Francisco Cano - PeerSpot reviewer
Engineer at a retailer with 10,001+ employees
Real User
Gives us control and visibility of our network
Pros and Cons
  • "It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security."
  • "I feel that the application needs other characteristics that are available with other applications in the market."

What is our primary use case?

The solution is for filtering web content. We can control user access to applications as well as have visibility into Internet usage.

We are using it on approximately 300 servers. The solution is deployed across three departments. There are about 8,000 users.

How has it helped my organization?

Umbrella gives us control and visibility of our network using administration tools. This is helpful for us. 

The solution is very good for helping workers feel safe, secured, supported, and included.

Employees have accepted the solution. The solution is very good for them and their morale.

It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security.

What is most valuable?

The most valuable feature is its web content filtering.

It is very important for our organization that the solution offers single-pane-of-glass management.

It is very easy to maintain network connectivity. 

The customer experience has been very good.

What needs improvement?

I feel that the application needs other characteristics that are available with other applications in the market.

Buyer's Guide
Cisco Umbrella
March 2024
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
763,955 professionals have used our research since 2012.

For how long have I used the solution?

I have been using it for three years.

What do I think about the stability of the solution?

It works very well across platforms with other providers.

What do I think about the scalability of the solution?

It is very easy to scale.

How are customer service and support?

I have never needed to use their technical support.

Which solution did I use previously and why did I switch?

We have just used this solution.

How was the initial setup?

Our initial setup was very easy.

What about the implementation team?

We used an internal consultant.

What other advice do I have?

Our leaders say that cybersecurity and resilience for our services is very important. They say technology is necessary for developing business with our clients. 

I would rate the solution as nine out of 10. The solution is very good, easy to implement, and manage. The visibility is very user-friendly. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Dan Brunnquell - PeerSpot reviewer
Director Of Information Technology at a financial services firm with 11-50 employees
Real User
Top 5
Works exactly how it's supposed to and gives confidence that when our laptops leave the building, they are protected as if they were behind our firewall
Pros and Cons
  • "When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances."
  • "There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad."

What is our primary use case?

We use Cisco Umbrella to secure our gateway. All of the DNS forwarding coming out of the company from any site or all the DNS requests are forwarded through Cisco Umbrella, and then they determine if that is a safe address and if the content coming back is safe. They will either reject the addressing out of hand, or they'll look at the Layer 7 content and reject that from making it back to us.

We are using the Secure Internet Gateway (SIG) Advantage package. In terms of deployment, effectively, it's deployed from our private cloud. It's in our data closet on our servers.

How has it helped my organization?

It enables us to finally allow laptops to be used as workstations and allow data to leave the building. In the past, laptops were only used for VPN access, but they would connect back to their data inside the company. This has allowed us to have a level of confidence that they're protected as if they were behind our firewall. So, now, we've got work-from-home people who literally have their workstations with them.

We have six sites with 60 to 70 users. The baseline configuration allows for additional protection for any DNS requests as they leave those sites, and then the secondary policy is for the mobile devices as they leave the premises. When they're connected to public WiFi, they have an additional policy that kicks in for that time that they're not connected back to the company. So, when they're on public WiFi without a VPN, the tool will actually put that second policy in place that's more aggressive and offers a higher level of protection when it's not sitting behind the firewall. All that is automated. It's all built into the agent.

We don't allow WiFi inside of our network for connection to our actual business network. As soon as a device is docked, it disables WiFi on that mobile device.

What is most valuable?

When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances.

What needs improvement?

There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad. I can't geofence out. I can plot top-level domains, but .com and .net go global. I can certainly block a China (CN) or a Russia (RU) domain, but that doesn't give me the same level of granularity. 

Apparently, Cisco Umbrella has got that as a feature request to allow an administrator to say, "I specifically only want traffic to and from these countries. Everything else should be dumped." That way, when they're sitting behind my network or they go out in the wild, they have that same level of traffic being blocked.

For how long have I used the solution?

I have been using it for 14 to 15 years.

What do I think about the stability of the solution?

We've had no issues. It has done exactly what it's supposed to do.

What do I think about the scalability of the solution?

It is cloud-based. So, scalability should not be an issue. 

Any increase in its usage is all relative to the growth of our staff. Currently, we deploy the laptops for people who need to work from home or are traveling between the banks. That's roughly about 20% of our total staff. Some people aren't going to be working from home, and some of their jobs can't be done from home. They have no need for mobile devices. If there is a need to work from home, its usage will increase. It is there if we need it to scale, but at this point, it is not scheduled to change.

