Coming October 25: PeerSpot Awards will be announced! Learn more

Cisco Umbrella OverviewUNIXBusinessApplication

Cisco Umbrella is #1 ranked solution in top Web Security Gateways, top Internet Security tools, CASB solutions, top Secure Access Service Edge (SASE) tools, and top Domain Name System (DNS) Security tools. PeerSpot users give Cisco Umbrella an average rating of 8.8 out of 10. Cisco Umbrella is most commonly compared to Zscaler Internet Access: Cisco Umbrella vs Zscaler Internet Access. Cisco Umbrella is popular among the large enterprise segment, accounting for 64% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
Cisco Umbrella Buyer's Guide

Download the Cisco Umbrella Buyer's Guide including reviews and more. Updated: September 2022

What is Cisco Umbrella?

Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.

Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.

Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.

Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.

Why use Cisco Umbrella?

  • Simplify security management: Cisco Umbrella is the fastest and easiest way to protect all users within minutes and reduces the number of infections and alerts sent from other security products by stopping threats at the earliest point. With no hardware to install and no software to manually update, ongoing management is simple

  • Reliable reporting: Cisco Umbrella reports show activity for each device or network in the system. Users gain a more complete picture of the security risks facing their organization and can take action to remedy them.

  • Manage and control cloud apps: Umbrella provides visibility into sanctioned and unsanctioned cloud services in use across the enterprise. Users can uncover new services being used, see who is using them, identify potential risk, and block specific applications easily.

Reviews from Real Users

Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.

Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”

Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”

Cisco Umbrella was previously known as OpenDNS.

Cisco Umbrella Customers

Chart Industries, City of Aspen, Eastern Mountain Sports, FLEXcon, George Washington University, Jackson Municipal Airport Authority, Ohio Public Library Information Network, PTC, Richland Community College, Smart Motors, Tulane University, VeriClaim

Cisco Umbrella Video

Archived Cisco Umbrella Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Technical Presales Consultant : Cisco Security at a computer software company with 201-500 employees
Reseller
Segmenting email and web proxy features stand out but missing pieces leave holes to be filled
Pros and Cons
  • "Helps block personal email accounts."
  • "Web proxy adds an effective layer for security."
  • "Missing a real data leakage prevention solution."
  • "Data reporting could be improved."

What is our primary use case?

Cisco has its own cloud that they manage Umbrella on. So Umbrella is not like any part of AWS or Azure or GPP. Our use case for Umbrella all depends on our customer's requirements. Cisco Umbrella has many packages to help address these requirements. The current package which we are working on incorporating more is Cisco Umbrella SIG, which is the Secure Internet Gateway. It has just been launched as part of Umbrella and we are currently exploring its capabilities and utility for our clients.  

There are a lot of use cases for Umbrella, and for us those use cases include the following:  

  • One of the more important use cases for clients is using the product as a web proxy.  
  • A second thing would be a situation where a customer wants to block access to an employee's personal email account and allow only corporate email accounts.  
  • A third would be the cloud-delivered firewall. This would cover a situation where a customer would create a tunnel between their on-prem firewall to the Cisco Umbrella cloud. This would make it so that all the traffic is filtered by the Cisco Cloud Firewall.  
  • We use it to support our MDM (Mobile Device Management) integration. Umbrella can be integrated with various MDM products, like AirWatch and MobileIron, and that category of products.  
  • Umbrella supports family integrations. So we can search for information from AWS or Azure-based clouds and we can create family-based policies using Umbrella.  
  • Umbrella provides support for some features of Kaspersky. For example, it can tell you what all apps are running on the endpoints and it can give you granular control over those apps.  

These are only a few of the use cases which I think are most important for us and our clients at this time when using Umbrella.  

What is most valuable?

The most valuable feature which I found in Umbrella is the segmentation of personal accounts from corporate accounts. In order to work with this, Umbrella has a feature where we add the ID of the customer's Gmail account or the Azure account. That ID is then used as a filter to separate access so that only corporate Gmail will be accessible and it can block personal accounts.  

The second very valuable feature is the web proxy part which is effective in determining if a feed may be malicious.  

What needs improvement?

Data reporting is something I would like to see improved.  

Cisco is currently rolling out data centers for this type of solution. Currently, they do not have data centers everywhere. For example, they do have one in Singapore but they do not have one in India. My clients are in India and they find an issue of slowness in the services from the Singapore data center. Cisco is working on building a data center in India to address the issue but information about the completion of that project are lacking details.  

In the next release of Cisco Umbrella, I would like to see a DLP solution. That could be a feature someone can addon. But it should be a real Data Leakage Prevention solution to more securely handle the data.  

For how long have I used the solution?

I have been working with Umbrella for around three years now.  

Buyer's Guide
Cisco Umbrella
September 2022
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,572 professionals have used our research since 2012.

What do I think about the stability of the solution?

This product is stable and it is very easy also to scale up.  

What do I think about the scalability of the solution?

Usually, a product is really designed for small, medium, or big companies. I think Umbrella is good to serve any size customer. The range could start from 200 users and then you have an interface that can handle anywhere up to 5,000 to 6,000 users. I think anything is possible with Umbrella as far as scaling usage because of the package and licensing options.  

If you want to increase the number of users you just have to inform Cisco to tell them to increase the seat count on Umbrella. We can renew our licenses to be in compliance with the Cisco licensing policy.  

How are customer service and support?

I had worked for Juniper support before and I worked for other tech support teams and I feel that Cisco's type of support is the best. The response time has been right on and then they isolate all of the issues. It is the best product support I have seen in a long time.  

How was the initial setup?

The initial setup is very simple, you can set up Umbrella within two minutes I would say. You just have to point the DNS to Umbrella and that is it. So it is very easy to deploy and set up.  

Actually, I am from the research team. We make the solution requirements, then the product moves on to the process team. Once I have made a solution, then the product team takes care of rolling out the implementation.  

As this solution is a public cloud solution, there is very little maintenance which the customer has left to do. The setup is relatively easy and it is very good for the client.  

What's my experience with pricing, setup cost, and licensing?

The licensing part for Umbrella is really flexible. If a customer purchases a thousand licenses, and if at any point the customer overshoots the available license count, Umbrella would not stop working for the additional users. Cisco would be informed that there is an attempt at overconsumption of the licenses and they would inform the customers that their license count has been increased. It will do this automatically. The customer can take action to renew those licenses. So it is flexible.  

There are three models for licensing. There is the Cisco Umbrella essential plan, then you have the advantage plan, and then they have the plan including SID. Every license comes with a different feature set.  

What other advice do I have?

The advice that I would give someone looking at the Umbrella solution is that they can evaluate Umbrella because it is very easy to set up. You can get started discovering the product and do a little to check it out. They should make sure that all their use cases are covered by Umbrella.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate Cisco Umbrella as somewhere between a seven-point-five to eight, personally. But I will give it a seven overall.  

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
PeerSpot user
NOC Lead at a tech services company with 11-50 employees
Real User
Protection from malware for roaming employees that comes recommended
Pros and Cons
  • "Provides dependable DNS monitoring of external devices."
  • "The initial setup is very easy and takes only a few minutes."
  • "They need to improve analytics so they report on more of the specifics of user activity."

What is our primary use case?

I do not know what the latest version is that is currently installed, but it is cloud-based monitoring so it is one of the most recent versions.  

The primary use case is for endpoint users who are not working on our office premises. They are remote employees who are roaming so they are not within our protected zone. They can be vulnerabilities if they are browsing content and there is malware included on those web sites. Umbrella allows this kind of monitoring on remote devices and we can block those sites. We can also block applications which we would like not to allow to be running in the organization.  

With Umbrella our primary use is that we can monitor the endpoints for external devices. We will protect the users from malware phishing through email and the websites they are browsing. Umbrella is a solution for things like DNS (Domain Name System) protection, filtering, and security.  

What is most valuable?

I think the one feature we are using that Umbrella provides that is the most valuable feature is the DNS security. It is used to watch all the traffic which we are routing through the endpoint and organization firewalls. The users and devices are diverted by our secure gateway which scans each and every DNS request. It notifies us if it is not safe and allows those that are. It is like an alarm center application near our firewall.  

What needs improvement?

In the way we are using the solution it would be good for us if they would do some simplification of the analytics. They need to improve this feature so they have analytics to show the content of the user activity. I would like there to be some more analytics provided so that we can see the application routing and additional specific information. Those kinds of analytics can prove to be helpful in our security efforts. For me, this is the only thing that could be improved in Cisco Umbrella. They already have so many features that it is hard to imagine what else they can add.  

For how long have I used the solution?

I have been using Cisco Umbrella for two years.  

What do I think about the stability of the solution?

Ever since we started using this product last year, it has been stable. If any service is down, we can see on the dashboard whether all of the resources are online or not. If something is down because we are working on it for some reason, something could happen then. But in two years, I did not find any issues due to the product becoming unstable on its own.  

What do I think about the scalability of the solution?

Right now, we are working as a startup and we have 13 members of the team who are using the Cisco Umbrella. They are using it directly during business hours with configurations and analysis and other maintenance and access. It is the product's job to watch all the traffic routing to data points throughout the nine hours as it is routed to pass through the Cisco Umbrella.  

But whenever other users are trying to access the network — even in the non-business hours — if they are using their office laptop, all the traffic will be routed through DNS security. Umbrella is protection for the company devices from websites that may do something like data attacks on remote laptops. It handles all of these requests no matter how many concurrent users we have.  

