We compared Cisco Umbrella Zscaler Internet Access based on our users’ reviews in five categories. After reading the collected data, you can find our conclusion below.
Comparison Results: Cisco Umbrella offers more comprehensive features, including granular customization of DNS blocking, tenant lock content filtering, and support for hybrid work. It also has better integration with other products and more reliable technical support. Zscaler Internet Access has a competitive pricing model and a cloud-native proxy architecture, it lacks certain features such as VPN and client-to-client communication. Overall, Cisco Umbrella provides a more complete and user-friendly solution for organizations.
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The single-pane-of-glass management is very important. We have a very small team. We can't spend a lot of time going from product to product to product to either investigate or set up policy. We need to have one place that we can go to and set everything up."
"If it didn't have a single pane of glass, we would not be using it. The single pane of glass gives you a one-stop shop. It's like going to Home Depot. You find all your stuff there. You can see all your threats and your endpoints. It's a very important feature and makes things very simple."
"For us and for customers, it's the ease of integration with Meraki. It's just a couple of clicks. That allows us to deploy very fast, and it doesn't change the way a customer uses his service. It's just more secure."
"Stability-wise, I rate the solution a nine out of ten...Cisco's support is better nowadays."
"It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security."
"The agent that gets installed on the endpoints or on people's laptops and devices is a Cisco AnyConnect Umbrella module. It's one of the most impressive things because you are able to protect your users anywhere they are."
"When it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well."
"Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do."
"I like the granularity of the control of all the traffic, including SSL inspection. I also like the fact that the user interface is intuitive. The latencies with Zscaler are minimal compared to those of any other competitor. Other competitors do not really have the global scale that Zscaler has and cannot promise low latencies."
"We enjoy all of the proxy capabilities and the capability to integrate into the SIEM/SOC solution."
"The solution is stable and reliable."
"The protection is most valuable."
"For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."
"We don't have to buy equipment to use it. And when our engineers set it up on our side, we just configured a few settings and we were in."
"One feature that is valuable to me from an implementation point of view is that it's very easy to implement."
"Zscaler Internet Access's roaming user feature is most valuable and is much better compared to other secure web gateways."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"It would be good to have more extensions to third-party products and a client for other device types."
"Network connectivity was a bit of a challenge at the beginning, but we were able to get the right help from Cisco."
"I'd like to see improvement in its overall integration with all the other platforms. There's some integration between Umbrella and Meraki, but an overall Cisco problem is that there are so many different tools, and finding easy, seamless ways of connecting everything together is always a challenge."
"If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel."
"Their support should be improved. It is necessary that the support is efficient. It is not really easy to get a resolution for an issue from Cisco support. They should be faster and more efficient."
"The integration with other solutions is a little complex. If you want to integrate with something like ArcSight or LogRhythm or Splunk, you need to do a lot of configuration. There are no easy ways to implement it."
"It would be good if the more complex versions of Umbrella are simplified so that we can offer them in a more standardized way. We, as a telco, do not operate the same as a traditional integration partner would, who can sell all its services. We try to have a standardized approach as much as we can so that we can sell the solution with as many services added to it as possible. If you look at the structure of businesses in Switzerland, 95% of them have 10 persons or less, and they do not have a security specialist. Therefore, the higher the automated and standardized features, the better it is for them."
"I would like for their support to be faster."
"The tool should improve the predefined dictionaries."
"Zscaler does not provide dedicated IPs to each customer. Hence, they share a pool of IPs provided by Zscaler. There is a chance of blacklisting these IPs. I also do not like the multi-management portal."
"We'd like to have more plugins and integration."
"The interface for administration could be better. They should upgrade the management portal."
"An improvement would be if they could provide an out-of-the-box experience, like 20 to 30 features all ready to go. In comparison, LogRhythm offers out-of-the-box features. With Zscaler Internet Access, there is firewall IPS, multiple security services, filtering, DLP, and CASB browser isolation. These are things that all users are going to be using. However, when an administrator or architect would start building this, I would definitely need to engage professional services to help clients do it."
"Sometimes, support isn't available."
"Zscaler Internet Access's troubleshooting is very limited, and their textbook logs need to be more informative."
"They block Zscaler IPs when the traffic origin is from Zscaler IPs. They've been blocked by certain government organizations so the end users are not able to visit those websites unless we ask them to unblock those IP. This is a bit problematic."
Cisco Umbrella is ranked 1st in Secure Web Gateways (SWG) with 49 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 33 reviews. Cisco Umbrella is rated 8.8, while Zscaler Internet Access is rated 8.2. The top reviewer of Cisco Umbrella writes "We can see all of our locations in one place and only have to make changes once for all our locations". On the other hand, the top reviewer of Zscaler Internet Access writes " AI decision-making on quarantined documents reduces manual work". Cisco Umbrella is most compared with Microsoft Defender for Cloud Apps, Palo Alto Networks DNS Security, Prisma Access by Palo Alto Networks, Fortinet FortiGate SWG and Infoblox Advanced DNS Protection, whereas Zscaler Internet Access is most compared with Microsoft Defender for Cloud Apps, Netskope , Forcepoint Secure Web Gateway, CyberArk Privileged Access Manager and Skyhigh Security. See our Cisco Umbrella vs. Zscaler Internet Access report.
See our list of best Secure Web Gateways (SWG) vendors and best Internet Security vendors.
We monitor all Secure Web Gateways (SWG) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I would widen my options to include Netskope.
Tech support is far better should or if you require it, deployment is much faster, and integrations with API's is better than either of the other two.
Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.
Zscaler Internet Access is a good option for carrying out multiple security functions in a single solution. It includes web filters, firewalls, and sand boxing. The platform is simple to implement and update. Since it is cloud-based, it saved me from having to handle complex local security configurations. The single-sign-on feature saved me from having to log in every time.
The web filtering and scanning are fast and don’t generate any latency. The bandwidth control is very useful for controlling endpoints and gives consistent service.
Although Zscaler Internet Access is easy to set up, it is far from user-friendly. The user interface for the management dashboard is difficult to navigate. Blocking websites is frustrating, and it only works well if you whitelist webs. The reporting feature is not customizable.
One advantage to Zscaler is that you can deploy it to your company’s mobile phones so you can keep all endpoints secure.
Cisco Umbrella is easy to implement, and it comes with built-in configurations so you don’t need to configure them yourself. It gives you statistics so you can adjust policies according to threat patterns. It is stable and very simple. Once you install it, you can get it running in a few minutes. It is very well suited for distributed networks with many on-premises endpoints. Additionally, DNS security is top notch.
On the downside, the statistics on Cisco Umbrella are quite difficult to parse. We found it was difficult to integrate the solution with MS Active Directory.
Conclusions
Cisco Umbrella is powerful and helps to secure a network, especially with distributed users. Both solutions are strong, but I think Cisco Umbrella might be more useful for large enterprises.
Fantastic points you have highlighted Leah. The DNS functionality of the Umbrella.
I think the functionality I love about Umbrella is that it's an enterprise solution providing web security for both on-prem and mobile users. Being a cloud solution centralized management of the solution is made easy. Thank you, Cisco.