How are customer service and support?

Once I became a paying customer, it was much better. The preliminary training is there, but when you get into the nuances and the details of some of its capabilities, you need to talk to tech support. Once you're a paid customer, you get direct access, and then it's good. When I'm able to get a hold of them, their technical support is a 10 out of 10.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I didn't use any similar solution previously. 

How was the initial setup?

I was a hundred percent involved in its deployment. We had a couple of issues. The proof of concept was done without a lot of planning. So, there were some mistakes made along the way. If I was doing it again the second time, I wouldn't make the same mistakes. 

The default configurations have your baselines. Those are never supposed to get changed, and I changed and tweaked those for our proof of concept. After a couple of weeks, I had some additional guidance from the Cisco Umbrella team. You leave the baseline configuration, and then you clone and create a new configuration that sits in front of it. So, everyone gets the baseline, and you don't change that. If you want to change it, you make a new policy and then make the changes to that. If you change the baseline default policy and you make a mistake in it, you've to back that all out. If you make it in the new policy, in the worst case, you just delete it, and automatically everyone goes back to baseline. So, there's still a policy in effect. That was a training issue that should have been resolved. Now that I've done it, if somebody asks me, I would say that this is the way you've got to do it.

What about the implementation team?

It was just me taking care of its deployment. In terms of maintenance, once it's configured, unless you're retweaking and adding or removing something that was blocked, it pretty much runs itself.

What was our ROI?

I have less maintenance to resolve, fix, and reconfigure VPN clients personally, and the feedback from the end-users is that they're more productive.

What's my experience with pricing, setup cost, and licensing?

We were using the free version, and we implemented the paid version about two months ago.

I'm paying a fair price, but everything is negotiable with Cisco. One of the benefits that I got by having Cisco Umbrella is the licensing of the Cisco AnyConnect VPN client. There has always been an issue for years and years with Cisco Meraki in terms of VPN clients and using the native built-in Windows client. It keeps reconfiguring itself. By using Cisco AnyConnect as the VPN client, it's not affected by Windows patching or people typing in passwords by mistake. It's more resilient and doesn't change. With just Meraki solution, there was an extra expense for the Cisco AnyConnect VPN client. By having Cisco Umbrella, that licensing is now included.

Which other solutions did I evaluate?

There were a couple of other options, and I discussed them with another consultant. As a regulated industry, we have to do vendor management, and vendors have to be vetted. So, Cisco was already a vetted vendor. There are other companies that do the same thing, but Cisco didn't require me to do any more vetting. They were already a vendor.

What other advice do I have?

When it's configured the way it's supposed to work, it turns itself on and off based on the status of the VPN or the dock condition. Once it's configured, it does exactly what it's supposed to do. 

If you're doing a proof of concept on it, fully understand how the policies are configured and what the flow is. You should understand the hierarchical status of the policies to configure it right the first time. You don't really want to guess it.

I would rate it a 10 out of 10.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Umbrella
March 2024
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
763,955 professionals have used our research since 2012.
Theofilos Tzachristas - PeerSpot reviewer
IT Systems Engineer at a tech vendor with 501-1,000 employees
Real User
Top 10
The solution is easy to use, you don't need an expert to operate it
Pros and Cons
  • "The interface is well organized, so you can easily find everything. Even if you don't have much experience with Cisco, you can easily navigate the solution and find your way around. Everything has been done well, from the deployment to monitoring."
  • "Cisco Umbrella hasn't integrated customized reporting yet. With Cisco Secure Endpoint Hub, I can see a report on user downloads and set it up to constantly get an email alert. Based on my understanding, Cisco Umbrella can't do that. You can set it up with third parties, but it would be better if that were built into the platform."

What is our primary use case?

Cisco Umbrella enables all of our end users to browse the internet and internal networks securely. It can block different things like sites and applications that they shouldn't access according to company policies. For example, we can block different applications or specific site categories.

We also use Cisco SecurePort and SecureX, which is a platform for integrating various Cisco products. We have already integrated Cisco Secure Endpoint and Cisco Umbrella through SecureX, which offers a single pane of glass so you can see all the problems. We have also integrated our Meraki firewalls and access points. We have 500 users, and each of them has the Umbrella agent installed. If you're working in the office, you don't need it because every computer is protected by Umbrella. 

How has it helped my organization?

The main benefit of Cisco Umbrella is to prevent the end users from becoming victims of phishing attacks or malicious links in an email. It isn't necessarily about making the users more efficient or productive, but it could help with that. For example, if someone mistakenly clicks on a link and their device is infected, we may need to take it offline for a day or two in order to resolve it. We don't have these incidents, so we can ensure that users won't be affected by any malicious activities and can continue doing what they're doing without worrying about other departments getting infected.