We will be adding DNS to all the endpoints. For this, we will update the Cisco Umbrella DNS software for all our data points to watch all the traffic that is going through the EndPoints. It seems it will be very scalable.  

How are customer service and technical support?

I have not contacted the technical support, but I had a discussion with the sales and diagnostic people. The technical issues are mostly something I resolve on my own by looking at the documentation. But once, when I wanted to implement some tool for a new solution, I contacted the sales team and they asked me some questions about what exactly it was that I wanted to accomplish. After I answered the questions in the meeting with them, we came up with the solution and the process and put it to work. So the sales team knows the product well.  

Which solution did I use previously and why did I switch?

Previously, in another organization, we used OpenDNS. That product was purchased by Cisco to be used as their product under the name of Umbrella. So I did not switch the product really, but the name and my company have changed.   

How was the initial setup?

The initial setup is a simple process. If you build on-premises, the deployment will take half-an-hour. If you build on the cloud it is like 10 minutes. it could be even less than 10 minutes. It is really fast. It will take five minutes to sync to the endpoint, to the cloud, and to collect the data. The syncing is what takes the time.  

I have gone through the documents for Cisco Umbrella. So I have been deploying the product myself without the help of a technician and we are doing the implementation on our own.  

What about the implementation team?

The only maintenance we do is we need to update the latest version through our version management software. We just update the agents on the endpoints.  

What's my experience with pricing, setup cost, and licensing?

Because it is a cloud product, Cisco uses subscription models for the pricing. There are three subscription plans for Umbrella. They have a standard plan and also an enterprise plan and another one. The different plans cover different features and options for different sized organizations. It gives you the option to compare the subscription plans and get the coverage that you need.  

What other advice do I have?

My only real advice to people considering Umbrella is that I can recommend this solution. On a scale from one to ten where one is the worst and ten is the best, I can rate Cisco Umbrella as a nine-out-of-ten.  

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Umbrella
September 2022
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,572 professionals have used our research since 2012.
MD.SIHAB TALUKDAR - PeerSpot reviewer
System Engineer at asa
Real User
Top 5Leaderboard
Stable, integrates well, and is easy to install
Pros and Cons
  • "What we like most is security and how easy it is to integrate with other appliances."
  • "In the next release, I would like to see the integration of VDI NSX with Cisco Umbrella."

What is our primary use case?

We are using this product for DNS security that is integrated with Active Directory. We are also using public DNS connectivity for the filtering of underlying threats.

What is most valuable?

What we like most is security and how easy it is to integrate with other appliances.

What needs improvement?

The different levels of security, such as backend security and internet security, need improvement.

In the next release, I would like to see the integration of VDI NSX with Cisco Umbrella.

For how long have I used the solution?

We have been using the entire Cisco Solution for three years.

What do I think about the stability of the solution?

In the two years that I have been using this product, it has been stable. We have not had problems.

What do I think about the scalability of the solution?

It's a scalable solution.

How are customer service and technical support?

My experience with technical support is that when you open a case, you get better support. I ordered a part and was told that it was not available. When I opened a case, it was better.

Which solution did I use previously and why did I switch?

In addition to Cisco Umbrella, we are using Cisco Firepower. 

We use the entire Cisco solution that includes Cisco Umbrella, Cisco AMP for Endpoint, and Cisco Firepower.

How was the initial setup?

The initial setup is easy. It took a day to deploy.

What other advice do I have?

We use the entire Cisco solution and we are happy with the product integration.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ayman Totounji - PeerSpot reviewer
Chief Executive Officer at Cynexlink, LLC
Real User
Before it lets you go, it filters and gives you the okay to move forward with the website you're looking for
Pros and Cons
  • "It's very stable, reliable and does its job."
  • "It has happened in the past that Cisco Umbrella has denied us access to secure websites."

What is our primary use case?

We use Cisco Umbrella for web security and it's very good. It acts as web filtration combined with security and I am very supportive of it, especially with cybersecurity trending these days and the amount of malware and spyware out there. It's important for end-users to have some sort of protection when they're browsing the internet and this product does that. Before it lets you go, it filters and gives you the okay to move forward with the website you're looking for. A lot of customers tend to make typos when they're searching for websites, which then leads them to unknown websites that automatically download malware to their computer — now they're infected. That's why you need web security. 

We currently have about 1500 endpoints under Cisco Umbrella, but of course, we plan to increase our numbers. We offer Cisco Umbrella in our packages so whenever we get new customers on board, they get it. 

What needs improvement?

In the past, Cisco Umbrella has denied us access to secure websites. I haven't seen it lately, but they have blocked different legitimate websites. However, they have good tools that allow you to refresh and verify whether a website is legitimate or not. They have so many servers across the United States and even globally. I believe that it helps you to identify a website. 

In other words, the solution is good, we like it and we've been using it. We have a big customer of about 1,200 users and they're happy. The only thing I am not happy with is Cisco themselves. Not because of a technical or support issue, but because a division of Cisco poached one of my clients, stole them from me, which is completely unethical. When I talked to our account managers about it, they said there was nothing they could do about it because it was a different department. I said, "What do you mean different departments? This is my client and you guys went and provided them with a solution that I am already providing them?" So, that was a big deal for me. 

Also, I think Cisco Umbrella has an automatic push feature, which is the automated updating agent, but if I am wrong, they should get it.

For how long have I used the solution?

I've been using Cisco Umbrella for roughly five years.

What do I think about the stability of the solution?

We have been using Cisco Umbrella for three years; it's very stable, reliable and does its job. We experience minor hiccups here and there, but it's nothing that our team cannot handle, and if for some reason they cannot, then they can always reach out to customer support.

What do I think about the scalability of the solution?

Cisco Umbrella is very scalable. You can do anything and it's very useful for MSP. It's basically a single window that allows us to manage different servers and different clients. That's the beauty of it, no more logging in and out for different clients, which is nice.

How are customer service and technical support?

For me personally, I consider Cisco to offer premier support. Currently, due to COVID-19, we cannot call them now for obvious reasons, but prior to COVID-19, Cisco support was one of the best, especially in regards to Umbrella. Honestly, we almost never have to contact them. I don't recall having to contact them even once over the last year or so.

Which solution did I use previously and why did I switch?

For web filtration, we tried Websense before but now I believe the cloud solution is the way to go, it's much better. We had a customer and they needed to have different layers of protection, especially today with cybersecurity, and open DNS is one of them. I believe it's mandatory that you must have some sort of defense because it's is up in the air, there may be other solutions, but something needs to protect you from going to the wrong websites.

How was the initial setup?

They have different setups. For example, you can integrate with the Cisco Firewall and I believe you can integrate with any platform with an agent, on each device. So, it really depends on how comfortable you feel with the setup. If you need to get more information and analytics, I believe it says the agent is the best way to go. The agent gives you every machine: for example, what has been blocked? What kind of security breaches have been attempted? Open DNS has defended this particular endpoint, but there are definitely many flexible, different integration methods to integrate a solution.

What's my experience with pricing, setup cost, and licensing?

I am not sure, I don't have the numbers in front of me, but I think it's $1.00 or so per device/month.

What other advice do I have?

I like this product and I'd really recommend it to everyone. Obviously, it's not the only product out there, but today, every endpoint should have multiple layers of security. You need to protect your users when they are browsing—open DNS. You need to protect them from emails, both inbound and outbound and you need to protect the endpoint from breaching. 

I would rate Cisco Umbrella a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Global Security at a manufacturing company with 501-1,000 employees
Real User
Weekly reporting, investigation, and the application management are equally great
Pros and Cons
  • "The weekly reportings are great. The investigation is super and the application management is equally great."
  • "The reporting could be improved by way of the information that's displayed. For example, when you pull a report, it shows an internal employee going to many websites, but you can spin that right down by saying a lot of it is being cached."

What is our primary use case?

Our primary use case is for protecting and defending against cyber-based threats. So anything on the internet emanating through DNS-type attacks and then also content filtering. It ensures that our employees are only going to know safe categories. 

What is most valuable?

The weekly reportings are great. The investigation is super and the application management is equally great.

What needs improvement?

The reporting could be improved by way of the information that's displayed. For example, when you pull a report, it shows an internal employee going to many websites, but you can spin that right down by saying a lot of it is being cached. So for example, if you go to www.msn.com, that would then not only pull the MSN domain down, but it would also bring back all the ads and the adverts. It looks like you've been to 30, 40 websites when in actual fact you've only been to one. They should narrow it down.

For how long have I used the solution?

We have had Cisco Umbrella at my company for three years but I have been using it for six months. 

What do I think about the stability of the solution?

The stability is great. 

What do I think about the scalability of the solution?

We've got full coverage, but from an admin perspective, there are four users who use it on a daily basis. 

How are customer service and technical support?

We've contacted their support once or twice and thy were great.

What's my experience with pricing, setup cost, and licensing?

It is 1,000 on a yearly basis. Everything is included in the standard license, there are no additional fees. 

What other advice do I have?

It does not require maintenance. It is very light in that way. 

Architecturally, for the deployment, you should consider if you want it on roaming clients or if you want it central. If people are connecting back through a VPN, it's then probably on every single client. Looking at how we're all working now with COVID, having a roaming client deployment gives you that added layer of protection because you're not dependent on the users connecting back to corporate VPN. They're always protected. Think about your deployment.

