For us, as an MSP, the initial licensing changes were a roadblock, and they still could be a lot clearer. Specifically, it's an honor-based licensing system. We'd like it to be more specific to our traffic or our users so that we can make sure that the customer is paying for all their licensing.

I'd like to see improvement in its overall integration with all the other platforms. There's some integration between Umbrella and Meraki, but an overall Cisco problem is that there are so many different tools, and finding easy, seamless ways of connecting everything together is always a challenge. Always, with Cisco tools, there is the issue of finding ways to have fewer windows to look at and how to make those tools work together better.

I'm hoping for the conversion of Cisco ZTNA's features from Duo to Umbrella. This feature was announced at Cisco Live. I think Cisco is now on the right way to being the most competitive against some vendors like Netskope and Zscaler. 

I am unsure if Cisco Umbrella offers a Windows option for running the server. However, since I am not familiar with Linux, I had to rely on someone else to handle that aspect. I'm not completely convinced that using Windows would be a superior solution, as Linux is generally regarded as more stable. However, it would benefit individuals like myself who are unfamiliar with Linux.

Cisco Umbrella should add some more documentation on proxies. Different organizations utilize proxies in their environment. With Umbrella, based on my experience, there are some deployment issues. It would be good to have some more documentation that can walk you step by step. The tech support is about 90% and needs to provide more step-by-step processing of the procedure and also a little more background on the solution.

Client delivery and client updates should be improved. Client delivery was not as easy as expected. Another area for improvement is the integration of escalation procedures for security issues.

In the next release, I would like to see the addition of notification flows like SMS and popups.

The main issue that we have is with the final steps or the full integration and getting rid of Zscaler. The company still has to fall back to Zscaler when something in Umbrella is not working as expected, such as when we enable SSL inspection. When something is not working 100%, the company is falling back to Zscaler. We have very good support, and I don't know whether this can be improved, but that is one thing to do for the final steps to get rid of the other product.

Its scalability could also be improved.

I feel that the application needs other characteristics that are available with other applications in the market.

There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad. I can't geofence out. I can plot top-level domains, but .com and .net go global. I can certainly block a China (CN) or a Russia (RU) domain, but that doesn't give me the same level of granularity. 

Apparently, Cisco Umbrella has got that as a feature request to allow an administrator to say, "I specifically only want traffic to and from these countries. Everything else should be dumped." That way, when they're sitting behind my network or they go out in the wild, they have that same level of traffic being blocked.

Cisco Umbrella hasn't integrated customized reporting yet. With Cisco Secure Endpoint Hub, I can see a report on user downloads and set it up to constantly get an email alert. Based on my understanding, Cisco Umbrella can't do that. You can set it up with third parties, but it would be better if that were built into the platform. 

Although Cisco Umbrella has an excellent global network footprint, there is still room for improvement and growth in this area. Additionally, there are bandwidth limitations associated with the connectors that need to be addressed. To be a viable solution for larger offices, Cisco Umbrella must continue to expand and improve its capabilities in these areas.

If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel.

They should provide more integrations and bring things together so that there is a more standard feel to their platform. We also use Cisco ISE, and it has a very different feel from Cisco Umbrella. We also have some Meraki products which feel very different from others. It's like you have to learn something new with every product you buy.

The rule-making process for blocking sites or for blocking characteristics can use some simplification. For example, types of malware. This would make it easier to use because it has a learning curve.

There is a possibility of creating users that have explicit permissions to access sites that nobody else should access. This process can be cumbersome and it would be helpful if there was an easier way to create users and assign roles to special users.

Cisco could ease the process of defining the number of licenses and the price considering the number of licenses we require. Currently, we have to get a quote for anything over 100 licenses.

iOS devices and mobiles are huge in my environment right now, and I cannot run them on Cisco Umbrella 24/7. Each user has one desktop but three or four mobile devices on two iPads, and a phone or multiple phones and an iPad, or vice versa. I'd like to turn on my Cisco Umbrella on the network level, at least on my office premise. However, my security team would like to keep all devices on-network and off-network to be connected or managed by Cisco Umbrella all the time. So their use cases are higher and stronger than my mobile ones. Sometimes we try to work around my mobile ones with MDM, but sometimes it would be way more flexible to have both running side-by-side.