Umbrella lets you inspect client Internet traffic as if it were flowing through a traditional data center security stack. The main thing you can do is check the destination they're trying to access, but you cannot inspect the package. You can see the URL, but you cannot fully inspect the way we're actually using it. The primary goal is to block or allow specific URLs. We don't do any inspection or use any proxy to inspect traffic. 

I would say that we save money using this product because it's easy to use, so you don't need an expert to operate it. It requires some expertise, but it's simple to monitor and maintain. Also, when we want to set up offices in new areas, it's easy to integrate. 

Umbrella is constantly discovering new vulnerabilities. The solution's ability to discover zero-day attacks without significant changes to the platform is crucial. For example, we prohibit certain categories of websites like gaming or gambling, and the categories are constantly updated. We don't need to update the categories to add new websites or constantly check those reports because we know that Umbrella does what it's supposed to. 

What is most valuable?

The interface is well organized, so you can easily find everything. Even if you don't have much experience with Cisco, you can easily navigate the solution and find your way around. Everything has been done well, from the deployment to monitoring. 

The application is really stable. We never have problems with Cisco not working for our end users. We have an internal communication hub. The office implementation is integrated with our security systems and firewalls, but we also have users worldwide working from home. Our employees are pleased with the user experience, and we've never had reports about Umbrella not working properly or being unable to access a site. It's integrated with Cisco AnyConnect, so our users can access it through a VPN solution.

Umbrella actively processes and blocks malicious DNS queries daily, which is helpful for us because we're a small team. We heavily depend on the tool to do its job properly. It works nicely out of the box. You have to do a little initial configuration, but after that, it blocks everything we want and nothing we don't. We've gotten some false positives with other products, but we've never experienced that with Cisco Umbrella.

Guest internet access is easy to configure. We set more restrictive policies for our guest users, but it hasn't been difficult to spin up consistent policies in three or four different offices. We just attached the policy that we have for guest users to a specific wireless SSID.

Umbrella combines multiple security functions into a single dashboard. If you use Cisco SecureX, there is a dashboard in Umbrella, but you have to look at different areas. In Cisco SecureWorks, you can add the tasks and dashboards you want to monitor, but Umbrella is more standardized, so you cannot make many changes. In addition to the dashboard, we have some daily reports and email alerts. It does what we want. 

What needs improvement?

Cisco Umbrella hasn't integrated customized reporting yet. With Cisco Secure Endpoint Hub, I can see a report on user downloads and set it up to constantly get an email alert. Based on my understanding, Cisco Umbrella can't do that. You can set it up with third parties, but it would be better if that were built into the platform. 

For how long have I used the solution?

I joined this company a year ago, but they had already been using Cisco Umbrella for more than three years. 

What do I think about the stability of the solution?

I have never experienced any outages or downtime. It works all the time.

How are customer service and support?

I rate Cisco support nine out of 10. We had to open a ticket because we had some issues installing the agents, but we haven't had trouble since then. The technical team responded and fixed our issues quickly.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used a similar SaaS solution by Palo Alto, but Cisco Umbrella seems to be quite unique because it's a DNS layer. I'm not sure if any other company is doing the same thing. We integrate Cisco Secure Endpoint and Cisco Umbrella to provide end-user detection and prevention. It does what it's supposed to do with most of a lot of admin work. It's a gateway.

How was the initial setup?

I wasn't part of the deployment, but it seems to be straightforward based on what I have seen. It requires a few adjustments to the firewalls and some integration, but it seems relatively simple. We needed to help the users working from home install the agents for Umbrella and AnyConnect, and this was also straightforward to deploy with Kandji, our MDM system.

After deployment, Umbrella doesn't require much maintenance because it's a SaaS application like Gmail. You don't have to do anything except the admin work, such as adding websites or categories. However, Umbrella uses an agent, so we need to update the engine. We can automate all these things, so the maintenance is minimal. 

What was our ROI?

It's hard to quantify a return, but the cost of a malware attack or customers losing private information is potentially very high. I don't have the numbers for those things, but Cisco Umbrella helps us to avoid those issues. A breach can harm our reputation and damage the entire organization.

What's my experience with pricing, setup cost, and licensing?

Cisco Umbrella is reasonably priced for what it does. I don't have any numbers to compare it with because I don't recall what the other solutions cost. 

What other advice do I have?

