We're actually in the process of using this to replace our current web proxies. We use both, side-by-side, at the moment. The plan in the future is to eventually get those replaced with Umbrella so that we can have an overall, overarching proxy either that's based in the cloud or whatever we need. But this currently is our most convenient way of replacing web proxies across all of our locations at our company.
Network Planning Associate at a manufacturing company with 1,001-5,000 employees
Video Review
We can see all of our locations in one place and only have to make changes once for all our locations
Pros and Cons
- "Umbrella, being one pane for managing, being all-encompassing, allows us to quickly go in, make a change, and it applies to either every location, if we want it to, or we can have policies in place that only apply to certain users or certain computers."
- "Overall, as a program, it has saved us a ton of time and stress by not having to worry about malware or viruses or anything malicious."
- "In my experience with Umbrella support, sometimes the response times take a bit more time than we would like... sometimes, if you go through email, it can take quite a while to get a response."
What is our primary use case?
How has it helped my organization?
It's definitely made things more centralized. Our current setup is that we have proxies, either physical or virtual, throughout our different locations. Each location has its own proxy at the moment. What's nice about Umbrella is that we can just go into the site and see all of our locations in one place and look at all of our computers, users—everything. It's not divided into separate proxies that we have to go into and figure out which person's using which proxy. Umbrella lets us just see everybody at once, which is really handy for us, and we don't have to spend too much time messing around with figuring out who's where and which location needs this change. [We can just make] changes throughout every location at once, rather than one at a time with those proxies that we currently use.
The past couple of years, [the fact that the solution helps support hybrid work has been] especially important because now we can't use those proxies if people aren't onsite. The way our network was set up was that we had it filtering through the firewall and the firewall was taking certain subnets and filtering those through the proxy. But obviously, when people work from home, we had to get a VPN connection set up. Before COVID, we did not have a work-from-home solution at the time, so everybody had to be in the office. Obviously, that all changed very quickly and Umbrella became a much bigger priority for us because that was our main replacement for those proxies at the time.
We had to expedite the process of setting it up, but what was nice about Umbrella was that it was so user-friendly, it was so easy to set up on our end, that it didn't take as much time as we thought it would. It just simplified the entire process throughout the couple of years that we have especially needed it. But what's cool about that is that now, it's a permanent part of our network. Thanks to the last couple of years, we use it all the time now. It wasn't just a temporary solution for hybrid work because now we use it for both. We have the ability to do hybrid work, but we also have the ability to use it for our employees onsite as well.
[When it comes to threat remediation] most of it is automatic so we don't really have to worry about it too much. Umbrella will just block something if it detects it as malware. That is a super convenient feature for us, that we don't have to manually review every single site. If we do have to review a site, it's nice to have that investigative tool. We put in the URL and it gives us a risk score, depending on how dangerous that site might be. That's super helpful for us to analyze that site, take a look at it, and make a decision on whether we need to block it, or if it can be unblocked. Every situation is different, but Umbrella makes that summary page very convenient for us. It allows us to make decisions much faster and more efficiently.
Our cyber team is a bit different from our network team. We have a separate team for that, but it's nice because they also use Umbrella for a lot of that, depending on what the site is. We use the investigative tool for the risk score, but it also comes with a few other tools, and part of that is just so that they can assess what's safe and what's not safe and what might be detected as malware. Obviously, they have other tools for that as well, so Umbrella is just one cog in the big system. But it definitely allows for easier communication between our teams because we both use it and we can both understand it. It's user-friendly enough so that we can make decisions with them based on what Umbrella tells us and how we interpret that information depending on the site, the situation, the risk score, everything.
We have a lot of employees, a few tens of thousands. We get probably hundreds [of threats blocked] every day. I wouldn't be able to give an exact number on how many are blocked. The main ones we look at are the ones that people request us to specifically look at because they might not think that something was supposed to be blocked, or something is not working properly, and we can go in and investigate that. But there are probably hundreds to thousands of blocks per day on the sites, across all of our locations. That automation allows us to relax a little bit easier and know that our network is much safer with Umbrella on it than it is off. The automatic side of it is basically saving our jobs. That really helps, and we're able to look at anything. Overall, as a program, it has saved us a ton of time and stress by not having to worry about malware or viruses or anything malicious.
What is most valuable?
One of the coolest features, for me at least, is to be able to type in a website and have it give an overall summary of how safe that website appears. Part of that is just so that we can investigate. And if there's any sort of confusion between our cyber team and us, we can look further into that site and dive more into that risk score that Umbrella gives us. We can just analyze [those sites] and make sure that we're unblocking safe sites and blocking sites that we deem could be harmful for our employees.