Also, in the Apple services or the Apple space, between my Cisco Umbrella and between my Apple updates, something breaks. I'm not sure if it's because of a policy that my company did before I joined them or if it's something that's happening due to a conflict in the configuration somewhere. So we always have to completely get the device or the endpoint out of any filtration to get the policies. We get everything pushed properly from Apple to the device and provision it afterward. Then we add the Cisco Umbrella roaming client to it.

It would be good if the more complex versions of Umbrella are simplified so that we can offer them in a more standardized way. We, as a telco, do not operate the same as a traditional integration partner would, who can sell all its services. We try to have a standardized approach as much as we can so that we can sell the solution with as many services added to it as possible. If you look at the structure of businesses in Switzerland, 95% of them have 10 persons or less, and they do not have a security specialist. Therefore, the higher the automated and standardized features, the better it is for them.

I would like to see more integrations with more products. Some of the integrations need to be simpler as well. For example, the integration with Cisco Secure Firewall could be simpler.

It would be good to make reporting simpler. For those who don't use SecureX, it would be good to make Umbrella really simple to use upfront. It's not a difficult product, but it can be daunting for someone who isn't exposed to it because there are so many options.

The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical.

The pricing could be improved.

Its reliability and the response time of the support team can be better. 

In terms of features, I know Cisco Umbrella has a lot of potential, and I'm not sure if we're using it to its full potential. I'm not aware of all the functionality, and for the functionality for which we're using it, it has been great. There probably is one place for improvement. We'll love to see any new features, new functionalities, and maybe better integration with other cloud platforms, but for us, it's good as it's now.

Cisco Umbrella is a good solution. It meets all of our needs. They can maybe simplify the configuration. For example, sometimes, the proxy part is quite difficult, and that's why we didn't deploy that.

The firewall capabilities could be better. Cisco is starting to introduce some layer 7 capabilities now, but there's still some room to grow. They should continue with the development of Umbrella so that it is a full-blown cloud-managed firewall solution.

It had the ability to do a lot of app control. So, every single app that went through that portal was registered, but there is a general issue with the whole app control. As soon as you add a mobile phone to your network, all of the apps get registered through the system, and you can approve, reject, or just let them go through. When I looked at it, it was impossible to manage app control. There was just so much data. I didn't apply that service because I just didn't have the time to manage it. It would be good if there was a way to categorize applications. However, that's dangerous too because you can be turning off an app in a group because you don't know what it is doing. It could be a vital company app. So, App control is the main area in which they need to keep working.

The design of the screens could be improved. Sometimes you're trying to look for information, for what you think is critical that should be on that first screen of the dashboard so that you can quickly take screenshots to have people help out, but you have to hop between screens to find little pieces of evidence.

They should work with their customers to find out, when they're troubleshooting, if they're going through multiple screens just to get little pieces of information. Maybe they could design an overall security screen for an event and pull that stuff in so that it's on one screen, rather than having to go search for it. Right now, you're always going back and looking on the left-hand side, going down the column, and trying to remember where something you need is. You have to click all over the place to go find what you're looking for.

I'd like to see this solution more closely integrate with other products Cisco has in its portfolio.

I would also like to be able to manage the identities, for example. If you define them in ISE, it would be good to be able to use the same identities also within Umbrella. It would simplify the use of multiple products within the organization from the same vendor.

I would like for them to continue building on IPS and IDS functionalities. 

It's easier for us to have support features with companies who are Cisco representatives, but sometimes, it's hard for us to get the help we need without having to use our contacts within Cisco.

With any Cisco product, it's the licensing side of things that needs improvement. Licensing changes and Cisco typically doesn't make it easy for us, but it does evolve. What's good now is that predominantly across the different product sectors within Cisco, you start off with DNS Essentials, Advantage, and even the Catalyst switches. That's now ubiquitous across the Cisco line. They've got to keep it simple on the licensing side so that when I go and talk to clients, I can say, "Right, here you go. With this license, you get these features, but you can always scale up." Once the customers experience Cisco Umbrella, then typically, they start thinking, "What else could I be doing?" You may start off with the DNS Essentials, but then you might move to SWG eventually.

Getting to some of the reporting features is something that could be improved. When I am tracking someone that has done something, my first hint is usually an email, because I've got those scheduled to come in every so often. But then I've got to log in, dig into that user, find the time period, and then export it. There's a lot of waiting involved through all of those steps.