I rate Cisco Umbrella nine out of 10.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Global CTO at a wholesaler/distributor with 1,001-5,000 employees
Video Review
Real User
Hassle-free implementation, effective user safeguarding, and high level support
Pros and Cons
  • "The primary advantage of Cisco Umbrella is its ability to safeguard our users no matter where they are working from - whether it's in the office or remotely, as per the new work model that has emerged globally. This integrated security solution has simplified our lives by combining all the necessary security measures in one product. Additionally, deploying the product is all it takes to protect all our users."
  • "Although Cisco Umbrella has an excellent global network footprint, there is still room for improvement and growth in this area. Additionally, there are bandwidth limitations associated with the connectors that need to be addressed. To be a viable solution for larger offices, Cisco Umbrella must continue to expand and improve its capabilities in these areas."

What is our primary use case?

We started using the standard version of the Cisco Umbrella to upgrade to a newer version last year.

How has it helped my organization?

As a company with a global presence spanning over 110 countries, Cosentino requires a uniform security solution that can ensure the safety of its users. Our search for an ideal solution led us to seek one that was easily deployable, integrated seamlessly with our existing systems, and offered robust protection. After thorough market research, we found that Umbrella was the most suitable solution for our needs.

Cisco Umbrella has notably enhanced the perception of security among our users. The solution is seamless and transparent for them to use, and they feel protected at all times. This makes it an excellent solution for users in terms of their experience. Additionally, as mentioned earlier, the quick deployment time is critical for our organization, and Umbrella has significantly improved it.

Cisco Umbrella is an ideal product for our organization because it is a standardized solution that can be implemented uniformly across the entire organization. It adheres to industry standards and provides the same high level of security to all users, regardless of their location or role within the organization. This consistency in security measures ensures that every user in the organization is protected to the same degree.

Thanks to the standardized solution offered by Cisco Umbrella, our IT staff has been able to focus on other projects. Once deployed, we no longer have to worry about security in that particular area. The solution is easy to deploy and seamlessly integrated with our infrastructure, making our lives much easier in this regard. Overall, it has significantly reduced the burden on our IT staff and allowed them to focus on other critical projects.

Cisco Umbrella has enabled us to consolidate our various tools and applications by providing comprehensive security coverage for our users, whether they are working in our office or remotely from home. With Cisco Umbrella, we can address all our security needs related to browsing and network security. While it's not mandatory, we have eliminated the need for most physical firewalls worldwide by leveraging Cisco Umbrella's capabilities. This solution has proved to be a game-changer for us, as it simplifies the deployment process significantly, as previously discussed.

What is most valuable?

The primary advantage of Cisco Umbrella is its ability to safeguard our users no matter where they are working from - whether it's in the office or remotely, as per the new work model that has emerged globally. This integrated security solution has simplified our lives by combining all the necessary security measures in one product. Additionally, deploying the product is all it takes to protect all our users.

What needs improvement?

Although Cisco Umbrella has an excellent global network footprint, there is still room for improvement and growth in this area. Additionally, there are bandwidth limitations associated with the connectors that need to be addressed. To be a viable solution for larger offices, Cisco Umbrella must continue to expand and improve its capabilities in these areas.

For how long have I used the solution?

I have used Cisco Umbrella for approximately four years.

What do I think about the stability of the solution?

Cisco Umbrella has generally been a stable solution for us, although we have encountered some issues with the new connectors. Currently, we are experiencing some minor problems with disconnections or other issues, but these occurrences have been infrequent.

What do I think about the scalability of the solution?

While the solution is currently scalable, we recognize the need to continue expanding our connection points and bandwidth in order to accommodate future growth.

How are customer service and support?

The support provided by Cisco Umbrella is excellent. In addition to the standard support included with the product, we have also opted for an additional support layer provided directly by Cisco. We have been extremely pleased with the level of service we have received thus far.

While there are areas where improvements could be made, such as the RMA process, overall we are satisfied with the level of service provided by Cisco Umbrella.

I rate the support from Cisco Umbrella an eight out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

Deploying Cisco Umbrella proved to be a hassle-free experience for us. Since our SD-WAN is based on Cisco Meraki products, integrating Cisco Umbrella with Cisco Meraki was an effortless process. This integration has enabled us to implement the first SASE solution in our organization, and the combined solution of Cisco Umbrella and Cisco Meraki has helped us to set up new offices in less than 30 days, which is a significant improvement compared to the five to six months it used to take us earlier. This has led to a remarkable enhancement in our deployment speed, which is truly amazing.

What was our ROI?

