Cisco Umbrella Room for Improvement
Director of Security
The design of the screens could be improved. Sometimes you're trying to look for information, for what you think is critical that should be on that first screen of the dashboard so that you can quickly take screenshots to have people help out, but you have to hop between screens to find little pieces of evidence.
They should work with their customers to find out, when they're troubleshooting, if they're going through multiple screens just to get little pieces of information. Maybe they could design an overall security screen for an event and pull that stuff in so that it's on one screen, rather than having to go search for it. Right now, you're always going back and looking on the left-hand side, going down the column, and trying to remember where something you need is. You have to click all over the place to go find what you're looking for.View full review »
It had the ability to do a lot of app control. So, every single app that went through that portal was registered, but there is a general issue with the whole app control. As soon as you add a mobile phone to your network, all of the apps get registered through the system, and you can approve, reject, or just let them go through. When I looked at it, it was impossible to manage app control. There was just so much data. I didn't apply that service because I just didn't have the time to manage it. It would be good if there was a way to categorize applications. However, that's dangerous too because you can be turning off an app in a group because you don't know what it is doing. It could be a vital company app. So, App control is the main area in which they need to keep working.View full review »
Network Security Architect at Lake Trust Credit Union
The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical.View full review »
There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad. I can't geofence out. I can plot top-level domains, but .com and .net go global. I can certainly block a China (CN) or a Russia (RU) domain, but that doesn't give me the same level of granularity.
Apparently, Cisco Umbrella has got that as a feature request to allow an administrator to say, "I specifically only want traffic to and from these countries. Everything else should be dumped." That way, when they're sitting behind my network or they go out in the wild, they have that same level of traffic being blocked.View full review »
So far, I haven't seen any areas that need improvement. As far as what we need it to do, it's doing just that. It's comfortable for us. It's working beyond our expectations. Something on our end that might make it better is alerting going to our ticketing system. It's not something that we have discussed, but that would be a proactive option for us to provide a learning experience for the staff.View full review »
I'd like to see this solution more closely integrate with other products Cisco has in its portfolio.
I would also like to be able to manage the identities, for example. If you define them in ISE, it would be good to be able to use the same identities also within Umbrella. It would simplify the use of multiple products within the organization from the same vendor.View full review »
I'd like to see improvement in its overall integration with all the other platforms. There's some integration between Umbrella and Meraki, but an overall Cisco problem is that there are so many different tools, and finding easy, seamless ways of connecting everything together is always a challenge. Always, with Cisco tools, there is the issue of finding ways to have fewer windows to look at and how to make those tools work together better.View full review »
IT Consultant with 501-1,000 employees
There are some situations where we would like to block things for specific user groups. I know that Umbrella does that, but it's not that easy. When you go to the Global Allow and Block Lists, that's the easy part. But when you want a specific task for specific rules and policies for user groups, you have to go three levels down in the menu, and it's hard to find where you do that task.
Also, the policies are not that easy to manage.View full review »
We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run.View full review »
Senior Network Engineer at a educational organization with 1,001-5,000 employees
We would like them to add more features to Cisco Umbrella.View full review »
Security BDM UK at a tech services company with 51-200 employees
The API is very Cisco orientated, which is absolutely fine if you're using Cisco Firepower and SecureX kind of products, but if you want to integrate with third parties, it is a bit tricky. There are some key API connectors for the more prevalent SIEM tools.
I would really like to see in Cisco Umbrella the ability to create customized reports and then assign the rights to view these reports to people within a group. I should be able to create a customized report, which is viewable by anybody who has the rights. I should be able to create groups within Cisco Umbrella, and then assign reports to groups and have those reports split out automatically only to those groups. I can kind of do it by restricting my email list, but it is a half-complete way of doing it.
Solutions Architect at a tech services company with 51-200 employees
One of the issues with Umbrella is as you get into endpoint detection and response, such as EDR point solutions, some of them will not integrate well with Umbrella. Sometimes when you want to use technology, such as Always On VPN, it will not work. There are some looming issues as one type of technology starts to crossover with Umbrella. That is the challenge and Umbrella should find a way to be more compatible with some of the endpoint response solutions that are coming out on the market.View full review »
Vice President Information Security & Compliance at a tech vendor with 1,001-5,000 employees
I would like to see hardware-based integrations. If a hardware platform were provided for Umbrella, that would definitely improve the market for it. The solution is pretty good, but if a hardware-based solution came through, it would meet all the compliance standards in my country.
Especially when we are addressing governmental customers, they hesitate to connect to the cloud. That is where we need a hardware platform so that the solution can be used on-premises as well.View full review »
Network Engineer & Security Specialist at a tech services company with 51-200 employees
There are always little items that can be fixed in any solution, however, I don't have any specific complaints.
The first time you set up the solution and have integrations, it may be a bit difficult, however, it gets easier.
The pricing could always be a little bit better.View full review »
Network Manager at a consultancy with 11-50 employees
Their support should be improved. It is necessary that the support is efficient. It is not really easy to get a resolution for an issue from Cisco support. They should be faster and more efficient.View full review »
Getting to some of the reporting features is something that could be improved. When I am tracking someone that has done something, my first hint is usually an email, because I've got those scheduled to come in every so often. But then I've got to log in, dig into that user, find the time period, and then export it. There's a lot of waiting involved through all of those steps.