I would say it provides single-pane-of-glass management. We still, of course, use those old WSAs, but in the long run, our plan is to get those replaced with Umbrella. We have locations in Japan, Korea, China. So it's a little bit more difficult to go through one proxy for all of those, especially because it's a bit slower. What's nice is, [with] Umbrella being in the cloud, we can just go into the site, see everything from the management console in that page. Nothing is slow [and] nothing is hosted by us so that we don't have to worry about network issues or management issues. Everything is just laid out right in front of us from the Umbrella dashboard on the internet, in the cloud. And that makes it super helpful for us to just manage all that from one spot across all of our locations across the world.
We aren't a very big team, so that's the main thing. Going through filtering web traffic or blocking sites or unblocking sites, whatever we need to do, can be a bit tedious, especially when we have all these different locations and we would have to go into each location specifically to perform these tasks. Umbrella, being one pane for managing, being all-encompassing, allows us to quickly go in, make a change, and it applies to either every location, if we want it to, or we can have policies in place that only apply to certain users or certain computers. And that makes it super useful for us because we're not messing around with jumping into all these different locations and manually doing each and every one individually. It is extremely helpful for us and it improves efficiency exponentially.
For how long have I used the solution?
I have personally been using Cisco Umbrella for almost a couple of years. Our company implemented it about five or six years ago. Most of that time was spent getting it set up, but we've really been using it more within the last two or three years now, so it's still pretty new to us at the moment.
Buyer's Guide
Cisco Umbrella
July 2026
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,680 professionals have used our research since 2012.
What do I think about the stability of the solution?
[In terms of maintaining network connectivity] obviously it depends on the situation. With Umbrella, it's a bit easier, for sure. There are times where Umbrella, on their side, is having an issue and we're notified of that issue. But in that case, there isn't really much on our side that we can do. To that extent though, the pros outweigh the cons. It's pretty rare that Umbrella is having a problem. The way that our network is set up is that we can reroute traffic pretty quickly using our other Cisco devices, so it's not usually a big issue for us. We have fewer problems with Umbrella than we do with our physical WSA proxies that we currently use, because that is something that we would have to troubleshoot on our end, and we're not always there on site to be able to do that. Then we have to go through someone else who's over there and they have to console us in and we have to troubleshoot whatever's going on over there.
With Umbrella, it's nice to have them tell us what's going on so that we're aware of the situation. If there are any problems, then we'd know what the issue was and how we could work around it. That makes it a bit simpler for us.
Network connectivity isn't really a huge issue for us with Umbrella, specifically. Our use case mainly is just for blocking internet traffic, making groups. We have social media groups where we allow certain computers in places to have access to certain social media sites that we wouldn't normally do. We have other sites being blocked, depending on their use case. That's mainly our function with Umbrella. Internet connectivity is usually not a huge issue regarding Umbrella with us, but if it ever is, it's nice that they communicate the issue to us, [so] that we can work around it.
How are customer service and support?
In my experience with Umbrella support, sometimes the response times take a bit more time than we would like. Obviously, it depends on how they're contacted. But usually, when I contact them via phone, their support team is great. They help me out with everything. But sometimes, if you go through email, it can take quite a while to get a response. Obviously, if it's through email, the issue's probably not as pressing as it would be through a phone call, but the response times could be a little bit better. Email, I usually just avoid. I usually just call them now.
They're super helpful. In terms of response times, it could be a little bit better. Some issues are more urgent than others, but if it's an urgent issue, obviously we just call. Sometimes it takes a little bit [of time] for them to get back. I would probably rate them a seven out of ten.
How was the initial setup?
We've had to deploy connectors across certain locations, but [in] all the locations we have a domain controller and that needs to be deployed on those domain controllers throughout all of our different places. I've done a couple of deployments. Most of it was already deployed just by the time I got here.
[In] my experience of how deployment went, it was very easily laid out, very simple. The instructions were super clear. I didn't have any issues with that. As more of a newcomer to the entire industry, this has been much easier than I expected it to be. Umbrella, as a product, is very simply laid out, very user-friendly. I couldn't praise it enough for helping me out with my job.
While the support [can] sometimes take a while, overall they're super helpful, they make it very easy and they make you feel like you're not doing anything wrong. They're super friendly and make everything super easy for you. Umbrella as a product, overall, is very user-friendly, as a newcomer to my company.
What was our ROI?
The plan is to replace those physical proxies that we have. In terms of return on investment, getting rid of those across each location [has been valuable]. In terms of the efficiency with time, it's definitely saved us a lot of time and money troubleshooting different issues and securing the network and helping people access what they need to access. Just in terms of time and efficiency, it definitely has a return on investment.
Trying to replace those physical ones as well, getting rid of those, just having this be the all-encompassing way of filtering traffic and unblocking, of making policies, it definitely saves us a lot of time with the solution that's offered.
What other advice do I have?
In terms of [our employees] feeling supported, they have the ability to submit a request to us very easily. When they get blocked from a site, it's not just one page saying you're not allowed here. They have the ability to submit a request to us so that we can look further into that site. That makes our employees feel more included in the process of helping the company access the sites that it needs to use, [as does our] communicating with those employees [about] why a site might be blocked; or a site that needs to be blocked based on what they find and what they're doing for their job. The important thing is that they're able to talk to us in case there's a site that they think that they need to access and helps them feel included in the entire process.