Calculating the return on investment for a security solution is a challenging task, as it can be difficult to measure. While we have not performed a formal assessment of the return on our Umbrella implementation, I am confident that it has yielded a favorable outcome for our organization.

What's my experience with pricing, setup cost, and licensing?

The licensing and pricing structure of Cisco Umbrella is in line with standard systems on the market, and we have no specific requirements in this area. Overall, we have found it to be an acceptable pricing model for our organization.

Which other solutions did I evaluate?

One of the main reasons we chose to implement Umbrella over its competitors was due to its extensive global network footprint, which closely matched our own footprint at Cosentino. Additionally, Umbrella's user-friendly interface was preferred by our users over other solutions, making it a more appealing option overall.

What other advice do I have?

My advice to others would be to ensure that the Cisco Umbrella footprint aligns with the organization's needs. This is a crucial factor in ensuring that the product works well for the company.

I rate Cisco Umbrella a nine out of ten.

My main goal with Cisco Umbrella is to ensure protection for my users, regardless of their location. Additionally, the solution provides a positive user experience and is overall a great product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Aditye Kumar - PeerSpot reviewer
Principle Consultant at a energy/utilities company with 10,001+ employees
Video Review
Consultant
Enables us to inspect all the user traffic generated from anything
Pros and Cons
  • "By using Cisco Umbrella, you are sure of inspecting all the traffic. Whenever the user machine is connected to your network, it is inspected. That's the best thing. It means you are sure that nothing is being exported or imported without your choice. That is the best feature."
  • "If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel."

What is our primary use case?

I'm a principal consultant for one of the energy sector companies, which basically extracts oil and gas and also deals with solar energy. We are dealing with anything related to energy. It's a supply chain as well.

We have been using Cisco Umbrella for more than one year. Basically, after the COVID situation, when the hybrid model came, we needed to give work-from-home options to the employees and look into cybersecurity. We had to get some cloud security. That is why we have introduced Cisco Umbrella.

How has it helped my organization?

We chose Cisco Umbrella because it's a better option industry-wide. It can inspect all the web traffic from anywhere. When traffic is generated from any local internet, it might be anything. It doesn't qualify for cyber security for any company. That's why you have to have something to inspect all the traffic. Cisco is a good vendor for us. That's why we chose Cisco Umbrella.

By using Cisco Umbrella, you are sure of inspecting all the traffic. Whenever the user machine is connected to your network, it is inspected. That's the best thing. It means you are sure that nothing is being exported or imported without your choice. That is the best feature.

It generates alerts, and you can integrate it with your ticketing tool. When it's integrated, it can also generate a ticket. That means you know when something is wrong or what's going on. It has helped a lot during this hybrid model, and I don't think that this hybrid model is going anywhere. So, you can simply say that Cisco Umbrella is a good tool for the future as well.

It hasn't freed up our IT staff for other projects because no one thought about this work-from-home model before COVID. There were many alerts after Cisco Umbrella was installed, which means many staff members were invested, but its automation, such as automatically generating alerts and automatically assigning tickets to a queue, has helped a lot. We don't need to do any physical or manual inspection. It's being done automatically, which is a good point, but it hasn't decreased any resource hours.

What is most valuable?

It's the best tool to inspect everything. We can inspect all the user traffic generated from anything.

What needs improvement?

If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel.

For how long have I used the solution?

We have been using Cisco Umbrella for more than one year.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jennifer Moxey - PeerSpot reviewer
Network Security and Data Center Manager at Napier University
Real User
Provides insights, protects our users, and has good value for money
Pros and Cons
  • "The insight into what our users are doing via Cisco Umbrella is valuable. Knowing that we're protecting our users as they leave our network is also valuable now because we've got more hybrid working."
  • "They should provide more integrations and bring things together so that there is a more standard feel to their platform. We also use Cisco ISE, and it has a very different feel from Cisco Umbrella."

What is our primary use case?

We're using Cisco Firepower to replace the ASAs as perimeter firewalls to the university's network. We're predominantly using Cisco Umbrella for web filtering of staff and student web traffic that is generated from the university campuses.

How has it helped my organization?

Cisco solutions are simple, efficient, and effective. We're definitely seeing that our users are protected by using these solutions. We're using Cisco Umbrella to protect around 1,500 staff and about 15,000 to 16,000 students. At any one time, on our campus, we could have 3,000 student endpoints protected and about 1,500 members of staff with laptops who are working hybrid since COVID. So, they're protected when they're on campus and when they're off campus. As a university in Edinburgh with three main campuses, we have two internet connections where firewalls protect us from bad stuff on the internet.