It would be helpful if there were an embedded link in the email so that when it says it blocked something in particular, I wouldn't have to click through five or six different things to get what was blocked in that email. With a link like that, I could just click from within the notification email and it would take me straight to that page.View full review »
There are a couple of different pieces that have different portals. I know they're working on getting them all into one portal, but that's probably the biggest thing that needs improvement right now. It's not a single pane of glass yet.View full review »
Having ready-to-go templates with best practices is definitely something that would be an improvement. Deployment, from day one, is something that definitely needs to be improved for Cisco customers.View full review »
While the way the solution works with the functions is fantastic, updates or the ability to secure the vault while offline for cloud-based services should be addressed.
The integration with Cisco could be better. We already have something along these lines and so far so good.
Local support should also be provided, so that there will not be a need to lump us in with the European pool. For other products, Cisco does have local support. There is a local number which can be reached should the need arise. The support should be more regionalized, as we are talking about an endpoint to endpoint solution. Owing to the number of people who interface with the tool and the response time, local support should be provided. The local support job should handle the app of Cisco Meraki.
The product can be pretty expensive.View full review »
Team Lead Network Infrastructure at a tech services company with 1-10 employees
There should be some sort of appliance for those customers who do not trust the cloud. Cisco Umbrella should introduce an on-premises device.
Customers should have the ability to manage on-premises.
While support is provided, the response time could be faster.View full review »
In terms of what can be improved, it should have more integrations with multiple end user OEMs.
Also, the Linux agent is a big challenge because multiple companies are going with Linux. There is no Linux right now for people working from home and they are looking for security which is not available via Linux. That needs to improve.View full review »
It would be better if there was a little bit of flexibility for organizations that don't have SD One in their environment. Because of the complexity of the environment, it's not easy to actually turn on the feature of the secure internet gateway for our users. We have not been able to explore that option yet.
CTO at a tech vendor with 11-50 employees
Looking at the full umbrella suite in the light of SASE, Secure Access Service Edge, they are clearly lacking in the inline CASB. Any line cloud access security broker has an API-based cloud access security broker, which is called CloudLock, but they're lacking the inline components, which are able to intercept traffic.
An on-premise DLP solution or integration with an on-premise DLP solution would be a nice addition. Also, more broad operating system support for endpoints would be an advantage.View full review »
I can't think of a place where there is a gap in features. It seems to cover everything.
The pricing is a bit high. Being outside of the USA, we have issues with the exchange rate.
The solution could use more intelligence.
They likely could combine some of the AMP features that they already have in other AEM's for anti-malware purposes.View full review »
I would like to see more intelligence built into Umbrella.
In the future, they should combine some of the Cisco AMP features that they already have, for anti-malware purposes.View full review »
Network security consultant at a tech services company with 1,001-5,000 employees
I would like to see improvement in the user and group policies. Sometimes it is not very accurate and they apply only to specific users in a group. It needs to be more accurate.
Also, the reporting needs some enhancements.
Finally, the integration with other solutions is a little complex. If you want to integrate with something like ArcSight or LogRhythm or Splunk, you need to do a lot of configuration. There are no easy ways to implement it.View full review »
It should have a real-time malware classification engine. It should check the malware on the website. It would be good if it had a real-time malware check for the websites because currently, it just compares the DNS queries of the blacklist.
It should also have malware control over file execution and the types of files that the users are allowed to download.View full review »
Project Delivery Coordinator at a media company with 201-500 employees
We would like to see the enhancements made to the EDR, as we see features that are running endpoint management. For example, If you want to have this feature included, you will also need another product such as Kaspersky.
If it can come included with Cisco Umbrella, it would be a good point to have.View full review »
I feel that the application needs other characteristics that are available with other applications in the market.View full review »
Consultant at a computer software company with 1,001-5,000 employees
I think it's a very basic solution, and because of that, we provide it to the small business market. Cisco Umbrella would not be a suitable solution for large companies.
In the next release, integration or shoulder, for example, to a firewall on-premises using Cisco Umbrella to connect would be good. If possible, it would be good to take the weight off the shoulder of the solutions.View full review »
It could be improved by having a local data center and caching, which can provide protection support. I would like to be able to channel my intel and my network traffic to their clouds, and this feature is not available. Advanced protection or any malware file support, which might be required, is not available.View full review »
Network Consultant at a security firm with 51-200 employees
I would like them to make some videos, practical videos, the kind with steps that people can use to learn and deploy.View full review »
General Manager at a mining and metals company with 10,001+ employees
The detection of wireless attacks or targeted attacks reports many false rates. This is an area that needs some improvement.
It should be more specific. This can help the customers to know the exact incident details.
The intel logs and the incident proactive security incidents for targeted attacks are also something that needs to be improved.
If the security issues are taken care of it would be better.View full review »
Improvements could be made with the user interface, it could be a little smoother and more intuitive.View full review »
Spider Solutions CTO at a security firm with 11-50 employees
I would like to see more integrability with other products.
If I could take this information and integrate it with other products, it would be beneficial.View full review »
Head of Business Solutions, UK&I at a comms service provider with 10,001+ employees
It's a very new product, so it's quite immature at the moment. It can be more user friendly.View full review »
Director at seamlessinfotech.com
It could be more secure. It would be better if they provided a transferring proxy as an add-on and more integration.View full review »
There should be some programs for the POC phase.
I would like to see more integration between Cisco Umbrella and Cisco DNA centerView full review »
The price could be better. The price is definitely a bit high, but we have to pay a premium for Cisco products.View full review »
Cyber Security Consultant at flydubai
Its on-prem rollout is quite challenging. It needs better coordination with the Internet Service Provider. It is a cloud-based solution, and any endpoint that connects to it has to go through all the gateway ISPs, but some of the ISPs block HTTPS-based DNS. That's where the challenge occurs with Umbrella.