It would be helpful if there were an embedded link in the email so that when it says it blocked something in particular, I wouldn't have to click through five or six different things to get what was blocked in that email. With a link like that, I could just click from within the notification email and it would take me straight to that page.

There are a couple of different pieces that have different portals. I know they're working on getting them all into one portal, but that's probably the biggest thing that needs improvement right now. It's not a single pane of glass yet.

A more user-friendly interface like Kaspersky and lower costs including licensing, support, and renewals would be beneficial.

Its price could be better.

We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run.

I would like for their support to be faster. 

Overall, I'm quite happy with Cisco products, but there could be one place where you can check what's going on. There could be one place where you get all the information about these products so that you don't need to look around. You get the status, information about what lately happened, and if there was anything on the machine in one single place.

There is room for improvement in the dashboard. It could stand to be a bit more detailed. I would also like to be able to customize the dashboard to focus more on what is important for my company. This would be particularly important for the customized dashboard we create for the leadership team. This would help us get information to them quickly.

We would like them to add more features to Cisco Umbrella.

There are some situations where we would like to block things for specific user groups. I know that Umbrella does that, but it's not that easy. When you go to the Global Allow and Block Lists, that's the easy part. But when you want a specific task for specific rules and policies for user groups, you have to go three levels down in the menu, and it's hard to find where you do that task.

Also, the policies are not that easy to manage.

Users need to have a bit of understanding regarding setting policies in Cisco Umbrella. I would like to have more applications being recorded. If you want to do things the right way in the console, functions have to be more automated in terms of classification, application, and recording.

Our customers want to be able to work remotely. They want Umbrella to work securely from the office and to work securely outside of the office. 

It would be good to have more extensions to third-party products and a client for other device types.

Having ready-to-go templates with best practices is definitely something that would be an improvement. Deployment, from day one, is something that definitely needs to be improved for Cisco customers.

We are very new users of the solution and are still in the exploration stages, but we are happy with the product thus far. However, there are some features available in Fortinet and Palo Alto that are not available in Cisco, like objects, for example. I would like to see Cisco enable us to get objects from the internet. I would also like to be able to choose groups. 

I would like to see improvement in the user and group policies. Sometimes it is not very accurate and they apply only to specific users in a group. It needs to be more accurate.

Also, the reporting needs some enhancements.

Finally, the integration with other solutions is a little complex. If you want to integrate with something like ArcSight or LogRhythm or Splunk, you need to do a lot of configuration. There are no easy ways to implement it.

Cisco Umbrella is difficult to manage and needs to include a dashboard. It needs to improve pricing as well. 

So far, I haven't seen any areas that need improvement. As far as what we need it to do, it's doing just that. It's comfortable for us. It's working beyond our expectations. Something on our end that might make it better is alerting going to our ticketing system. It's not something that we have discussed, but that would be a proactive option for us to provide a learning experience for the staff.

I would like to see hardware-based integrations. If a hardware platform were provided for Umbrella, that would definitely improve the market for it. The solution is pretty good, but if a hardware-based solution came through, it would meet all the compliance standards in my country.

Especially when we are addressing governmental customers, they hesitate to connect to the cloud. That is where we need a hardware platform so that the solution can be used on-premises as well.

The API is very Cisco orientated, which is absolutely fine if you're using Cisco Firepower and SecureX kind of products, but if you want to integrate with third parties, it is a bit tricky. There are some key API connectors for the more prevalent SIEM tools.

I would really like to see in Cisco Umbrella the ability to create customized reports and then assign the rights to view these reports to people within a group. I should be able to create a customized report, which is viewable by anybody who has the rights. I should be able to create groups within Cisco Umbrella, and then assign reports to groups and have those reports split out automatically only to those groups. I can kind of do it by restricting my email list, but it is a half-complete way of doing it.

I would like to see DLP integration in the next release of this solution. Including this would give us headroom with some of the infrastructures that we have today.

Their support should be improved. It is necessary that the support is efficient. It is not really easy to get a resolution for an issue from Cisco support. They should be faster and more efficient.

While the way the solution works with the functions is fantastic, updates or the ability to secure the vault while offline for cloud-based services should be addressed. 