Cisco solutions have invariably saved us time. Without them, we would've had ransomware attacks and cyber attacks. So, they have helped protect us as much as they can. I don't have the metrics, but it's a university, so we're probably quite often under attack.

Our operating expenditures (OpEx) haven't really reduced. With moving to subscription-based, our OpEx has probably gone up rather than our CapEx coming down. 

What is most valuable?

The insight into what our users are doing via Cisco Umbrella is valuable. Knowing that we're protecting our users as they leave our network is also valuable now because we've got more hybrid working. With Cisco Umbrella and Cisco Secure clients on all our hybrid working laptops, we know that our staff is secure even when they're working from home.

What needs improvement?

They should provide more integrations and bring things together so that there is a more standard feel to their platform. We also use Cisco ISE, and it has a very different feel from Cisco Umbrella. We also have some Meraki products which feel very different from others. It's like you have to learn something new with every product you buy.

For how long have I used the solution?

We've had Cisco ASAs, but we're just in the process of replacing them with Firepower, so Firepower is quite new. We've been using Cisco Umbrella since 2020.

How are customer service and support?

We have a good Cisco partner called Ping Network Solutions in Scotland, so anytime we need to reach out for a bit of advice, we can ask them. We had good pre-sale support with Cisco as well to ensure that we get the right products that match our requirements. I'd rate their customer service a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Instead of Cisco Umbrella, we used Zscaler for web filtering, but we've always had Cisco firewalls.

When we switched in 2020, Zscaler didn't seem to be developing their product as well. It didn't match our requirements anymore.

How was the initial setup?

I was involved in its deployment although I had a technical team working underneath me. It was easier than Zscaler because Zscaler made us have two instances, one for staff and one for students. It was very complicated, and we had to route traffic in different ways. Being able to do it by DNS with Cisco Umbrella was just easy.

I managed the team that was deploying it. My role involved making decisions about what traffic and which groups of users we put through first, some early field tests, and things like that.

What about the implementation team?

We did it all by ourselves.

What was our ROI?

We have seen an ROI. With Zscaler, we had more operational issues than we've had with Cisco Umbrella.

What's my experience with pricing, setup cost, and licensing?

You get what you pay for.

What other advice do I have?

We use Cisco Firepower, and we use Cisco Umbrella. Currently, these two products are not very integrated. We don't have the complete suite of Cisco solutions. We just have two that aren't joined. We also work with other technology partners, such as Microsoft, but in terms of the perimeter of our network, it has always been a solid product like the Cisco firewall.

I'd rate Cisco Umbrella a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ray Smith - PeerSpot reviewer
Head of Solutions at a tech company with 51-200 employees
Reseller
Is simple to administer and implement, and helps consolidate existing tools
Pros and Cons
  • "The most valuable features are the dashboard, visibility, and reporting capabilities. Our customers can see how much Umbrella is protecting their organization. If you don't know what you've got, you can't protect it. With Umbrella, you get the visibility and see the protection that it's providing. We can get PDF reports on a weekly basis of any malware activities and any denial of service or command-and-control-type activities."
  • "The firewall capabilities could be better. Cisco is starting to introduce some layer 7 capabilities now, but there's still some room to grow. They should continue with the development of Umbrella so that it is a full-blown cloud-managed firewall solution."

What is most valuable?

The most valuable features are the dashboard, visibility, and reporting capabilities. Our customers can see how much Umbrella is protecting their organization. If you don't know what you've got, you can't protect it. With Umbrella, we get visibility and see the protection that it's providing. We can get PDF reports on a weekly basis of any malware activities and any denial of service or command-and-control-type activities.

Cisco Umbrella is very simple to administer, and that's what our customers really like. They don't want the complexity that's normally associated with security.

Cisco Umbrella definitely reduced our clients' mean time to repair. It does what it says it does, and it does it effectively.

Cisco Talos is the secret sauce. It's the threat intelligence that feeds security solutions such as Cisco Umbrella. You can have a security solution, but if it is not backed by an organization like Talos and has not been fed, watered, and looked after, then it will be pointless.

Our clients have been able to consolidate applications and tools related to DLP, CASB, web proxy, and SSL decryption. These are natively built into the Umbrella platform. We're now on the cusp of looking at SASE and, maybe, migrating away from the traditional on-premises firewalls and merging more toward the cloud. In the future, as we start the transition to zero-trust network architecture as well as SASE it will certainly help our customers consolidate a lot of their existing tools.

What needs improvement?

The firewall capabilities could be better. Cisco is starting to introduce some layer 7 capabilities now, but there's still some room to grow. They should continue with the development of Umbrella so that it is a full-blown cloud-managed firewall solution.