Like I mentioned earlier, it's one cog in the big system that we have out of our solutions for cybersecurity. We also use products like AMP, we have certain firewalls that also block certain things, the way they're configured. But overall, Umbrella, if we're talking about users on the internet, using sites or accessing different websites, is a big help in determining what exactly they need. We can go into Umbrella and help them understand why something might be blocked, or if they need to get into something, we can make certain policies within Umbrella. It's obviously just one tool out of the many that we have, so these configurations are pretty involved and even I don't know how they all work. It's divided amongst our team. For cybersecurity in general, it's great. It simplifies it. It's very useful in terms of the automation and how it blocks everything, and how all that stuff is interconnected. I would say that it is a lifesaver for us.
As somebody who is pretty familiar with networks and just learning everything, but being an inexperienced network manager, I would say that it makes the entire process very painless, very super simple to understand. In my experience, it's a nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Engineer at a retailer with 10,001+ employees
Gives us control and visibility of our network
Pros and Cons
- "It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security."
- "The solution is very good for helping workers feel safe, secured, supported, and included."
- "I feel that the application needs other characteristics that are available with other applications in the market."
What is our primary use case?
The solution is for filtering web content. We can control user access to applications as well as have visibility into Internet usage.
We are using it on approximately 300 servers. The solution is deployed across three departments. There are about 8,000 users.
How has it helped my organization?
Umbrella gives us control and visibility of our network using administration tools. This is helpful for us.
The solution is very good for helping workers feel safe, secured, supported, and included.
Employees have accepted the solution. The solution is very good for them and their morale.
It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security.
What is most valuable?
The most valuable feature is its web content filtering.
It is very important for our organization that the solution offers single-pane-of-glass management.
It is very easy to maintain network connectivity.
The customer experience has been very good.
What needs improvement?
I feel that the application needs other characteristics that are available with other applications in the market.
For how long have I used the solution?
I have been using it for three years.
What do I think about the stability of the solution?
It works very well across platforms with other providers.
What do I think about the scalability of the solution?
It is very easy to scale.
How are customer service and support?
I have never needed to use their technical support.
Which solution did I use previously and why did I switch?
We have just used this solution.
How was the initial setup?
Our initial setup was very easy.
What about the implementation team?
We used an internal consultant.
What other advice do I have?
Our leaders say that cybersecurity and resilience for our services is very important. They say technology is necessary for developing business with our clients.
I would rate the solution as nine out of 10. The solution is very good, easy to implement, and manage. The visibility is very user-friendly.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Buyer's Guide
Cisco Umbrella
July 2026
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,680 professionals have used our research since 2012.
Senior Network Engineer at a educational organization with 1,001-5,000 employees
We feel more confident knowing that we can block phishing attempts or any type of malware that is DNS-related
Pros and Cons
- "It has improved our organization from a security posture perspective, and we feel more confident now knowing that we can block phishing attempts or any type of malware that is DNS-related, which is a very nice feature that provides peace of mind."
- "We would like them to add more features to Cisco Umbrella."
What is our primary use case?
We use Cisco Umbrella for DNS security. We also have the roaming clients deployed on user laptops.
We use it for roaming clients. We also push all our DNS traffic to Umbrella. We do not allow any other DNS traffic. That is kind of how we have fully implemented Umbrella.
We were looking to bridge the gap for DNS security, especially for mobile clients. We wanted to be able to put that roaming client on their PCs and kind of bring that together.
How has it helped my organization?
It has improved our organization from a security posture perspective. We feel more confident now knowing that we can block phishing attempts or any type of malware that is DNS-related. This is a very nice feature that provides peace of mind.
Umbrella has absolutely helped us remediate threats more quickly. In fact, it has blocked a lot of threats that may have been able to go through in some instances. Knowing that they are blocking it and being able to find the PC that potentially has the threat on it, that has been very beneficial.
Umbrella has been very good for employee morale. It makes our job a little bit easier.
Cybersecurity resilience is very important for our organization right now. Umbrella does a good job of blocking ransomware, malware, bad threat actors, and phishing attempts.
What is most valuable?
Being able to control policy sets has been a very nice feature. Being able to have appliances that are separate, where we can send DNS traffic, has been very beneficial as well.
It is a good product for helping workers feel safe, secure, supported, and included. Having the roaming client is probably one of the key factors in being able to do that.
Cisco Umbrella provides single-pane-of-glass management, which is pretty important for my organization. We have a lot of products, including security products, that we manage. Being able to see a lot of those data sets in a single pane of glass is very beneficial for my team. We enjoy having it. It is very easy to use.
It is not very difficult to maintain network connectivity.
What needs improvement?
We would like them to add more features to Cisco Umbrella.
For how long have I used the solution?
We have been using Umbrella for about four years.