The integration with Cisco could be better. We already have something along these lines and so far so good. 

Local support should also be provided, so that there will not be a need to lump us in with the European pool. For other products, Cisco does have local support. There is a local number which can be reached should the need arise. The support should be more regionalized, as we are talking about an endpoint to endpoint solution. Owing to the number of people who interface with the tool and the response time, local support should be provided. The local support job should handle the app of Cisco Meraki.

It could be improved by having a local data center and caching, which can provide protection support. I would like to be able to channel my intel and my network traffic to their clouds, and this feature is not available. Advanced protection or any malware file support, which might be required, is not available.

In the past, Cisco Umbrella has denied us access to secure websites. I haven't seen it lately, but they have blocked different legitimate websites. However, they have good tools that allow you to refresh and verify whether a website is legitimate or not. They have so many servers across the United States and even globally. I believe that it helps you to identify a website. 

In other words, the solution is good, we like it and we've been using it. We have a big customer of about 1,200 users and they're happy. The only thing I am not happy with is Cisco themselves. Not because of a technical or support issue, but because a division of Cisco poached one of my clients, stole them from me, which is completely unethical. When I talked to our account managers about it, they said there was nothing they could do about it because it was a different department. I said, "What do you mean different departments? This is my client and you guys went and provided them with a solution that I am already providing them?" So, that was a big deal for me. 

Also, I think Cisco Umbrella has an automatic push feature, which is the automated updating agent, but if I am wrong, they should get it.

While technical support is good, there are features in the backend development side that were initially promised but are not there yet.

More granularity in the product would be helpful.

The reporting functionality should integrate better with SIEM products because it lets us report in PDF, but we want more flexibility.

Support for multiple domains is important to us.

Deep packet inspection features should be implemented. This solution does not give us full, 360-degree protection.

They should have a local data center available in India.

One thing I can mention is network security. There's no real mention about the potential of malware & virus protection for locations that we are using OpenDNS on. In certain areas, we only have a few people on-site and there’s no real need for a firewall at that point.

That would be the only thing I can think of with OpenDNS that we have NO information on.

Otherwise, for me, I think it’s a good packaged deal. I wouldn’t really change anything.

The detection of wireless attacks or targeted attacks reports many false rates. This is an area that needs some improvement.

It should be more specific. This can help the customers to know the exact incident details.

The intel logs and the incident proactive security incidents for targeted attacks are also something that needs to be improved.

If the security issues are taken care of it would be better.

I think it's a very basic solution, and because of that, we provide it to the small business market. Cisco Umbrella would not be a suitable solution for large companies.

In the next release, integration or shoulder, for example, to a firewall on-premises using Cisco Umbrella to connect would be good. If possible, it would be good to take the weight off the shoulder of the solutions.

I can't think of a place where there is a gap in features. It seems to cover everything.

The pricing is a bit high. Being outside of the USA, we have issues with the exchange rate.

The solution could use more intelligence.

They likely could combine some of the AMP features that they already have in other AEM's for anti-malware purposes.

One of the issues with Umbrella is as you get into endpoint detection and response, such as EDR point solutions, some of them will not integrate well with Umbrella. Sometimes when you want to use technology, such as Always On VPN, it will not work. There are some looming issues as one type of technology starts to crossover with Umbrella. That is the challenge and Umbrella should find a way to be more compatible with some of the endpoint response solutions that are coming out on the market.

I would like to see more intelligence built into Umbrella.

In the future, they should combine some of the Cisco AMP features that they already have, for anti-malware purposes.

• It needs better integration with external threat feeds to improve scoring. 
• I would like it to automatically feed to the customer's SIEM. 

Its on-prem rollout is quite challenging. It needs better coordination with the Internet Service Provider. It is a cloud-based solution, and any endpoint that connects to it has to go through all the gateway ISPs, but some of the ISPs block HTTPS-based DNS. That's where the challenge occurs with Umbrella.

I would like to see more integrability with other products.

If I could take this information and integrate it with other products, it would be beneficial.

Security, overall, can always be improved.

I would like to have the ability to prevent certain sites/data from showing on the reports. I have had this feature request open for a couple of years. It would be useful to have for filtering out unuseful data.

Cisco Umbrella does not have a Malware Protection engine itself. It would be useful if they had a malware protection engine running inside their own VM.