I would rate it an eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Solutions Pvt at iDesign Data Solutions Pvt.Ltd.
Real User
Analyzes the domain security and helps us implement the securest policy
Pros and Cons
  • "It analyzes the domain security helps us implement the securest policy."
  • "I would like to see integration with SecurNX in the future."

What is most valuable?

I think Umbrella is good enough as of now. It has the security of domains. It analyzes the domain security and helps us implement the securest policy. This feature is presently not being provided with other technologies. It's a multi-tenant solution. Multi-tenancy MSSP packages, they're all ready. As well as any cost amounting deployment security coverages with DNS and intelligence policy of production and protocols.

What needs improvement?

I would like to see integration with SecurNX in the future.

How are customer service and technical support?

We have contacted Cisco technical support a number of times for Cisco They are two hundred percent. They are very efficient. Any kind of support you can stay with Cisco. We don't have any issues with technical support.

How was the initial setup?

The initial setup is traightforward. There is no complexity in the setup. The setup took minutes only.

What about the implementation team?

Setup and maintenance are done by our own team.

What's my experience with pricing, setup cost, and licensing?

It is not a very expensive product.

What other advice do I have?

Cisco Umbrella is a very good product as of now as there is no competition. It is an excellent product. It is, actually, a must for our organization. It is not a very expensive product. I would rate Cisco Umbrella at a ten on a scale of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
SUDIPTABISWAS - PeerSpot reviewer
Senior Manager - Information Technology at Emami Ltd
Real User
Top 5
Easy to set up and use, but deep packet inspection is needed and they should have a data center based in India
Pros and Cons
  • "The most valuable feature for us is the DNS-based protection."
  • "This solution does not give us full, 360-degree protection."

What is our primary use case?

We use Cisco Umbrella to provide protection for our end-users. It prevents unauthorized access to their systems, as well as halts access to compromised sites, such as a ransomware site. Essentially, all of the malicious activity is prevented.

What is most valuable?

The most valuable feature for us is the DNS-based protection. It is the only type that is available in India.

The interface is very easy to handle. Even a person with limited knowledge can quickly learn to work with it.

What needs improvement?

Deep packet inspection features should be implemented. This solution does not give us full, 360-degree protection.

They should have a local data center available in India.

For how long have I used the solution?

I have been working with Cisco Umbrella for four months.

What do I think about the stability of the solution?

I haven't experienced any instability.

What do I think about the scalability of the solution?

This is a highly scalable product.

How are customer service and technical support?

I have been in contact with the Cisco technical support, once or twice. They were not big issues, however. Overall, I am satisfied with the support.

Which solution did I use previously and why did I switch?

Prior to Cisco Umbrella, we were using on-premises solutions. The capability is good except that a cloud-based solution can be more easily provided to all of our end-users. 

How was the initial setup?

The initial setup is straightforward and there is no complexity to it. This is a cloud-based system, so just install it, mount it, and the policies get applied. The installation requires that you log into the portal using your ID, and then it just starts working.

Which other solutions did I evaluate?

Zscaler has a local data center available, which is something that Cisco can't offer us at this time.

What other advice do I have?

This is a good product, although it does not have the features that I was looking for. At this time, it does not have the capabilities that are relevant to the Indian market. As such, we are thinking about uninstalling it and switching products.

The suitability of this solution depends on the industry and requirements. It is important to remember that if you start with a product or approach, you may end up switching to something different. That said, if you want to begin with Cisco Umbrella to deal with malware then you can always change later if it doesn't perfectly fit your environment. This is what we are doing.

If I were rating this product on a single capability then it would do very well. However, rating it on multiple capabilities, then there is definitely room for improvement.

I would rate this solution a six out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Syed Ali Wajahat - PeerSpot reviewer
IT Solution Architect at a media company with 1,001-5,000 employees
MSP
Offers protection from DNS-based attacks and improves visibility
Pros and Cons
  • "It will protect, give you more robustness, and faster responses, compared to any firewalls or any of the proxy web servers."
  • "It would be useful if they had a malware protection engine running inside their own VM."

What is our primary use case?

The primary use case for this solution is for DNS based attacks and for malware protection. It has a malware protection engine.

If you install Cisco Umbrella Clients on the remote PC, you can do URL filtering, malware protection, and you can check the health and status of the device itself.

How has it helped my organization?

All of the DNS Queries are sent to Cisco Umbrella and you have more visibility of what users are asking, as well as what users are accessing over the Internet. 

You have all of the details and all of the information of what the users are accessing, even before they get access to the website. For example, if one website is malicious and it has some malware and some viruses in it, and a user sends a request to this URL, it will be reported in the Cisco Umbrella Cloud before the user gets the response back from the webserver. 

It will protect, give you more robustness, and faster responses, compared to any firewalls or any of the proxy web servers.

Based on the DNS, Web proxy, and other servers, it waits until after the DNS request. It will put in its action after the user gets it by the webserver when the response is coming back. 

In the end, the response from the malicious server will come into your network. Cisco Umbrella cloud has stopped it before that. You have one more layer of security on top of the URL filtering or on top of that server response.

The deployment was for two thousand plus users. We have multiple sites, and we have some remote users in different locations.

Cisco Umbrella is a fitting solution for DNS-based attacks and malware protection. It is a very good solution for that, and especially for remote users.

What is most valuable?

The most valuable feature is that it prevents DNS-Based attacks, which is quite common these days.

The DNS Query is first sent by the user and then it will communicate to the URL. If you are requesting for some URL it process also to an IP.

The basic functionality of Cisco Umbrella is to save this type of request and to have a more secure way to communicate the DNS Query back to the user. Any attack based on the DNS Query is stopped by Cisco Umbrella.

If you have a proxy, for example, if my DNS server is 172.19.222.21 and I make a server on the same IP or different IBN with the same DNS name, I can make a proxy and the user request will come to me and I can send this user any way I want. So based on these types of attacks, Cisco Umbrella protects the user.

The user requests a lot of DNS queries. Even if you don't know it or if the user is not accessing any URL, the laptops or any PC keep on accessing different URL's and you are not aware of it or if it is good or not. Cisco Umbrella gives you the visibility and you know what is happening from this laptop or this endpoint.

What needs improvement?

Cisco Umbrella does not have a Malware Protection engine itself. It would be useful if they had a malware protection engine running inside their own VM.

They have some VM appliances with the installing enterprises for limited access for the DNS proxy to the cloud. If they had this feature running inside the VM, it would be much better.

It would improve this solution to have applications hosted on the cloud.

I would like to see the application that they promised. If you have an application running inside your environment, with multiple portals, as an example, we have our employee portal, ERP and some other portals. These portals will be accessed through the Cisco Umbrella Cloud, and the deployment will be a VPN-based deployment, Cisco Umbrella Cloud will be connected to your enterprise and afterward, you can just click on this application using Cisco Umbrella Cloud subscription, and you will have the access to your application anywhere in the world, and you don't have to publish it. You will save public IPs, and a lot of bandwidth because publishing requires bandwidth. 

All of the users from outside will be coming inside your environment and will be accessing the web servers, so there is no need to publish.

It will be some time before this feature is introduced. They are working on it and it is still not ready.

I would like to see IPS-based solutions. To have an IPS solution inside the Cisco Umbrella cloud. 

If there were an IPS product built inside the solution, it would be very good. It would be a one-box solution. With this one-box solution, you wouldn't need any extra security layers,  and you don't need any WAN solution.

There is a solution called Carbon Black. This solution can do sandboxing solution inside the PC. It checks the application which you are accessing, and what you are installing on your PC. It checks everything. It does a compliance check.

If these types of features are available on the Cisco Umbrella, so you wouldn't need any other solutions installed on your PC. It would be one solution that does everything together.  I would, like to see this.

For how long have I used the solution?

I have been using this solution for one year.

What do I think about the stability of the solution?

It's quite stable. It's a very stable product, and, it's quite straightforward. We deployed this solution a year ago with no issues afterward. We didn't get any complaints. There are some categories, and filtering that will block you for something which is not malicious, but it is considered as a threat to Cisco Umbrella. You will need to white list some IP address or some URLs manually if it's under your corporate use for some reason.

What do I think about the scalability of the solution?

This solution is quite scalable. It is a cloud-based solution. If your users are spread all over the world they can access Cisco Umbrella using an internet connection and it's quite straightforward. The scalability is quite robust and we can implement it anywhere in the world.

We are using this solution every day. Even if I try to access something now from my corporate laptop, the request will go to Cisco Umbrella, the DNS is configured as Cisco Umbrella.

Currently, we don't plan to increase our usage because we don't have more users at this time. If we scale or we are expanding and we have more offices, in the future we will increase the number of endpoints or number of users.

As we are running our virtual environment in our enterprise, it's not a problem. Normally if you are going to implement VMs, it will be a large scale deployment. If you have more than 2000 or 3000 users and you want a faster response from Cisco Umbrella, you have this VM.

If you have this type of environments, of course, you have a virtual environment, you have any hypervisor like VMware or Hyper-V and you have a big compute, you can manage two VMs from that. It's not an extra cost.

We have four people who have access to Cisco Umbrella. However, it doesn't require much administrative work. It does its job, and only needs a one-time concentration, afterward, all that needs attention is checking to if there are any blocks on anything.

If Cisco Umbrella blocks a user, they will notify the user. The user will get a message that they are locked under this condition and this category. The user will then notify us and complain that they have been blocked. We will check the status on the Cisco Umbrella portal and proceed to whitelist it if, it is a legitimate request.