What do I think about the stability of the solution?
Stability has been great. Obviously, there have been some hiccups here and there on the connectivity side. That is out of our control, but it is understandable, as things are in the cloud. I have had more issues with Amazon than I have had issues with Umbrella, where I have had a very good experience.
What do I think about the scalability of the solution?
It is very scalable. If I had more sites, all I would have to do is deploy more VMs and point traffic that way, which is very nice.
We are using roaming clients. We are also using the DNS appliances that we have deployed. I have over 15,000 users and 10 locations. We have deployed each appliance at every location, and then point traffic to that. There are 20 different servers that we are using for Umbrella.
How are customer service and support?
The technical support has been very good. I have not had to open many tickets. I have only opened two in the five years that we have had it. Those two times, the support was very nice and supportive. I would rate them as 10 out of 10.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We have actually been using Umbrella since it came out. Previously, we just ran our own DNS. From a security product perspective, Umbrella has been the only DNS solution that we've used.
How was the initial setup?
The initial setup is very straightforward. There is a lot of documentation available.
What about the implementation team?
It was deployed in-house.
What was our ROI?
We have seen ROI. We can show our leadership that we are blocking and preventing things from coming into our network. Not only that, but from a threat perspective, if any of those things were able to infiltrate, then possibly the remediation damages would be way more than the cost that I am paying for Umbrella today.
What's my experience with pricing, setup cost, and licensing?
As an educational partner, we get better licensing structures. We are very happy with that. It has been very nice that Cisco has partnered with the educational sector to bring that.
What other advice do I have?
Look for all the gaps that you have in your network, then try to find a product that is more rounded to essentially fill those gaps.
I would rate Umbrella as 10 out of 10.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Network and security at Education Service Center - Region 11
I can create custom policies for bad domains that we want to block
Pros and Cons
- "When it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well."
- "Overall, it has been pretty helpful for what we're using it for."
- "If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all."
What is our primary use case?
We use it to protect our users from getting to any known bad domains.
How has it helped my organization?
It does what it's supposed to do, protecting us from getting to somewhere that we shouldn't.
The solution also helps us remediate threats more quickly. Examples are when an email campaign comes in with malicious links, or if they're on a website like Facebook which is full of junk that doesn't need to come through.
What is most valuable?
Domain blocking is among the most valuable features. It keeps people from accidentally clicking on something they shouldn't. Also, if I see an email that comes through, I can pick out bad domains that we want to block and make custom policies to block them.
In addition, when it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well.
The single pane of glass management is also pretty helpful because we don't have to hunt for what we're trying to work on.
What needs improvement?
Getting to some of the reporting features is something that could be improved. When I am tracking someone that has done something, my first hint is usually an email, because I've got those scheduled to come in every so often. But then I've got to log in, dig into that user, find the time period, and then export it. There's a lot of waiting involved through all of those steps.
It would be helpful if there were an embedded link in the email so that when it says it blocked something in particular, I wouldn't have to click through five or six different things to get what was blocked in that email. With a link like that, I could just click from within the notification email and it would take me straight to that page.
For how long have I used the solution?
I've been using Cisco Umbrella for five years.
What do I think about the stability of the solution?
I haven't had any issues when using it.
What do I think about the scalability of the solution?
Scaling it is pretty easy. Every time we need to put it on a machine, it's just part of the deployment process.
There are a lot of features that I haven't used. They've been doing a lot of work on it recently and I was talking to one of our Cisco reps who talked about some things we can do with it that we're not doing yet.
How are customer service and support?
I haven't had to use technical support.
How was the initial setup?
It's continuously deployed because, if we wipe out a computer, we've got to put the agent back on it. If we have to put it on a Windows machine, it's easy. If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all. Getting it to the point where you could deploy a Cisco product with a Cisco product would be beneficial.
What other advice do I have?
Umbrella is pretty invisible to our employees. Most of them don't know we're using it. There isn't a lot of user training involved, as long as your security people can get in there and do what they need to do.
It's a great tool because you can effectively block a lot of things that can infect your machines. People don't realize they're getting something that's malicious.
Overall, it has been pretty helpful for what we're using it for.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
IT Security Operations Manager at BeyondTrust
Securing DNS, specifically for the remote workforce we have today, fills a big gap
Pros and Cons
- "It enables us to go granular in the customization of blocking some categories on the DNS."
- "From a DNS perspective, Cisco Umbrella is the number-one technology now."
- "Having ready-to-go templates with best practices is definitely something that would be an improvement. Deployment, from day one, is something that definitely needs to be improved for Cisco customers."
What is our primary use case?
We use it for DNS filtration across all data centers, offices, and remote users.
How has it helped my organization?
The blocking of all the non-malicious traffic from DNS request queries has been huge. DNS is very important from a security perspective. Securing this layer, specifically for the remote users and the remote workforce that we're seeing today, is definitely a big gap that needed to be filled.