For how long have I used the solution?

We've been using and selling Cisco solutions since Cisco acquired OpenDNS.

We like to use technology first ourselves. It makes it easier to talk about it and sell it. Also, it's a good reference for customers to see that we actually use it internally. Umbrella has been a fantastic solution for us and our customers.

How was the initial setup?

The initial deployment could take a couple of days depending on the deployment model. Cisco Umbrella could be up and running quickly. You can instantly point your DNS servers to use Umbrella's DNS as its recursive DNS, and immediately, you'll be protected by Umbrella. You can take it further and get more granular controls by using AD integration, which can take a little bit longer. From an engineering point of view, it's a very light touch, which is unusual for security solutions. They're normally pretty complex. Cisco Umbrella, however, is a simple but powerful solution.

Given that it's a cloud-delivered platform, Cisco takes care of the upgrades. It requires a pretty light touch in terms of maintenance.

What's my experience with pricing, setup cost, and licensing?

I think Cisco Umbrella is priced well. We have a mix of customers with different verticals such as education. We have clients in the commercial space as well. Umbrella is at a good price point for all of our customers.

What other advice do I have?

We choose to sell Cisco because it has done phenomenally well in terms of some of its acquisitions and the way they've integrated Umbrella. It could be a flagship security solution for Cisco. It's been a game-changer for us and has opened up new avenues and new revenue streams as well.

As a Cisco Secure reseller, we're able to articulate the benefits of the solution to the customer because we are a technically-led organization. We've got a lot of in-house skills within the cybersecurity space. We don't sell for the sake of selling. We want to provide the right solution, and Umbrella is absolutely the right solution as far as we're concerned. It is the leader, especially from a DNS level protection.

Cisco Umbrella is a phenomenal security solution. It's got the right balance between complexity and ease of use. Therefore, I would rate it at nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Alfonso Reimunde - PeerSpot reviewer
Independent Business Owner at Practical Information Systems
Real User
Top 10
A proactive security layer that filters outside the network that is scalable and easy to set up
Pros and Cons
  • "The most valuable feature is the ability to filter malware sites that could infect clients or allow them to download infected files."
  • "The rule-making process for blocking sites or for blocking characteristics can use some simplification."

What is our primary use case?

I had an agreement with OpenDNS which was the original owner of the solution, and I was selling it as an MSP. In Spain, I offer it to a company called Ares Capital. At the start, it was designed to filter URLs for sites that management didn't want the people to access, such as adult sites and social media sites that may cause a loss of work time. A few years later, the solution introduced the ability to filter malware sites. We used that not as an accessory characteristic, but as the main characteristic. We moved from filtering unwanted sites to filtering malware and virus-infected sites. We still use some filtering for unwanted sites, but mostly for security reasons.

How has it helped my organization?

Cisco Umbrella was designed to allow hybrid work. When the COVID pandemic started, we didn't have to do anything at all because the computers were already set up for remote work. With Cisco, it doesn't matter where the computer is as long as the computer is using the DNS servers that Cisco Umbrella works with. If it's part of a laptop or wherever you are in the world, it works exactly the same as being in the office. 

It is very important the solution provides a single pane of glass management for our organization in order to help manage the complex software and programs that companies use. This saves a lot of time for managers.

The single pane of glass management optimizes the user experience by allowing the user to access restricted sites much faster and easier from a centralized location.

Cisco Umbrella helps us remediate threats quickly. The solution doesn't work with our internal network, it instead works with the DNS servers that are located all around the world. This means Cisco Umbrella doesn't have any effect on our network whatsoever. In fact, Cisco Umbrella is totally different from other solutions that are locally based, which filter on routers or firewalls. The solution acts as an outside firewall. The rules that are set up on the Cisco Umbrella management site affect the connection between the computers everywhere, but it doesn't slow them down.

The employee morale has improved with Cisco Umbrella because they don't need to be as cautious when visiting sites knowing that the solution is taking care of their security for them. The only thing that could happen to an employee is that they may need to access a site that is blocked and they have to report that blocked site. When a site is blocked for an employee, a page appears on their computer and they can report that blocked site from there. The employee can send the administrator a direct message requesting access. A blocked site occurs infrequently and the administrator can unblock the site quickly.  

What is most valuable?

The most valuable feature is the ability to filter malware sites that could infect clients or allow them to download infected files.

Cisco Umbrella is one of the best solutions in the market because it's very simple to use and very simple to set up. We require some knowledge of filtering rules, but it doesn't take that long to get familiarized with them. We can manage all the working locations, even if they are far away from a single point and the solution is easy to use. The vendor is a pioneer in the central management of security compared to other antivirus companies.