They have some VM appliances with the installing enterprises for limited access for the DNS proxy to the cloud. If they had this feature running inside the VM, it would be much better.

It would improve this solution to have applications hosted on the cloud.

I would like to see the application that they promised. If you have an application running inside your environment, with multiple portals, as an example, we have our employee portal, ERP and some other portals. These portals will be accessed through the Cisco Umbrella Cloud, and the deployment will be a VPN-based deployment, Cisco Umbrella Cloud will be connected to your enterprise and afterward, you can just click on this application using Cisco Umbrella Cloud subscription, and you will have the access to your application anywhere in the world, and you don't have to publish it. You will save public IPs, and a lot of bandwidth because publishing requires bandwidth. 

All of the users from outside will be coming inside your environment and will be accessing the web servers, so there is no need to publish.

It will be some time before this feature is introduced. They are working on it and it is still not ready.

I would like to see IPS-based solutions. To have an IPS solution inside the Cisco Umbrella cloud. 

If there were an IPS product built inside the solution, it would be very good. It would be a one-box solution. With this one-box solution, you wouldn't need any extra security layers,  and you don't need any WAN solution.

There is a solution called Carbon Black. This solution can do sandboxing solution inside the PC. It checks the application which you are accessing, and what you are installing on your PC. It checks everything. It does a compliance check.

If these types of features are available on the Cisco Umbrella, so you wouldn't need any other solutions installed on your PC. It would be one solution that does everything together.  I would, like to see this.

This product needs policy scheduling for enforcement by category. Notice in all the packages, there’s no scheduling. In the Insights or Platform package offerings, you can now essentially have multiple ‘policies’ per AD user or network group. What’s missing is that I still can’t set enforcement to block certain website use at this time of day or these days of the week. For instance, a company may allow streaming audio sites for music only for night shift workers to help them keep awake and versus dayshift workers.

It would be better if there was a little bit of flexibility for organizations that don't have SD One in their environment. Because of the complexity of the environment, it's not easy to actually turn on the feature of the secure internet gateway for our users. We have not been able to explore that option yet.

I would like them to make some videos, practical videos, the kind with steps that people can use to learn and deploy.

The reporting could be improved by way of the information that's displayed. For example, when you pull a report, it shows an internal employee going to many websites, but you can spin that right down by saying a lot of it is being cached. So for example, if you go to www.msn.com, that would then not only pull the MSN domain down, but it would also bring back all the ads and the adverts. It looks like you've been to 30, 40 websites when in actual fact you've only been to one. They should narrow it down.

• Its DNS service does not support IPv6 query.
  
• Some countries don't have a DNS server leading to a domain resolution IP, not at a local level.

In terms of what can be improved, it should have more integrations with multiple end user OEMs.

Also, the Linux agent is a big challenge because multiple companies are going with Linux. There is no Linux right now for people working from home and they are looking for security which is not available via Linux. That needs to improve.

It's a very new product, so it's quite immature at the moment. It can be more user friendly.

There should be some programs for the POC phase.

I would like to see more integration between Cisco Umbrella and Cisco DNA center

Data reporting is something I would like to see improved.  

Cisco is currently rolling out data centers for this type of solution. Currently, they do not have data centers everywhere. For example, they do have one in Singapore but they do not have one in India. My clients are in India and they find an issue of slowness in the services from the Singapore data center. Cisco is working on building a data center in India to address the issue but information about the completion of that project are lacking details.  

In the next release of Cisco Umbrella, I would like to see a DLP solution. That could be a feature someone can addon. But it should be a real Data Leakage Prevention solution to more securely handle the data.  

If the virtual appliances could also gather traffic bandwidth reports, that would be great. 

There should be some sort of appliance for those customers who do not trust the cloud. Cisco Umbrella should introduce an on-premises device. 

Customers should have the ability to manage on-premises.

While support is provided, the response time could be faster.

The product itself is excellent. What I'd like to see improved is the purchasing process; specifically, I'd like to see OpenDNS offer its customers the ability to purchase any number of licenses instead of a bundle.

Cisco & Open DNS don't make it easy to add additional users/licenses to an existing account. Instead they want you to go to their store (can't get to it while you're logged into your Umbrella console) and do a purchase, like you're in some line at the grocery store.

