS filtering to try and make sure that users do not make ill-advised clicks and find themselves in harm's way. Once we started to implement it, we realized that just putting Cisco Umbrella appliances on the company's network was not good enough. The notebooks travel and the risk factor travels. We switched over and for some time now, we have deployed it predominantly on roaming clients.

In the current environment, it is a good thing we had deployed the Cisco Umbrella before people started to work from home because of COVID. The risk factors went up and the amount of thoughtfulness that people put into, "Is this a real message or is this phishing?" People became lax. If we did not have this solution, the number of clients that we would be dealing with attack issues would have mushroomed to a much higher level than we had to deal with. Umbrella has been a godsend for that.

The most valuable feature is the ability to block users from reaching places that they should not even try to reach has been a boon.

Once we were given a roaming client and we did not only have Umbrella servers filtering the traffic as it left the perimeter. They were giving us what we want and did not have to worry anymore, I was happy with the solution. I view it as a mature solution that delivers what we need.

One of the issues with Umbrella is as you get into endpoint detection and response, such as EDR point solutions, some of them will not integrate well with Umbrella. Sometimes when you want to use technology, such as Always On VPN, it will not work. There are some looming issues as one type of technology starts to crossover with Umbrella. That is the challenge and Umbrella should find a way to be more compatible with some of the endpoint response solutions that are coming out on the market.

I have been using this solution for a long time since it was OpenDNA which was before Cisco bought it.

There are no scalability problems with this solution. They do a good job of having updated servers around the world and at all hours of day.

One of the issues with Cisco technical support is that it is all linked to them having all of the maintenance contracts always running. If you work with a customer base where not everybody always renews their subscriptions and you need to get support but you did not sell the solution, it can make reaching the support a challenge. There is no problem with the quality of the support. However, sometimes Cisco's arcane rules regarding how they register and do tracking make it difficult for a managed service provider to get the support they need. 

We do not have a problem with getting support for Umbrella because we have a contract for that. It is trying to get support for all the various pieces of networking hardware that customers have not maintained properly difficult, Cisco is not easy to deal with in this regard. 

The initial setup is straightforward.

When talking about Cisco solutions in general there pricing model is horrible. For example, you can sell a Meraki-based solution, but if the customer starts shopping around, someone is going to have access to the pricing at a level that you cannot compete because they do not have uniform pricing. Not everybody gets fair pricing. Unless you are one of the real major corporations selling the solution your ability to compete is impossible. Cisco will acknowledge the situation and assure you next time it will be in your favor but it never becomes favorable for you. Cisco is not very good in this regard. However, Umbrella is good.

If you are not using some form of DNS filtering to guard against threats, you are not doing a good job on security in the current climate anymore. 

I rate Cisco Umbrella a nine out of ten.

One of the main use cases of Cisco Umbrella kicked in during the COVID pandemic, as a SASE deployment—secure access, secure edge. Most of the users within a company started working from outside the company and that is when Umbrella became deployed a lot.

One of the most important features is the security posture check which Umbrella offers when a user accesses any website. That is one of the most unique features that it offers.

I would like to see hardware-based integrations. If a hardware platform were provided for Umbrella, that would definitely improve the market for it. The solution is pretty good, but if a hardware-based solution came through, it would meet all the compliance standards in my country.

Especially when we are addressing governmental customers, they hesitate to connect to the cloud. That is where we need a hardware platform so that the solution can be used on-premises as well.

I have been deploying Cisco Umbrella for about five years.

It's quite stable. I've gotten very positive feedback from the customers who have deployed it within their environment. The feedback has been amazing. It's up and running 99.9 percent of the time, since it's a cloud-based solution. We have had no problems related to bugs or any issues like that.

It is very scalable. Although I'm not talking to the clients anymore, I'm sure that the organization I worked with is working with them to spread the solution to more users who were not covered in the initial deployment. There is an adoption roadmap for this product.

Technical support is included as part of the subscription. At any point in time, if you have any queries, there's a 24/7 TAC number available. You can just call and log a case.