Cisco Umbrella provides a single pane of glass management.

 Cisco Umbrella doesn't slow the network down because it filters outside of the network.

Cisco Umbrella is not a solution that we can rely on for everything, but for the cost, it is a valued layer of defense that we can depend on. Cisco Umbrella's resilience complements any antivirus solution well. The main advantage of Cisco Umbrella is that it stops attacks from happening before they reach the antivirus solution.

Cybersecurity resilience is important to our organization because we provide software-driven services. We need to contact people from all over the world, We need to be able to navigate through many different sites safely. This gives peace of mind to our customers. We visit thousands of websites every year and it is important to have a solution that takes into account that we are not visiting the same websites repeatedly.

What needs improvement?

The rule-making process for blocking sites or for blocking characteristics can use some simplification. For example, types of malware. This would make it easier to use because it has a learning curve.

There is a possibility of creating users that have explicit permissions to access sites that nobody else should access. This process can be cumbersome and it would be helpful if there was an easier way to create users and assign roles to special users.

Cisco could ease the process of defining the number of licenses and the price considering the number of licenses we require. Currently, we have to get a quote for anything over 100 licenses.

For how long have I used the solution?

I have been using the solution for ten years. Before the solution was acquired by Cisco it was OpenDNS Enterprise.

What do I think about the stability of the solution?

The solution is extremely stable. 

Maintaining network connectivity is very easy. We have not had any downtime in over 10 years. Cisco Umbrella doesn't work directly through the network. It works with the DNS servers that are outside of the network. The network itself doesn't affect it at all. Cisco Umbrella doesn't affect the internal workings, hardware, software, switches, or routers. As long as we have set up the DNS correctly in the computers, either locally or through Active Directory, everything works no matter what happens with our network.

What do I think about the scalability of the solution?

The solution is scalable. We started off with around 40 computers and now have over 200.

How are customer service and support?

I contacted technical support two or three times by email because I had doubts about a rule, but it was pretty straightforward. They responded back within 24 hours. I'm not sure if we can contact them now by phone because I have only used the email method.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we were using an antivirus company for antiviral protection. The problem with antivirus is that it's reactive. It does not proactively avoid infection. Cisco Umbrella is proactive because it blocks sites before we may get an infection. We don't react to infections; we proactively avoid infections. Although there are solutions now that do the same, Cisco Umbrella was the first to market.

How was the initial setup?

The initial setup is straightforward and only required one person. Setting up the solution usually takes between 30 minutes to an hour. However, the rules are always changing, so we never truly finish setting it up. We're always changing the configuration of the sites by blocking or allowing or adding new sites to the blacklist or whitelist. 

To change the local DNS settings to use the Cisco Umbrella service, we only need to make a few changes. If the computers are connected to Active Directory, we can deploy the configuration through Active Directory so we don't have to mess with anything else. The solution is based on the cloud, so we get a lot of detail and granularity in what sites the computers can access. However, if we want more detail, we can install a small agent on the computer so they can report to the servers.

What about the implementation team?

The implementation was completed in-house.

What was our ROI?

We have definitely seen a return on investment given the low cost of the solution.

What's my experience with pricing, setup cost, and licensing?

Cisco has a set price for a single license up to 100, but whenever we get over 100, we have to ask for a quote. Sometimes requesting quotes makes the process a little harder because people's trust waivers when having to ask for quotes. We want to see the prices upfront.

What other advice do I have?

I give the solution a nine out of ten.

The solution is very good, one of the best in the market because it is so easy to use and so easy to manage even from far away distances. The company has four locations, one in Madrid, one in Valencia, another in Alicante, and one in Barcelona. The solution allows me to manage all the sites from one location easily.

Given the rise in attacks and virus infections all over the world recently, it is important to have layers of security. The less intrusive solutions are better for us. I believe that Cisco Umbrella is a solution that everybody should have because the solution is easy to set up and manage. Cisco Umbrella gives us peace of mind, which is why I believe it is a great solution. I had problems in Spain when I tried to set up Cisco Umbrella for other companies but this was because people didn't know about the solution or trust it as much as they should.

Initially, we implemented the solution for the central branch in Madrid, and after that, we implemented it in the regional branches. We then differentiated between departments, and in the end, we were managing departments and offices.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: MSP
PeerSpot user
Buyer's Guide
Download our free Cisco Umbrella Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Cisco Umbrella Report and get advice and tips from experienced pros sharing their opinions.