How are customer service and technical support?

The technical support is quite good. This solution itself is not complex and everything is cloud-based. If there are issues or if something indicates that you cannot manage two portals, you can just open a claim with Cisco Umbrella and they will support you. 

The only concern is that if something goes wrong, or, something is getting blocked and if something is not as per your requirements, you don't have any visibility. You will never know what was done to correct the issues. Because it is cloud-based, they will not show you what they are doing on the server level. Without having the visibility for the solution itself you will never know what actual solution is working behind the scene.

Which solution did I use previously and why did I switch?

Before Cisco Umbrella, we were using the Infoblox solution. It was not an easy or flexible solution. Infoblox is an on-premises solution that requires a VPN, or all of the users need to connect to a VPN, just to get the DNS resolutions. This was not easy, and it was not easy to implement.

How was the initial setup?

The initial setup was quite straightforward. When you subscribe to the Cisco Umbrella services they give you some public IPs. With these IPs you have a few options:

  • You can copy these IPs and user features for the DNS and the communication will happen directly through the cloud. 
  • You can install the VMs in your corporate environment having all of the communication through the VMs and the VMs will communicate to the cloud. 
  • You can install a Cisco Umbrella application on your PC and install the external script that has the public IP for the DNS for the Cisco Umbrella.

The deployment strategy was straightforward, and it took approximately two days for deployment.

Because we had over two thousand users, we created a script on SSCM. This is a software center manager for Microsoft, making the script accessible to all of the users. This script changed all the DNS IPs to the Cisco IP addresses. Once this was complete, we installed the Virtual machines, which are the DNS proxies for Cisco Umbrella and we configured the public IPs for Cisco Umbrella. These were the only two steps that were required, taking two days for two-thousand-plus users. It was quite simple, but, if you had to do it manually, it might take some time having to do one at a time for more than two thousand users.

If you have some automation, it is quite easy.

    It has a public cloud and it is like a hybrid type of deployment. We have umbrella VMs installed in our enterprise areas, in DNS, in our remote offices, and our main HQ.

    These VMs, are like proxy DNS servers. They will save a URL resolution and has a policy-based engine as well. For example, if you are searching google.com or something that is being searched quite frequently, it will store that data, and it doesn't communicate to the cloud every time, giving you a faster response with limited cloud access.

    Our service provider is Cisco. They have their Telos Cloud, hosting the Cisco Umbrella Solution.

    After this deployment, you need to do quite a lot of fine-tuning because there will be many false positives blocks, especially if you're using the malware engine. It will keep blocking some ADME files that are used in your corporate environment, or if it's an in-house developed application, it will be blocked because the code of the application is not registered with the Cisco Umbrella Cloud, It will keep on blocking, until you whitelist that code and whitelist that UUID, just to have this application running.

    What about the implementation team?

    We did the implementation ourselves with some assistance from Cisco support. We didn't have any on-site engineer to do the deployment or implementation.

    It only took two people for the installation process. I was on the network and phone system side and another colleague was installing the service on the Cisco Umbrella Solution.

    We require four people who maintain Cisco Umbrella. 

    What was our ROI?

    This is a good solution, and there are many advantages to this solution. 

    There is a return of investment. 

    If you have this solution you don't need a big firewall or many security solutions in your environment. Because it's a cloud-based solution, you can access this over the cloud anywhere in the world. You don't need to build a big infrastructure. It will give you more return on the cost than you are putting on it.

    What's my experience with pricing, setup cost, and licensing?

    We have Cisco ELA, it's an enterprise agreement, which covers everything under security, that is offered by Cisco Umbrella. With this, we have the complete Cisco Umbrella portfolio. We have everything related to security from Cisco Umbrella. This also includes the Cisco Umbrella suites.

    We are paying yearly for all of the Cisco Umbrella applications and appliances.

    Cisco has a model called ELA. With ELA, if you buy the solution you will have the complete security portfolio and you can pay it yearly or after three years, it depends on the contract.

    It's a subscription-based solution. If you're running multiple solutions it is more cost-effective. For example, currently we have Cisco Umbrella, IronPort, WSA, Cisco CWS Cloud, and we have Cisco's FTD solution. If we were running these solutions separately it would be more expensive. 

    If you are doing a VM deployment and you have a VM appliance, you will need some compute. 

    The only additional cost will be for a server.

    Which other solutions did I evaluate?

    We evaluated another solution but the Cisco Umbrella solution is much more compelling. It doesn't have the on-premises appliances or any restrictions for the user to connect through the corporate environment.

    If the user is anywhere and the user is connecting to the internet, they will make a micro VPN through the cloud and it will connect to the VMs in our corporate environment automatically. It doesn't require any manual configuration nor does the user have to initiate anything on the PC.

    The other solution has a touch button application, on the PC. If you click it, it will create a channel with the appliance in your HQ or your remote office and then you will be able to connect to the internet or you can resolve DNS with queries. 

    As this solution was not flexible, the management chose not to go with it.

    What other advice do I have?

    If somebody is looking toward the Cisco Umbrella solution or if they have an NGIPS, NG firewalls, next-generation firewall solutions and if they are looking for DNS-based security, and if they are implementing it then Cisco Umbrella is a good solution.

    Keep that in mind that it will make a lot of noise, users will be blocked at the beginning and many of the URLs will be blocked. It will need to be fine-tuned.

    The fine-tuning is required one month after implementation. You will need to fine-tune the OpenDNS Cisco Umbrella database, just to have all the URLs there for your corporate environment, because there will be some false positive blocks. These issues will have to be fixed yourself. You will need to make sure that you are doing it. Other than that, it is a quite straightforward solution.

    I would rate this solution an eight out of ten.

    If the suggestions are implemented I would then rate it a ten out of ten. They would be one of the first companies on the market doing this. You will not find anyone on the market with any DNS security solutions like this for Cisco Umbrella. They are the market leaders for DNS-based security at the moment. If they have these suggestions in their portfolio it would be the best solution, covering every point of its endpoint security.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Hasnae Lamrani Alaoui - PeerSpot reviewer
    Presales Engineer at DataProtect
    Real User
    Provides important ransomware protection and is easy to use
    Pros and Cons
    • "The most valuable features are the protection against ransomware and phishing."
    • "I would like to see a graphical representation of the entire network."

    What is our primary use case?

    We are a system integrator, and we implemented this solution for one of our clients in Morocco. It helps to protect the network against ransomware and phishing attacks. 

    This solution integrated with eBay, and we use it to check statistics.

    What is most valuable?

    The most valuable features are the protection against ransomware and phishing.

    This solution is easy to use.

    What needs improvement?

    This solution is difficult to configure.

    I would like to see a graphical representation of the entire network. For example, the network topography that shows connections to the server, as well as the communication that is coming into and going out of Umbrella.

    For how long have I used the solution?

    I have been using this solution for three months.

    What do I think about the stability of the solution?

    We have not seen any bugs, glitches, or crashes. It is a very nice solution.

    What do I think about the scalability of the solution?

    Scaling this solution is easy once you have the licenses.

    There are three people using this solution. They are network and system administrators, and the ECC.

    Which solution did I use previously and why did I switch?

    This was the first solution that we implemented for our client.

    How was the initial setup?

    The initial setup of this solution is not complex. It is easy to configure and use as a whole. The deployment took approximately one day, which involved configuring the access.

    One person is enough for deployment and maintenance.

    What about the implementation team?

    We had a consultant to assist with the deployment.

    What's my experience with pricing, setup cost, and licensing?

    Licensing fees are paid on a yearly basis.

    Which other solutions did I evaluate?

    Depending on the needs of the client, we consider several solutions. I have worked with Symantec PGP, CyberArk, Cyberwatch, Skybox, and Fortinet.

    What other advice do I have?

    This is a very important solution, especially if the client does not actually supervise the tool.

    My advice for anybody implementing this solution is to make sure that it is configured properly for your network. Depending on your environment, you need to set up access for people who are both out of the office and out of the local network.

    This is a very good solution and my clients are impressed with it.

    I would rate this solution a ten out of ten. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    PeerSpot user
    Network Engineer at LADWP
    Real User
    Easy to use and secures us against malicious domains, but the reporting needs improvement
    Pros and Cons
    • "The most valuable feature is that it secures our network against blacklisted or malicious websites."
    • "Support for multiple domains is important to us."

    What is our primary use case?

    We use this solution as a web security gateway, block malicious domains and making sure that people don't go to websites that they're not really supposed to.

    We are still in the proof of concept stage, which is a small test environment of approximately one hundred users. We will be purchasing it, and it will potentially replace our existing solution.

    What is most valuable?

    The most valuable feature is that it secures our network against blacklisted or malicious websites. If we do have an instance of malware then it is unable to home back to these types of sites.

    This solution is very easy to use.

    What needs improvement?

    While technical support is good, there are features in the backend development side that were initially promised but are not there yet.

    More granularity in the product would be helpful.

    The reporting functionality should integrate better with SIEM products because it lets us report in PDF, but we want more flexibility.

    Support for multiple domains is important to us.

    For how long have I used the solution?

    Proof of concept stage.

    What do I think about the stability of the solution?

    It hasn't been fully deployed, but the stability has been good so far.

    What do I think about the scalability of the solution?

    This solution is very scalable.

    How are customer service and technical support?

    We have dealt with technical support extensively and they are good. We have had issues because of functionality that it didn't support at the time, which is why it has not been fully deployed yet. The functionality has since been introduced, but there are still some kinks that we're working out.