The DNS Umbrella agent is already installed on the core machine. So from day one, when our CEO sent all employees to work remotely, all we had to do was flip a switch to have a DNS filter on all core machines.
The visibility that Umbrella gives us into what a user is doing, versus what we want to block, is huge. It's not that we're policing things. It's just a matter of watching and having visibility. We're definitely not going to block every domain, but having visibility is very big.
What is most valuable?
It enables us to go granular in the customization of blocking some categories on the DNS.
Also managing all the DNS aspects from one portal is definitely great from a security perspective. Sometimes we get a malicious URL in a phishing campaign on the email side. Blocking a domain across the whole company in one minute is definitely great. To block a DNS request very quickly you just add the domain to the Global Block List and in one second it's blocked.
Another feature that is good in Umbrella is applying and maintaining network connectivity consistently across all workplaces. You can go through the categories and do templates based on the sites, such as a data center or a branch and apply policies based on that.
What needs improvement?
Having ready-to-go templates with best practices is definitely something that would be an improvement. Deployment, from day one, is something that definitely needs to be improved for Cisco customers.
For how long have I used the solution?
I have been using Cisco Umbrella for four years.
What do I think about the stability of the solution?
The stability is a 10 out of 10.
What do I think about the scalability of the solution?
The scalability is also a 10 out of 10. We use it across all the company's offices and data centers. We have 1,500 users.
How are customer service and support?
The Umbrella service itself is great. Sometimes, with technical support, we go through "tag" problems, but otherwise, it's pretty smooth.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We did not have a previous solution. We used to use CWS, which was Umbrella before it was named Umbrella.
What was our ROI?
The ROI is visible in the portal through the executive reports. They show how many times we block malicious sites. Management definitely gets a view of the fact that we're blocking a lot of malicious domains with Umbrella.
What's my experience with pricing, setup cost, and licensing?
We have a security Enterprise Agreement with Cisco, so the pricing is good. We take many security products in one agreement, so we have no complaints about the price.
What other advice do I have?
From a DNS perspective, Cisco Umbrella is the number-one technology now.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
IT Director at New Egypt Gold
Stable, scalable and strong Cisco offering
Pros and Cons
- "Meraki features and cloud-based functionality are advanced and easy to manage centrally."
- "Lower costs including licensing, support, and renewals would be beneficial."
How has it helped my organization?
Cisco Umbrella improves web security posture.
What is most valuable?
Meraki features and cloud-based functionality are advanced and easy to manage centrally.
Reporting is a separate product. However, other features are embedded within the devices themselves. So, if you have one box, everything is included, which is good.
What needs improvement?
A more user-friendly interface like Kaspersky and lower costs including licensing, support, and renewals would be beneficial.
For how long have I used the solution?
My company has been using it since 2005.
What do I think about the stability of the solution?
It is a stable product.
What do I think about the scalability of the solution?
It is a scalable product.
How are customer service and support?
The customer service and support are excellent, exceeding expectations.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I used Sophos, FortiGate, and Palo Alto firewalls.
Cisco Umbrella is manageable and well-supported by various vendors and partners, including Cisco Direct. It offers diverse technologies and features. However, now Sophos and FortiGate offer better tools and firewalls than Cisco.
Forti excels in SD-WAN services and integrates various functionalities like FortiManager, FortiAnalyzer, and Wi-Fi controller within a single device.
How was the initial setup?
It is easy to implement. It is not straightforward, but it is easy. It is easier than before.
What's my experience with pricing, setup cost, and licensing?
The licensing cost is very high. We have to pay for support, renewal, and maintenance. FortiNet is cheaper compared to Cisco Umbrella.
What other advice do I have?
Consider your budget. If you can afford it, Cisco Umbrella is a stable and scalable solution.
It's a strong Cisco product.
Overall, I would rate the solution a nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Project Manager at a financial services firm with 201-500 employees
Helps me to protect my endpoints so that they won't go to a malicious site
Pros and Cons
- "The most valuable feature is its ability to detect if a URL has malware or is vulnerable."
- "I would like for their support to be faster."
What is our primary use case?
Our primary use case is for filtering and security reasons. We send our DNS queries to Umbrella. It will see if we go to a site that has malware or a virus and it will stop it. It detects if the URL has malware.
How has it helped my organization?
The multilayers of defense have improved my organization. We have a lot of defensive layers and DNS queries from Cisco is one of them.
What is most valuable?
The most valuable feature is its ability to detect if a URL has malware or is vulnerable.
What needs improvement?
I would like for their support to be faster.
For how long have I used the solution?
We have been using Cisco Umbrella for six to seven years.
What do I think about the stability of the solution?
I have never experienced a stability issue where the site went down.
What do I think about the scalability of the solution?
I would rate the scalability a ten out of ten.
How are customer service and support?