The solution is very expensive in Brazil.

We would like to see the enhancements made to the EDR, as we see features that are running endpoint management. For example, If you want to have this feature included, you will also need another product such as Kaspersky.

If it can come included with Cisco Umbrella, it would be a good point to have.

It should have a real-time malware classification engine. It should check the malware on the website. It would be good if it had a real-time malware check for the websites because currently, it just compares the DNS queries of the blacklist. 

It should also have malware control over file execution and the types of files that the users are allowed to download.

We would like to improve nothing in particular on Cisco Umbrella.  They are very good.

The product can be pretty expensive.

I would be happy if they could add the whois information of an IP. That would further help us determine whether an IP is malicious or not by identifying the domains associated with the IP, whether there are any known bad domains associated with the IP, and more.

Difficult to answer as we haven't yet pushed the outer limits of what this product can do.

Nonetheless, one thing to keep in mind when using OpenDNS is how it will interact with your internal network and DNS architecture. You run the risk of breaking any local subnet DNS lookups in a domain-bound enterprise environment. While this criticism can be applied to other third-party DNS providers, it is nonetheless one reason for withholding a perfect rating.

Additionally, OpenDNS will handle server caching differently than your local service provider. This can cause service slowdown or interruptions, and generally prevents OpenDNS from becoming the "one-size-fits-all" solution that some would like it to be.

Finally, although this has never posed a problem in our environment specifically, OpenDNS has been known to grab NXDOMAIN records and redirect traffic to their own internal ad pages. Some people may find this unethical; however, that might depend upon whether you are utilising paid or unpaid services from OpenDNS as well.

Improvements could be made with the user interface, it could be a little smoother and more intuitive.

The different levels of security, such as backend security and internet security, need improvement.

In the next release, I would like to see the integration of VDI NSX with Cisco Umbrella.

Perhaps an option to be able to block only specific users would be a way to improve the free version of OpenDNS. In our department, there are multiple users that need different levels of access. For example, those who work in the advertising department need access to social media, while those in the accounting department do not. The ability to be able to set different rules for each user would have been nice to have.

There should be a way to monitor traffic at the user level. I use Meraki Dashboard and Cisco Firepower to do this for different networks. I understand this tool monitors the network as a whole but adding that information will let us cut the cost for other tools. 

It could be more secure. It would be better if they provided a transferring proxy as an add-on and more integration.

The price could be better. The price is definitely a bit high, but we have to pay a premium for Cisco products. 

There are always little items that can be fixed in any solution, however, I don't have any specific complaints.

The first time you set up the solution and have integrations, it may be a bit difficult, however, it gets easier.

The pricing could always be a little bit better.

Looking at the full umbrella suite in the light of SASE, Secure Access Service Edge, they are clearly lacking in the inline CASB. Any line cloud access security broker has an API-based cloud access security broker, which is called CloudLock, but they're lacking the inline components, which are able to intercept traffic.

An on-premise DLP solution or integration with an on-premise DLP solution would be a nice addition. Also, more broad operating system support for endpoints would be an advantage.

This solution is difficult to configure.

I would like to see a graphical representation of the entire network. For example, the network topography that shows connections to the server, as well as the communication that is coming into and going out of Umbrella.

In the way we are using the solution it would be good for us if they would do some simplification of the analytics. They need to improve this feature so they have analytics to show the content of the user activity. I would like there to be some more analytics provided so that we can see the application routing and additional specific information. Those kinds of analytics can prove to be helpful in our security efforts. For me, this is the only thing that could be improved in Cisco Umbrella. They already have so many features that it is hard to imagine what else they can add.  

If I want to see which users access a website, I need an Active Directory registered on Umbrella's cloud.

I think there is some room for improvement with regard to the Windows client. While providing great protection for roaming laptops, on occasion users in the office would get the "yellow triangle" showing up over their wifi connection. It would state that the users were not connected to the internet, when in fact they were. This caused a few gripes and was difficult to troubleshoot. Other than that, not much else.

Only other suggestion might have been a URL to automate requests when checking if a blocked site is in fact a valid block.

Improvement could be made in the area of detailed reporting analytics broken down by client name for individual custom reporting.

I would like the product to offer more security features, such as IPS, IDS, DDoS prevention, etc.

I would like to see integration with SecurNX in the future.