    Which solution did I use previously and why did I switch?

    Our current solution isn't working very well and keeps breaking.

    How was the initial setup?

    The initial setup is advertised as pretty easy, but we did run into some kinks. It shouldn't be that hard, it's just that we had some issues.

    What about the implementation team?

    We worked with a Cisco partner, PCMD, who provided us with support.

    What's my experience with pricing, setup cost, and licensing?

    Our licensing fees are on a yearly basis.

    Which other solutions did I evaluate?

    Other products were evaluated, but I was not part of that process and do not know which vendors were on the shortlist.

    What other advice do I have?

    My advice for anybody researching this solution to make sure that it fits in your environment. Reverify the limitations. Our new department has different divisions and the way our Active Directory works causes some problems.

    The ease of use is fantastic, but there are things that have to be fixed.

    I would rate this solution a seven out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Security Engineering Senior Manager at a retailer with 10,001+ employees
    Real User
    Easy to configure and operate, and has fixed the gap in our DNS protection
    Pros and Cons
    • "Using this solution has meant that we've needed to make fewer firewall changes."
    • "I would like to see DLP integration in the next release of this solution."

    What is our primary use case?

    We use this solution for DNS and IP reputation, for blocking.

    How has it helped my organization?

    Using this solution has meant that we've needed to make fewer firewall changes.

    What is most valuable?

    The most valuable features of this solution are the blocking function and its ease of use. The integration with other systems is helpful, as well.

    What needs improvement?

    I would like to see DLP integration in the next release of this solution. Including this would give us headroom with some of the infrastructures that we have today.

    What do I think about the stability of the solution?

    The stability of this solution is fantastic, and we have no interruptions whatsoever.

    What do I think about the scalability of the solution?

    There are no limitations when it comes to the scalability of this solution. It's fantastic.

    How are customer service and technical support?

    When I have had contact with technical support, I've always had a fast response time.

    Which solution did I use previously and why did I switch?

    We implemented this solution because we had a gap in the visibility of our DNS protection, and this was able to remedy that.

    How was the initial setup?

    The initial setup of this solution is straightforward.

    What about the implementation team?

    I performed the deployment myself.

    What was our ROI?

    Within six months we had ROI for this solution.

    What's my experience with pricing, setup cost, and licensing?

    Our costs were negotiated, and they are okay.

    Which other solutions did I evaluate?

    We did evaluate other options before choosing this solution. We selected this one because we were able to merge it into an ELA (Cisco Enterprise License Agreement), which was beneficial.

    What other advice do I have?

    If anybody is looking for DNS and IP reputation for protection and blocking, then this is the right product. This is a good solution that is easy to manage, easy to configure, easy to operate, and easy to support. It's very simple.

    I really like this solution, and rate it a ten out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    PeerSpot user
    IT Systems Engineer at a financial services firm with 51-200 employees
    Real User
    Unifies our expanding environment, making troubleshooting and maintenance easier
    Pros and Cons
    • "The most valuable feature of this solution is its reliability."
    • "Security, overall, can always be improved."

    What is our primary use case?

    We act as an MSP for our organization, and we use this solution as part of the service. We are the parent company and we acquire insurance agencies. Typically, these agencies have between twenty and one hundred and twenty people. We do not force them to move onto our system; However, we show them what value they will receive by us taking on their network infrastructure. This includes the firewall, switches, IP phones, email platforms, etc. 

    How has it helped my organization?

    This solution allows us to manage our four hundred locations under the same umbrella, with the same configurations. It makes it easier to troubleshoot and provide the same solution to everyone.

    What is most valuable?

    The most valuable feature of this solution is its reliability.

    What needs improvement?

    Security, overall, can always be improved.

    What do I think about the stability of the solution?

    The stability is good, and we have had very few problems with the equipment. The problems that we've had have been with our carriers. I can, pretty much, put a solution in place and not even worry about it.

    What do I think about the scalability of the solution?

    My impression is that this solution is very scalable. It allows us to grow. We can add fifty sites per year, easily, and not really have to redesign from the ground up.

    How are customer service and technical support?

    When we need technical support, they're usually very responsive. I usually get a solution or an answer between thirty minutes and a couple of days, depending on what the technology is, and whether the issue is critical or not.

    Which solution did I use previously and why did I switch?

    The smaller sites typically use non-enterprise grade equipment, and we switched because it is easier to manage the solution, especially when it's set up to our standards.

    How was the initial setup?

    The initial setup can vary in complexity depending on the size of the agency, as well as other factors including what they already have in place.

    What about the implementation team?

    We do all of our integrations in-house.

    What was our ROI?

    We have most definitely seen ROI. In most cases, when we take over, we're always saving on monthly costs. The turnaround investment is usually under a year.

    What's my experience with pricing, setup cost, and licensing?

    There is a one-time cost of approximately $800 USD per user, and then a yearly support fee of about $50 per user. Our fees end up being about $150,000 USD per year.

    Which other solutions did I evaluate?

    We have one vendor, and interoperability is not an issue when we use Cisco.

    What other advice do I have?

    This solution had been pretty good and it fits our needs. If we have business needs change then we will look at whether the current solution can do it. If not then we have to reach out and find something else.

    My advice to anybody who is researching this type of solution is to do their homework when it comes to comparing products. Compare apples to apples, and ensure feature parity. I would stress that the support organization behind the product is very important. For us, any of the other products that we've used just haven't performed up to the standards of what we are doing.

    I would rate this solution a ten out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Shadi Alyounes - PeerSpot reviewer
    Security Tem Leader at a tech services company with 501-1,000 employees
    Real User
    Good interface and cloud dashboard for managing anti-malware control on the Web GW
    Pros and Cons
    • "The core business of Cisco Umbrella is non-malware. That's all it does: block the malware on the gateway."
    • "The solution's technical support is not very good."

    What is our primary use case?

    We use Cisco Umbrella for one of our customers, one of Jordan banks. We are using that on the gateways, on the cloud to secure our customer web traffic.

    They are happy with the distribution because they know it's straight on the DNS. 

    How has it helped my organization?

    Cisco Umbrella uses the internet’s infrastructure to block malicious destinations before a connection is ever established. By delivering security from the cloud, it will save money and provide more effective security.

    What is most valuable?

    Umbrella stops threats over all ports and protocols—even direct-to-IP connections. Stop malware before it reaches your endpoints or network.

    Even if devices become infected in other ways, Umbrella prevents connections to an attacker’s servers. Stop data exfiltration and execution of ransomware encryption

    What needs improvement?

    We would like to improve nothing in particular on Cisco Umbrella.  They are very good.

    For how long have I used the solution?

    I have been using Cisco Umbrella for about two years.

    What do I think about the stability of the solution?

    Cisco Umbrella is stable. I have heard no complaints from my customers at all.

    What do I think about the scalability of the solution?

    Cisco Umbrella is scalable.

    How are customer service and technical support?

    Cisco support is one of the best, their response is very fast and they are very supportive.

    Which solution did I use previously and why did I switch?

    Yes, we used Bluecoat ASG to block known Malwares.

    usually, to complete Sandboxing solution (which used for unknown malwares), we used other solutions like Cisco Umbrella or Bluecoat ASG to block the known malwares on Web GW.

    How was the initial setup?

    it was very straightforward.

    What about the implementation team?

    We (BMB company which is a Cisco Gold partner) are familiar with such solution and implementation. 

    What's my experience with pricing, setup cost, and licensing?

    I have no idea about cost.

    Which other solutions did I evaluate?

    No I did not.

    What other advice do I have?

    On a scale from one to ten, I would rate this product a nine. No one's perfect. They are fine with the interface and the dashboard that they have released.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    PeerSpot user
    IT Manager at Bureau of Education, Tainan City Government
    User
    It has helped reduce my unit's security events
    Pros and Cons
    • "It has helped reduce my unit's security events."
    • "Some countries don't have a DNS server leading to a domain resolution IP, not at a local level."
    • "Its DNS service does not support IPv6 query."

    What is our primary use case?

    To replace my original DNS servers and configure more than 50,000 computers through domain name resolution.

    How has it helped my organization?

    It has helped reduce my unit's security events. It possesses a visual graphics table, which enables me to understand the resolution of the blacklisted domain. Sometimes, I can understand which URL is visited most often by reviewing the user's resolution.

    What is most valuable?

    • Black list
    • Visual graphics table

    These can reduce security events and can find out which users have security issues.

    What needs improvement?

    • Its DNS service does not support IPv6 query.
    • Some countries don't have a DNS server leading to a domain resolution IP, not at a local level.

    For how long have I used the solution?

    One to three years.

    What's my experience with pricing, setup cost, and licensing?

    The price could be lower.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    PeerSpot user
    Network Engineer/ Administrator at Katalyst Technologies
    MSP
    Threats never come close to your network with security at the DNS level​
    Pros and Cons
    • "Threats never come close to your network with security at the DNS level​."
    • "There should be a way to monitor traffic at the user level."

    What is our primary use case?

    Our primary use case is security at the DNS level. This solutions was suggested by our account manager at Insight. 

    How has it helped my organization?

    we didn't implement it in our environment because of the pricing concern. however, I am sure it would have done a great job considering my observations in the trail pack.

    What is most valuable?

    Threats never come close to your network with security at the DNS level. Like i said above, i used it for a very short time so I cannot comment on the what would've been valuable for us but I was pretty amazed by the wide variety of security features and reports on a single dashboard. Leveraging Custom API and reasons and visibility for each deep visibility for the network was something that caught my eye.