Support doesn't always get back to me right away but they'll send me an email with the solution. It's not critical. I don't have an issue with it. I would rate their support an eight out of ten. I took two points off because it can take a day or two for them to get back to me.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is easy. There is good documentation. I can deploy it within a day or two. There's a page that shows you the health of the agent. It makes me more comfortable knowing that my configuration is healthy.
I did the deployment myself.
What was our ROI?
We have definitely realized ROI through the protection Umbrella offers.
What's my experience with pricing, setup cost, and licensing?
The pricing is decent. The price is user-based, per month.
What other advice do I have?
I would rate Cisco Umbrella a nine out of ten. I also use it on a personal level. It helps me to protect my endpoints so that they won't go to a malicious site.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Coordinator of Systems Administration Team at a transportation company with 201-500 employees
Video Review
Has a clean and user-friendly dashboard that provides a lot of information at a glance
Pros and Cons
- "Umbrella has helped my IT staff in two ways. First, our security team was able to get more insights into the users, their devices, and the sites they browse. Second, our system administration team was able to manage DNS resolutions in a way that is more accessible and less intrusive to our domain system."
- "It's easier for us to have support features with companies who are Cisco representatives, but sometimes, it's hard for us to get the help we need without having to use our contacts within Cisco."
What is our primary use case?
Our primary use case was to first replace the solution we had since it wasn't able to give us security outside our premises. Also in terms of configuration, we had to have extra configurations in our Active Directory to identify the users and the equipment. Cisco Umbrella gave us a chance to do it in a more clean way, without having extra software working on our domain controllers.
Cisco Umbrella is deployed as a cloud solution with an on-premises server so that it can make the connection through our Active Directory to identify the equipment.
What is most valuable?
The most value we've seen after using it for a month is the ability to identify more clearly the usage of any device.
With Cisco Umbrella I am able to manage DNS resolutions on our devices both when they are inside and outside our network, supporting a hybrid work environment.
Umbrella has helped my IT staff in two ways. First, our security team was able to get more insights into the users, their devices, and the sites they browse. Second, our system administration team was able to manage DNS resolutions in a way that is more accessible and less intrusive to our domain system.
Soon, our IT staff will be able to save time because we'll be able to automate some security functions. The dashboard is very clean and user-friendly. Thus, at a glance, we will be able to see a lot of information that will help us identify more directly the sources and the root causes of security issues.
What needs improvement?
It's easier for us to have support features with companies who are Cisco representatives, but sometimes, it's hard for us to get the help we need without having to use our contacts within Cisco.
For how long have I used the solution?
We've been using Cisco Umbrella for nearly a month.
What do I think about the stability of the solution?
We have not had any issues with stability, but we've only had the solution for one month.
How are customer service and support?
The few times when we had to contact Cisco's technical support directly, we had perfect interactions with them. Therefore, I would give technical support a rating of ten out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We were using another solution for DNS security. It was not as complete and would only allow us to manage security inside our network. We weren't able to get to the endpoints when staff were not working on-premises. We did a proof of concept with Cisco Umbrella and two other solutions for three months and chose to go with Cisco Umbrella because it gave us the features that were more suited to our organization.
How was the initial setup?
In our environment, it was straightforward and simple to implement Umbrella. We had SCCM for the end devices for mass deployment. Our domain controllers were connected to the server. The initial parameterization only took us three days. Currently, we are in the most difficult part of fine-tuning the solution so we can take full advantage of its features.
What about the implementation team?
Our Cisco partner helped us with the implementation.
What's my experience with pricing, setup cost, and licensing?
Pricing and licensing of Cisco Umbrella is a bit confusing because you have to separate the DNS solution and the full-feature solution. Cisco in Portugal helped us understand which one was the right one for us.
What other advice do I have?
Since Cisco Umbrella has given me better performance and extra features that I didn't have previously, I would give it the maximum rating of ten out of ten.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Principle Consultant at a energy/utilities company with 10,001+ employees
Video Review
Enables us to inspect all the user traffic generated from anything
Pros and Cons
- "By using Cisco Umbrella, you are sure of inspecting all the traffic. Whenever the user machine is connected to your network, it is inspected. That's the best thing. It means you are sure that nothing is being exported or imported without your choice. That is the best feature."
- "If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel."
What is our primary use case?
I'm a principal consultant for one of the energy sector companies, which basically extracts oil and gas and also deals with solar energy. We are dealing with anything related to energy. It's a supply chain as well.
We have been using Cisco Umbrella for more than one year. Basically, after the COVID situation, when the hybrid model came, we needed to give work-from-home options to the employees and look into cybersecurity. We had to get some cloud security. That is why we have introduced Cisco Umbrella.
How has it helped my organization?
We chose Cisco Umbrella because it's a better option industry-wide. It can inspect all the web traffic from anywhere. When traffic is generated from any local internet, it might be anything. It doesn't qualify for cyber security for any company. That's why you have to have something to inspect all the traffic. Cisco is a good vendor for us. That's why we chose Cisco Umbrella.