I'm also very satisfied with the documentation provided for the solution.

Positive

The previous solution we used was Akamai, but Akamai was more costly compared to Umbrella, and the consumption model was not favorable. Cisco Umbrella cost at least 30 percent less compared to what Akamai offered.

One of the key aspects of Umbrella is the deployment. It takes a matter of just 30 minutes to deploy it in any enterprise and, as soon as it is deployed, it starts to work, so it is seamless. The benefits are realized immediately.

The implementation strategy is pretty straightforward. On the customer's existing hardware you just have to make the entries that will enable the connection to Umbrella and it starts to run. It's a single-person deployment, a single network engineer. That is the beauty of it; you don't require a huge team to deploy it.

Umbrella doesn't require any maintenance. All the updates happen automatically. The configuration is a one-time process.

It can be deployed on the public cloud and private cloud. These are two of the selling factors, although public cloud is more common. It's a multi-location solution but can also be used by a single headquarters. On average, our deployments are for 2,000 endpoints.

If you look at the ROI, Umbrella significantly reduces investment in hardware-based firewalls. For example, typically, an enterprise has to refresh its firewalls every five years. By using Umbrella, they don't have to change their firewalls, rather the security posture is shifted to a cloud-based provider.

There are no hidden costs with Umbrella. Everything is included in the package.

Other than Akamai, there weren't many providers available in India.

One important piece of advice would be to look at your existing framework and see which use cases Umbrella can address. That will make the adoption much easier.

Umbrella is the best product available as of now. 

In general, we use it for the security of our network.

We wanted to get an idea of what's happening outside of our network and what's coming to our network. We had no way to know before and we were just sitting there waiting for something to happen. At least now we can be proactive.

It has helped us to be more secure. Cisco Umbrella allows us to see threats in real time. We can also see if there are any bad actors inside of our network who are trying to do malicious things. It gives us a quick glance at the situation, at where we are and how vulnerable we are.

Another definite benefit is that it has helped us to remediate threats more quickly.

It's very important that the solution helps support hybrid work. In the past, we might have had one or two people who were working from home because of illness or pregnancy. Now, with 60 percent of our people working from home, Cisco Umbrella has really helped us out with threats that they might not even know exist on their side. We can monitor them and be proactive about them.

Also, if it didn't have a single pane of glass, we would not be using it. The single pane of glass gives you a one-stop shop. It's like going to Home Depot. You find all your stuff there. You can see all your threats and your endpoints. It's a very important feature and makes things very simple.

Another point is that it's very easy to maintain network connectivity.

I have been using Cisco Umbrella for about eight years.

The stability of Cisco Umbrella is very good.

I haven't had to scale it, but I would assume the scalability would be good.

We haven't contacted them from the time we were up and running.

We did not have a previous solution.

The deployment was straightforward.

I used an integrator, Harness LLC, and the experience with them was all good.

Our ROI is due to the level of threats that we don't have to deal with, threats that are being blocked by Cisco Umbrella.

There is room for improvement when it comes to the cost.

We looked at Trend Micro, but that was several years ago.

Look for programs that have a track record and that are proven. No matter what any individual might say, that person can't do it by themselves. They have to have support, and Cisco Umbrella is a good support.

Resilience in cyber security is like raising kids. You really can't stop. You have to be resilient continually. Every day is a different challenge. Just because you're good on Tuesday doesn't mean you're going to be good on Wednesday.
Cyber security resilience has been key for us, with people going home to work or to other places to do their jobs. That resilience keeps them working and keeps our network safe.

I love it. It's almost like trying to look at WiFi. You can't see the WiFi signal with your naked eye. It's the same with threats. You can't see them by just walking around the building. With a tool like Cisco Umbrella, you can see what you have and how to fix it.

For our employees, it means that their systems are working. They have no idea what we're doing behind the scenes to keep their systems working, unfortunately. I wish I could say, "Hey, guys, today Cisco Umbrella stopped 84 threats."