    What needs improvement?

    There should be a way to monitor traffic at the user level. I use Meraki Dashboard and Cisco Firepower to do this for different networks. I understand this tool monitors the network as a whole but adding that information will let us cut the cost for other tools. 

    For how long have I used the solution?

    Less than one year.

    Which solutions did we use previously?


    What's my experience with pricing, setup cost, and licensing?

    The product is pricey compared to Cisco Firepower.

    Which other solutions did I evaluate?


    What other advice do I have?

    It is a pretty good product for a small business.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Joe London - PeerSpot reviewer
    Network Manager at a educational organization with 201-500 employees
    Real User
    Reports provide insight into internet usage and information helpful in creating QoS rules
    Pros and Cons
    • "​They have a wealth of articles in their knowledge base. This has given me the freedom to troubleshoot on my own time. ​​"
    • "Reports provide insight into internet usage and information helpful in creating QoS rules."
    • "If the virtual appliances could also gather traffic bandwidth reports, that would be great."

    What is our primary use case?

    Protection and security provided by using Umbrella are the two top areas that I looked at when considering. With three campuses, Umbrella has proven itself with the detection and blocking of malware, viruses, and preventing users from visiting malicious sites. We have two Umbrella virtual appliances at each campus, with two campuses using Hyper-V, and the primary data center running VMware. 

    How has it helped my organization?

    The reports have given us insight into what the Internet is being used for at all three campuses. They provide insight into internet usage and information helpful in creating QoS rules.

    What is most valuable?

      • My favorite feature is the command and control callback blocking. It provides protection from crypto attacks by blocking the connection back to the attacker's server giving an added layer of defense. 
      • Policies make the work easier by providing appropriate filters for locations. 
      • The interface is simple, easy to navigate and set up.

      What needs improvement?

      If the virtual appliances could also gather traffic bandwidth reports, that would be great. 

      For how long have I used the solution?

      One to three years.

      How is customer service and technical support?

      The customer support is exceptional. 

      They have a wealth of articles in their knowledge base. This has given me the freedom to troubleshoot on my own time. 

      What other advice do I have?

      Cisco Umbrella's interface is easy to use and the visibility of user activity is extremely useful. 

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Lead Enterprise Security Architect at ResCare
      User
      Reporting is simplistic. Needs better integration with external threat feeds to improve scoring.

      What is our primary use case?

      We are in trial mode and use it for a distributed national environment. It provides category and security coverage for endpoints regardless of their location. As a mobile-first workforce, Umbrella always provides DNS-based security, even if endpoints roam in unfriendly waters. 

      How has it helped my organization?

      It provides centralized, device-agnostic management of the Internet experience. It has the ability to quickly block new threats. 

      What is most valuable?

      • Holistic approach
      • DNS fronts most traffic.
      • Quick console
      • Instant management across platform
      • Reporting is simplistic.  

      What needs improvement?

      • It needs better integration with external threat feeds to improve scoring. 
      • I would like it to automatically feed to the customer's SIEM. 

      For how long have I used the solution?

      Trial/evaluations only.

      What's my experience with pricing, setup cost, and licensing?

      It needs a better price point. 

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Nuttawat Apiaekpathom - PeerSpot reviewer
      Senior Advanced Technology Engineer at a tech services company with 201-500 employees
      Real User
      Improves security through DNS visibility

      What is our primary use case?

      My customers would like to protect users in company and outside their companies.

      How has it helped my organization?

      Improves security through DNS visibility, which can block malware, phishing, C&C, etc.

      What is most valuable?

      It is easy to implement.

      What needs improvement?

      If I want to see which users access a website, I need an Active Directory registered on Umbrella's cloud.

      For how long have I used the solution?

      Less than one year.

      What do I think about the stability of the solution?

      No stability issues.

      What do I think about the scalability of the solution?

      No scalability issues.

      How are customer service and technical support?

      I would rate technical support as an eight out of 10.

      Which solution did I use previously and why did I switch?

      We did not switch solutions. We just added an extra layer of defense.

      How was the initial setup?

      The initial setup is straightforward.

      What's my experience with pricing, setup cost, and licensing?

      The pricing is fair.

      You can request an evaluation license.

      Which other solutions did I evaluate?

      No.

      Disclosure: My company has a business relationship with this vendor other than being a customer: My company is a Cisco Gold partner.
      PeerSpot user
      it_user489876 - PeerSpot reviewer
      Director of IT Support at a marketing services firm with 501-1,000 employees
      Vendor
      It enables a whitelist-only browsing mode, which helps us monitor traffic and perform web content filtering.

      What is most valuable?

      We needed the product to enable a whitelist-only browsing mode for certain computers for a client. After that was implemented, I was able to configure a virtual appliance (which became the DNS server) to connect to a local AD server and relate traffic to an AD user name. From there, we could track and monitor where users were going and perform web content filtering to prevent video streaming and certain social media sites. This in turn positively affected productivity.

      I don’t remember the specific examples of data I was trying to filter out but it was related to ads being hosted by a CDN such as Akamai. Links and images were being hosted there for quicker localized delivery yet the users were not actually going to those sites. Due to that it was showing that those sites were being visited the most, which wasn’t the case.

      How has it helped my organization?

      There was a positive effect on productivity because we could track and confront the users that were frequently using social media or streaming video during the work day. They weren’t wasting as much time after OpenDNS was implemented.

      It gave us new capabilities and made users accountable for their browsing while at work.

      What needs improvement?

      I would like to have the ability to prevent certain sites/data from showing on the reports. I have had this feature request open for a couple of years. It would be useful to have for filtering out unuseful data.

      For how long have I used the solution?

      I have been using this solution for the past two years. I previously used the free solution 6-8 years ago.

      What was my experience with deployment of the solution?

      I did not encounter any issues with deployment, stability or scalability. I had a Sales Engineer assist with the setup for one portion, but was able to figure out the rest with no issues.

      What do I think about the stability of the solution?

      No

      What do I think about the scalability of the solution?

      No

      How are customer service and technical support?

      Customer Service:

      Excellent

      Technical Support:

      Excellent, their Sales Engineer was very helping in getting the AD sync setup.

      Which solution did I use previously and why did I switch?

      No

      How was the initial setup?

      Initial setup was straightforward. Any questions I had were already answered on the forums.

      What about the implementation team?

      A vendor team was only needed for one small portion, which was setting up the virtual appliance. I would recommend trying to figure out the setting on your own first before reaching out to support. I found it very simple.

      What was our ROI?

      We were able to resell the service for a 100-200% profit.

      Which other solutions did I evaluate?

      Due to past experience, I knew it would do what we needed and the website has an intuitive interface, so there was no reason to research alternatives.

      Disclosure: My company has a business relationship with this vendor other than being a customer: I use OpenDNS under an MSP Partner agreement.
      PeerSpot user
      it_user494181 - PeerSpot reviewer
      IT Consultant & MSP Account Manager at a tech company with 51-200 employees
      MSP
      It has the ability to block malware threats in the cloud and control web content access from inside or outside the office.

      What is most valuable?

      It has the ability to block malware threats in the cloud and control web content access from inside or outside the office.

      How has it helped my organization?

      It has significantly reduced the threat of virus/malware infections, CryptoLocker infections and has made our client’s networks more secure.

      What needs improvement?

      Improvement could be made in the area of detailed reporting analytics broken down by client name for individual custom reporting.

      For how long have I used the solution?

      I have been using it for about three years.

      What was my experience with deployment of the solution?

      I have not encountered any deployment, stability or scalability issues. The installer can be scheduled and rolled out using our set of Managed Services tools.

      How are customer service and technical support?

      Customer service and technical support is excellent. I give it a 9.5.

      Which solution did I use previously and why did I switch?

      We have used Websense, Barracuda and iPrism in the past. The flexibility of OpenDNS supporting a high-performance cloud infrastructure and not requiring any hardware or software cost was a major factor. The monthly pricing model fits into our company’s core services as a Managed Services provider and eliminates the need for annual renewal licenses.

      How was the initial setup?

      Initial setup was straightforward for the most part, but it can become complex depending on the granular content filtering features that need to be implemented for each client.

      What about the implementation team?

      In-house implementation. I would recommend an automated procedure on a domain network instead of a manual remote install. I recommend a default of blocking malware, phishing and pornography only, and allowing the client to determine if any additional categories need to be blocked on their network.

      What was our ROI?

      ROI benefits both the reseller and the client in Managed Services because of its proactive approach to network security. Our technicians aren’t spending hours of wasted time removing malware and viruses from desktops and notebooks. Customers appreciate the productive benefit of multi-layered protection that builds upon their legacy firewall and spam prevention. The pricing for the subscription is minimal (literally a few cents a day). The price is based on content management and security of client networks, as a bundled solution with an existing service.

      What other advice do I have?

      Try it before you buy it, to test it out. Test the content filtering categories.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user494010 - PeerSpot reviewer
      Advisor at SCIS Security
      Consultant
      Customization allows us as consultants to tune web content filtering for the SMB market.

      What is most valuable?

      Custom whitelist/blacklist/block page allows us as consultants to tune web content filtering for the SMB market.

      How has it helped my organization?

      OpenDNS supplements other security solutions to allow for blocking through DNS requests, which is common for malware to use to bypass other security mechanisms.

      What needs improvement?