By using Cisco Umbrella, you are sure of inspecting all the traffic. Whenever the user machine is connected to your network, it is inspected. That's the best thing. It means you are sure that nothing is being exported or imported without your choice. That is the best feature.
It generates alerts, and you can integrate it with your ticketing tool. When it's integrated, it can also generate a ticket. That means you know when something is wrong or what's going on. It has helped a lot during this hybrid model, and I don't think that this hybrid model is going anywhere. So, you can simply say that Cisco Umbrella is a good tool for the future as well.
It hasn't freed up our IT staff for other projects because no one thought about this work-from-home model before COVID. There were many alerts after Cisco Umbrella was installed, which means many staff members were invested, but its automation, such as automatically generating alerts and automatically assigning tickets to a queue, has helped a lot. We don't need to do any physical or manual inspection. It's being done automatically, which is a good point, but it hasn't decreased any resource hours.
What is most valuable?
It's the best tool to inspect everything. We can inspect all the user traffic generated from anything.
What needs improvement?
If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel.
For how long have I used the solution?
We have been using Cisco Umbrella for more than one year.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Network Architect at Prosperity247
Video Review
100% availability, excellent support, and helpful for filtering out web requests we don't want
Pros and Cons
- "The feature that we find most valuable is to be able to filter out those web requests that you don't want."
- "With any Cisco product, it's the licensing side of things that needs improvement."
What is our primary use case?
We are a Cisco premier integrator, and I've worked for Prosperity for approximately seven months now. We just set up a new networking team predominantly servicing clients within the financial services industry.
We offer various products within the Cisco Secure product line, for example, Cisco Secure Firewall, AnyConnect, and Umbrella. As a Cisco partner, we predominantly deploy Cisco equipment, be it LAN switching or routers. Deploying Cisco Secure products makes sense because then we have one vendor in the network.
How has it helped my organization?
When we're deploying Cisco Umbrella, we're predominantly utilizing the DNS Essentials or the DNS Advantage license. We use it as a first layer of defense on the network because everything relies on DNS these days, so if you can capture that traffic and analyze it or analyze those DNS requests, you can very quickly start filtering out things like Command-and-Control and whether there's malware on the environments or shadow IT, for example. So, it can capture and categorize the apps that people use, and if you were to block something, you can very easily block it.
As a Cisco partner, the value we bring to our customers is our years of experience, and our customers can rely on us. We've got a saying in our company that if we look after our clients, we look after our colleagues, and we look after our customers, then we'll all prosper; hence the name Prosperity 24/7. That's our sort of motto, but it's very true. Our customers can trust us. We've got the experience. We've got the links to Cisco. We do all the training, so customers don't have to worry. It's about wrapping the customer up in a blanket and going, "Everything's going to be okay. We're here."
The benefit we get from our Cisco partnership is credibility within the marketplace because everybody has heard of Cisco, and it's probably one of the most deployed network manufacturers in the world involved in so many verticals. There's always a product there. I've been looking at so many products this week at Cisco Live, for example, that anything you can think of is there. There's always new innovation. It's an innovative company.
What is most valuable?
The feature that we find most valuable is to be able to filter out those web requests that you don't want. In a corporate environment, it can be damaging. It can be damaging to organizations as well. You don't want people going to certain sites. Also, the malware side of things and the Command-and-Control side of things are valuable because you can have serious reputational damage to your organization if there's malware in your environment. To be able to block that at its source is very important.
Umbrella is a constantly evolving product set in terms of what they had maybe four years ago compared to now. The number of features they're developing and facilities within that cloud platform are amazing. Things like data loss prevention (DLP) have been released in the last couple of years. It probably has remote browser isolation (RBI) as well, but I'll have to check that one. So, it's a constantly evolving product set. Our clients might start off on a lower tier of the Umbrella, but over time, they'll go, "Actually I want that feature." And then they'll go from DNS Essentials to DNS Advantage, and then they might start looking at Secure Internet Gateway (SIG), for example, which is just the secure web gateway (SWG). So, there's something for everybody, and as a layer of defense in your network, it's a great product.
What needs improvement?
With any Cisco product, it's the licensing side of things that needs improvement. Licensing changes and Cisco typically doesn't make it easy for us, but it does evolve. What's good now is that predominantly across the different product sectors within Cisco, you start off with DNS Essentials, Advantage, and even the Catalyst switches. That's now ubiquitous across the Cisco line. They've got to keep it simple on the licensing side so that when I go and talk to clients, I can say, "Right, here you go. With this license, you get these features, but you can always scale up." Once the customers experience Cisco Umbrella, then typically, they start thinking, "What else could I be doing?" You may start off with the DNS Essentials, but then you might move to SWG eventually.
What do I think about the stability of the solution?
Umbrella's availability is second to none. I remember attending Cisco Live in Barcelona where I went to one of the sessions, and they said that they've had a hundred percent uptime since forever basically, so I don't think they ever had an outage. They've got two DNS servers. They use Anycast, so it's available around the world. It will speed up your web browsing because you'll go to the closest data center. Umbrella pairs with the service providers, so it'll speed up your general web traffic as well.