      This product needs policy scheduling for enforcement by category. Notice in all the packages, there’s no scheduling. In the Insights or Platform package offerings, you can now essentially have multiple ‘policies’ per AD user or network group. What’s missing is that I still can’t set enforcement to block certain website use at this time of day or these days of the week. For instance, a company may allow streaming audio sites for music only for night shift workers to help them keep awake and versus dayshift workers.

      For how long have I used the solution?

      I have been using the web-based, small-teams edition since 2007 (nine years).

      What was my experience with deployment of the solution?

      We have never encountered issues with general deployment.

      How are customer service and technical support?

      We would rate customer service and tech support after the Cisco acquisition a 5 out of 10.

      Which solution did I use previously and why did I switch?

      We’ve used and deployed ZScaler, Websense, and other UTM-based blocking solutions. This product is not always the best if you need complex policy and scheduling, and other user soft-pass through authentication.

      How was the initial setup?

      Initial OpenDNS setup is straightforward if you have a static IP address and you apply the DNS forwarders appropriately. This is literally a five-minute-or-less change.

      What about the implementation team?

      We always implement for ourselves and for others in-house because of ease of use. Implementation-wise, companies should be aware that changing DNS forwarders might impact their global DNS operational needs. OpenDNS servers are also slower than something like Google DNS.

      What's my experience with pricing, setup cost, and licensing?

      Pricing needs to be reduced for SMB based on the blocking capabilities and the lack of other features that you just cannot do in DNS, such as authentication-based filtering.

      Also, scalability-wise, the pricing is more of a challenge for enterprise-class environments because of the pricing model.

      What other advice do I have?

      OpenDNS is either a good complement to your existing web content filtering solution at the enterprise level, or it is a good free or easy-to-deploy alternative for home and SMB use.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user800895 - PeerSpot reviewer
      it_user800895Developper at CacheGuard Technologies Ltd
      User

      Is it possible to have your own white or black list of URLs? What about the maintenance process of those lists?

      it_user494265 - PeerSpot reviewer
      Cloud Solutions Architect at a hospitality company with 1,001-5,000 employees
      Vendor
      It provides native integration into the multiple cloud services.

      What is most valuable?

      It transparently protects users from rogue web sites.

      OpenDNS filters DNS query/reply without any software to be installed on the client side, so in my mind, the transparency I was talking about relates to:

      • No changes on the client side required, i.e. software or configuration changes
      • The complete communication is not proxy’ed as such, only DNS query/response filtered.

      How has it helped my organization?

      It provides native integration into the multiple cloud services, for example, Microsoft OMS.

      For how long have I used the solution?

      I used it during a two-week POC (proof of concept).

      What was my experience with deployment of the solution?

      I have not encountered any deployment, stability or scalability issues.

      How are customer service and technical support?

      Technical support is good.

      Which solution did I use previously and why did I switch?

      This is the first time we used one of these products, one of the known DNS firewalls.

      How was the initial setup?

      Initial setup is simple, although some pre-requisites were not communicated to us, and they can make the final solution a bit more complicated.

      What about the implementation team?

      We implemented it in-house with the support of the vendor.

      What was our ROI?

      The product has been rejected by business due to the pricing; no ROI as such.

      What other advice do I have?

      It is a great product in the company security portfolio. It can be used together with the proxy to provide end-user security. However, the cost of this product is too high for what some businesses can afford.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user494856 - PeerSpot reviewer
      Director of Technology at a recruiting/HR firm with 501-1,000 employees
      Vendor
      It offers protection against malicious websites by stopping users from visiting them.

      What is most valuable?

      The feature that most interested me was protection against DNS-based attacks. Umbrella offers protection against malicious websites by stopping users from visiting them. This is important because of its host / endpoint protection, an important concept as businesses decentralize their operations and employees find themselves working from unmanaged sites on untrusted networks.

      How has it helped my organization?

      Employees can do their jobs and know that they'll be protected from malicious websites.

      What needs improvement?

      The product itself is excellent. What I'd like to see improved is the purchasing process; specifically, I'd like to see OpenDNS offer its customers the ability to purchase any number of licenses instead of a bundle.

      Cisco & Open DNS don't make it easy to add additional users/licenses to an existing account. Instead they want you to go to their store (can't get to it while you're logged into your Umbrella console) and do a purchase, like you're in some line at the grocery store.

      For how long have I used the solution?

      I have been using it since April 2015.

      What was my experience with deployment of the solution?

      Deployment is straightforward, the product and the back end systems that support it are stable and the product is scalable as long as the customer purchases the necessary number of licenses.

      How are customer service and technical support?

      Customer Service:

      The purchasing process could be easier. What I'd like to see is the ability to contact a live person at OpenDNS and over the phone be able to purchase additional licenses.

      Technical Support:

      Technical support is good.

      Which solution did I use previously and why did I switch?

      Umbrella is the first product of its type that I've used. Otherwise, my company has relied upon anti-virus products to protect hosts.

      How was the initial setup?

      Initial setup was straightforward. I simply downloaded the client, installed it on a host and that was it.

      What about the implementation team?

      Implementation was straightforward and was done in-house.

      What was our ROI?

      Regarding ROI, that falls into the category of security and that is always a tough sell to management.

      What's my experience with pricing, setup cost, and licensing?

      What I'd like to see improved is the purchasing process, specifically I'd like to see OpenDNS offer its customers the ability to any number of licenses instead of a bundle.

      What other advice do I have?

      Plan, plan and plan some more.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user494208 - PeerSpot reviewer
      System & Network Administrator at a financial services firm with 1,001-5,000 employees
      Vendor
      It is security beyond the firewall, and hence more beneficial, as it stops the threats before reaching the firewall.

      Valuable Features:

      Web content filtering: Cisco ASA 5505 doesn’t have a straight content filtering feature, so we used OpenDNS and it worked like a charm. It is security beyond the firewall, and hence more beneficial, as it stops the threats before reaching the firewall and enhances security.

      Improvements to My Organization:

      We were able to implement web content filtering to block unwanted traffic, and to prevent bandwidth choking and malicious attacks without deploying any hardware/software, within a few hours.

      Room for Improvement:

      I would like the product to offer more security features, such as IPS, IDS, DDoS prevention, etc.

      Use of Solution:

      I have been using it for six months.

      Deployment Issues:

      I have not yet encountered any deployment, stability or scalability issues.

      Initial Setup:

      Implementation was straightforward with minimal changes to existing infrastructure.

      Implementation Team:

      It was self-implemented.

      Other Solutions Considered:

      We have tried a Linux-based proxy server, but that was complex to manage and wasn’t foolproof.

      Other Advice:

      I highly recommend SMBs and enterprises use it to enhance their network security with minimal cost through the OpenDNS cloud solution.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user494913 - PeerSpot reviewer
      Senior Solutions Consultant at a tech company with 501-1,000 employees
      Vendor
      It makes web filtering and malware protection easy. Initial setup was also easy; just forward your DNS.

      What is most valuable?

      Deployment and management are easy.

      How has it helped my organization?

      It made web filtering and malware protection easy.

      What needs improvement?

      I think there is some room for improvement with regard to the Windows client. While providing great protection for roaming laptops, on occasion users in the office would get the "yellow triangle" showing up over their wifi connection. It would state that the users were not connected to the internet, when in fact they were. This caused a few gripes and was difficult to troubleshoot. Other than that, not much else.

      Only other suggestion might have been a URL to automate requests when checking if a blocked site is in fact a valid block.

      For how long have I used the solution?

      I have been using it for two years.

      What was my experience with deployment of the solution?

      Deployment and scaling are very easy. The only issue was as mentioned.

      How are customer service and technical support?

      Technical support is excellent, with quick responses.

      Which solution did I use previously and why did I switch?

      iPrism was inline, did not scale, and not easy to manage.

      How was the initial setup?

      Initial setup was easy; just forward your DNS.

      What about the implementation team?

      An in-house team implemented it; it was pretty straightforward. Just get the appropriate teams involved.

      What was our ROI?

      ROI was all about added security and a decrease in malware.

      What's my experience with pricing, setup cost, and licensing?

      Pricing was fair.

      What other advice do I have?

      Go for it; there is no better way to secure guest networks without any headaches.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user490047 - PeerSpot reviewer
      Sr. Info. Security Analyst at a financial services firm with 10,001+ employees
      Real User
      You can use any programming language and integrate it with your products.

      Valuable Features:

      The various powerful query options are the most valuable features of this product to me. Using the Investigate API, we can gather the detailed history of a domain, whois information, NS records, etc. All of this information helps us determine whether a domain is malicious or not.

      Improvements to My Organization:

      It helps us identify malicious domains.

      Room for Improvement:

      I would be happy if they could add the whois information of an IP. That would further help us determine whether an IP is malicious or not by identifying the domains associated with the IP, whether there are any known bad domains associated with the IP, and more.

      Use of Solution:

      I have been using this solution for two months.

      Deployment Issues:

      I did not encounter any issues with deployment, stability or scalability.

      Implementation Team:

      We implemented it in-house.

      Other Advice:

      The APIs are very powerful. You can use any programming language and integrate it with your products. It can be really handy for security analysts.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user489891 - PeerSpot reviewer
      Vice President of Information Technology at a consumer goods company with 1,001-5,000 employees
      Vendor
      It provides URL filtering where we otherwise would not have visibility or control.

      What is most valuable?

      We have a number of terminals that are NOT on our MPLS network, so we depend on the OpenDNS services to provide URL filtering where we normally have no visibility or control.

      How has it helped my organization?

      By using OpenDNS, we block sites that are looked at as malicious and cut down on incoming threats.

      What needs improvement?

      One thing I can mention is network security. There's no real mention about the potential of malware & virus protection for locations that we are using OpenDNS on. In certain areas, we only have a few people on-site and there’s no real need for a firewall at that point.

      That would be the only thing I can think of with OpenDNS that we have NO information on.

      Otherwise, for me, I think it’s a good packaged deal. I wouldn’t really change anything.

      For how long have I used the solution?

      We have been using this solution since 9/25/15.

      What was my experience with deployment of the solution?

      I did not encounter any issues with deployment at all. It was pretty straightforward.

      How are customer service and technical support?

      Their customer service is pretty good from what I remember. We called them at one point to ask a question about one of our devices not showing up and they were pretty quick at resolving the issue.

      Which solution did I use previously and why did I switch?

      Previously, it was the Wild West at our locations that are not on our MPLS network. They were looking at whatever they wanted as they were only on a personal wireless device. We upgraded them to a Cisco 819 or a Cradlepoint but didn’t have much in the way of filtering or DNS with their GUI.

      How was the initial setup?

      I believe, for the most part, initial setup was straightforward. You just have to look around and set it up, link it to the device, etc. It’s not too difficult where you couldn’t just figure it out, but to be sure, we called support and they confirmed what we were doing. They even helped by showing us the policy setup area.

      What about the implementation team?

      We implemented this ourselves. We had the access points, set them up, tested them and shipped them out.

      What's my experience with pricing, setup cost, and licensing?

      The pricing is fair. We’re paying under $40 per license for 60 licenses.

      What other advice do I have?

      If you have locations where there are a small number of users that doesn’t merit a dedicated line with high monthly costs, it’s quite easy and efficient to give them some kind of access point and use OpenDNS for security and filtering.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user494082 - PeerSpot reviewer
      IT Technician at a healthcare company with 51-200 employees
      Vendor
      You can define custom categories if the predefined categories are too restrictive or not restrictive enough for you.

      What is most valuable?

      The ability to use custom categories to block out websites was valuable because the predefined categories were either too restrictive or not restrictive enough. For example, one category would block everything from social media to webmail, while another category did not block either. So to be able to customize categories made it a lot easier.

      How has it helped my organization?

      This product has made it easier for our IT team to keep employees on track to work and away from distracting websites.

      What needs improvement?

      Perhaps an option to be able to block only specific users would be a way to improve the free version of OpenDNS. In our department, there are multiple users that need different levels of access. For example, those who work in the advertising department need access to social media, while those in the accounting department do not. The ability to be able to set different rules for each user would have been nice to have.

      For how long have I used the solution?

      I have used it for about six months.

      What do I think about the stability of the solution?

      I did not encounter any stability issues.

      What do I think about the scalability of the solution?

      I did not encounter any scalability issues.

      How are customer service and technical support?

      I did not need to contact technical support when using OpenDNS. The product is very self-explanatory.

      Which solution did I use previously and why did I switch?

      This was the first product we used for filtering websites.

      How was the initial setup?

      The initial setup was very straightforward. I did not have any issues.

      What's my experience with pricing, setup cost, and licensing?

      I was using the free version of OpenDNS, so I am not aware of the pricing.

      Which other solutions did I evaluate?

      We were choosing between pfSense and their packages versus. OpenDNS looked easier to setup, so we went for that first. Eventually, we moved to using pfSense’s SquidGuard, because it allows us to be more precise with filtering websites.

      What other advice do I have?

      This product is very straightforward and simple to setup. I would recommend others to just give the product a try. I am sure they will be happy with the results. OpenDNS has different filtering levels, but I found it easier to just go for the custom level versus the ones they had set up already.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user495030 - PeerSpot reviewer
      System Administrator at a educational organization with 1,001-5,000 employees
      Vendor
      OpenDNS allows us to maintain low network resource overhead on our small network. It helps us enforce compliance over logically separated networks.

      What is most valuable?

      OpenDNS allows us to maintain low network resource overhead on our (relatively) small network. Intuitive, flexible web filtering controls also help us enforce compliance over logically separated networks at our school for teachers, students, and non-academic staff.

      Given the small to medium scale of our network architecture, our current gateway/firewall DMZ infrastructure is specced too low, and our budget too limited to accommodate more fully featured security appliances. While some organisations may utilise higher specced security appliances with powerful software features available directly on the device including user management, granular IP filtering and more, we must make do with lower spec appliances.

      Furthermore, while our network is based around a gigabit fibre core, we have seen bandwidth utilisation increase greatly over the past several years due to cloud hybridisation of our infrastructure (AWS, Google Nearline, et.al.), and as a result are currently stretching the performance limits of what our current hardware stack can do. Given these limitations, the granular control which OpenDNS provides us for Web Content Filtering, malware protection and data logging are crucial in filling gaps in our network security stance.

      To add, we are also an educational institution. Our standards for compliance, both internal and external, can be quite strict. We are beholden to security and compliance standards enforced by the Government of Japan, its Ministry of Education, as well as internal compliance enforced by our own Business Administration department.
      This is not to mention the sort of 'soft compliance' which comes from the families of our students regarding how we handle sensitive data and personal records.

      It has been our experience that the following features available within OpenDNS have helped us meet compliance reporting requirements quite readily:

      • Botnet Protection
      • Malware Protection
      • Internet-Scale Malware/Botnet Protection- Phishing Protection
      • Stats and Logs

      The management interface for these features is highly user friendly and it is simple and easy to make configuration changes on the fly. This is important to us as specific security policies can and do change on a weekly or even daily basis. The size of our department also dictates that we do not have any single engineer dedicated to network security (or even networking) and so it is crucial that each of our members have the ability to log in and manage this service when needed.

      All in all, I can not recommend OpenDNS as a one-size-fits-all solution for security and compliance, especially for larger organisations. I can, however, strongly recommend that any Systems and Network Engineering team consider this product on its merits regardless of scope. Personally speaking, this tool has proven itself invaluable in allowing myself and my team to perform our duties efficiently and securely.

      How has it helped my organization?

      Because we have a small sysadmin team, the less time we need to devote to responding to threats, parsing data logs and putting out fires, the better. OpenDNS saves us time in this regard, as well as providing fast and easy configuration control.

      What needs improvement?

      Difficult to answer as we haven't yet pushed the outer limits of what this product can do.

      Nonetheless, one thing to keep in mind when using OpenDNS is how it will interact with your internal network and DNS architecture. You run the risk of breaking any local subnet DNS lookups in a domain-bound enterprise environment. While this criticism can be applied to other third-party DNS providers, it is nonetheless one reason for withholding a perfect rating.

      Additionally, OpenDNS will handle server caching differently than your local service provider. This can cause service slowdown or interruptions, and generally prevents OpenDNS from becoming the "one-size-fits-all" solution that some would like it to be.

      Finally, although this has never posed a problem in our environment specifically, OpenDNS has been known to grab NXDOMAIN records and redirect traffic to their own internal ad pages. Some people may find this unethical; however, that might depend upon whether you are utilising paid or unpaid services from OpenDNS as well.

      For how long have I used the solution?

      I have been using for over a year.

      What was my experience with deployment of the solution?

      We currently have OpenDNS deployed across two sites providing coverage to more than 500 active clients. No problems so far. We will be further expanding this year and hope to leverage OpenDNS web filtering at our new sites as well.

      How are customer service and technical support?

      On the rare occasions we have used it, technical support has been prompt and professional, if a bit lacking in personal touch.

      Which solution did I use previously and why did I switch?

      Previous infrastructure relied on router/gateway-installed software for filtering and security. It simply isn't enough for a modern network, especially not one as complicated and security-conscious as education.

      How was the initial setup?

      With a basic understanding of networking, implementation should be straightforward. For non-technical people, there is probably enough documentation floating around that basic configuration is possible for anybody motivated enough.

      What about the implementation team?

      An in-house team implemented it.

      Implementation was a no-brainer. We do recommend notifying and educating users in advance of implementation to avoid potential headaches caused by sudden changes to filtering policies and such.

      What was our ROI?

      ROI for OpenDNS: time saved, checkboxes ticked, and organizational leadership satisfied.

      What's my experience with pricing, setup cost, and licensing?

      Get a quote! You also need to weigh any licensing costs against potential risk factors. (I.e., what is the potential cost factor of not implementing this or other solutions?) OpenDNS licensing structure and policy is generally straightforward and easy to understand. In our case, managing a network in use by students, many of them younger, necessitates certain compliance and security implementations not found in typical corporate environments.

      What other advice do I have?

      Plan out your security coverage and filtering strategy in advance of purchasing and implementation. Think about what role you expect OpenDNS to fill in your security architecture. Do you have Layer 3 security in place? Where do your vulnerabilities lie and what threats can you expect to counter?

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user835479 - PeerSpot reviewer
      it_user835479User at a tech company with 51-200 employees
      User

      "You run the risk of breaking any local subnet DNS lookups in a domain-bound enterprise environment."

      Surely that's simply a matter of only routing *external* DNS requests to Umbrella?

      Buyer's Guide
      Download our free Cisco Umbrella Report and get advice and tips from experienced pros sharing their opinions.
      Updated: September 2022
      Buyer's Guide
      Download our free Cisco Umbrella Report and get advice and tips from experienced pros sharing their opinions.