What do I think about the scalability of the solution?
In our customers' environments, in terms of scalability, absolutely, it's a very simple product to deploy. It's cloud-based, so we don't have to worry about deploying resources locally. Networks rely on DNS anyway. The whole Microsoft stack, whether you open a web browser or use Teams, relies on DNS. So, it's the first step in any web transaction.
How are customer service and support?
I like working with Cisco products because I get excellent support. If it's four o'clock in the morning, I'm in a data center, and something has stopped working, I know I can just reach out to TAC, raise a TAC case, and get help. That's a comfort blanket that surrounds all of us Cisco engineers. We know we can call somebody, and we know we can get through to somebody who will have the answers for us.
I would give Cisco support a solid eight or nine. It's probably difficult to give a 10 because sometimes it depends on who you get as well, but with Cisco TAC, you can always escalate cases as well. So, there's always somebody within Cisco TAC who can help you.
How would you rate customer service and support?
Positive
How was the initial setup?
In the typical deployment model, we integrate it with, for example, the Meraki product line for using Cisco Umbrella directly within the Meraki dashboard. So, you can link it to an API. That's a nice integration. You're not having separate Meraki access points or Meraki MX. You can bring it all together in one place, so you've got a single dashboard. Typically, we've done that. In the bigger organizations, we have done deployments of the virtual appliances because essentially, you want to be able to identify individual users at that point. By using the VAs, you should be able to identify users on the network, and then you can deploy policies based on those user groups.
Cisco Umbrella can be deployed in minutes. In its simplest form, all you need to do is point at the Cisco Umbrella DNS servers, and that's it. It can be literally deployed in minutes. If you want to go to a different use case, for example, where you've got to deploy VAs, that's a bit more difficult, but there's something for everybody. It can be as simple or as complex as your environment requires.
Which other solutions did I evaluate?
I've always worked with Cisco. I've been working with Cisco products for the last 20 years. We do have other products that we can sell for a lower price point, for example, but typically, I like using Cisco products.
What other advice do I have?
To any customers who want to evaluate Umbrella, the first thing I would recommend looking at would be the product sheets within Cisco. Understand the technology, understand the features that are available, and then decide what level of Umbrella or what licensing level you require to meet your business requirements. If it's just protecting some guest WiFis, for example, then it'll be a very simple deployment. If you've got Meraki kits, you can easily link those two pieces together.
Talos receives so much traffic. I did one of the sessions yesterday with the guys from Talos, and the amount of web traffic that comes into Talos for them to analyze is huge. So, as a repository of what's going on and a view of what's going on the Internet with this new malware, they're very quickly going to be able to react to that. Even with just the behavioral type analysis in terms of what constitutes bad behavior on a network, they can very quickly analyze and deploy a new solution. They update things like Umbrella, and as a central repository, it feeds into Talos, and then Talos can inform the rest of the security community about what's going on and what things you might need to block, so Talos overall has a positive effect for our clients. For them to do it themselves would be impossible. You need somebody on the Internet, and Talos provide that service. It's about control and visibility, and those certainly are the features that Talos can bring to the table.
I'd rate Umbrella a solid nine out of ten. It's probably difficult to get any product in a 10, but they are always constantly developing it. So, if you come back in a year's time, there'll always be new features than what's available today.
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Buyer's Guide
Download our free Cisco Umbrella Report and get advice and tips from experienced pros
sharing their opinions.
Updated: July 2026
Product Categories
Domain Name System (DNS) Security Secure Web Gateways (SWG) Internet Security Cloud Access Security Brokers (CASB) Cisco Security PortfolioPopular Comparisons
Fortinet FortiGate
Cloudflare
Cloudflare One
Cisco Secure Firewall
Prisma Access by Palo Alto Networks
Zscaler Zero Trust Exchange Platform
Zscaler Internet Access
Cisco Identity Services Engine (ISE)
Cato SASE Cloud Platform
Netskope
Check Point Harmony SASE (formerly Perimeter 81)
Mimecast Advanced Email Security
Cisco Secure Network Analytics
Buyer's Guide
Download our free Cisco Umbrella Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which is the better security solution - Cisco Umbrella or Zscaler?
- Which product do you prefer: Cisco Umbrella or Palo Alto Networks DNS Security?
- Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?
- What are the pros and cons of Cisco Umbrella vs. Zscaler SASE for a large global enterprise?
- What are the differences and similarities of Symantec Fireglass and Cisco Umbrella?
- Which solution is better: Cisco Umbrella or Palo Alto Networks DNS Security?
- When evaluating DNS Security, what aspect do you think is the most important to look for?
- Why is Domain Name System (DNS) Security important for companies?
- What DNS security tool do you recommend?
- Why is domain name system security important?



















