We compared Cisco Umbrella Zscaler Internet Access based on our users’ reviews in five categories. After reading the collected data, you can find our conclusion below.
Comparison Results: Cisco Umbrella offers more comprehensive features, including granular customization of DNS blocking, tenant lock content filtering, and support for hybrid work. It also has better integration with other products and more reliable technical support. Zscaler Internet Access has a competitive pricing model and a cloud-native proxy architecture, it lacks certain features such as VPN and client-to-client communication. Overall, Cisco Umbrella provides a more complete and user-friendly solution for organizations.
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security."
"Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do."
"It has certainly saved us time. If we go and look at what's rejected on the requests from the hospital itself, it has saved about 5% or 6% time."
"A single pane of glass saves time... This does have a lot of options available for us to see who's doing what, what trends, what errors. We can set up our alerting through it as well. It is definitely a great dashboard."
"The integration features within, for example, the Cisco VPN product and the Umbrella module are valuable."
"It has improved our organization from a security posture perspective. We feel more confident now knowing that we can block phishing attempts or any type of malware that is DNS-related. This is a very nice feature that provides peace of mind."
"When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances."
"The most valuable feature is its ability to detect if a URL has malware or is vulnerable."
"Stability-wise, I rate the solution a nine and a half out of ten...The setup phase was easy."
"The policies are very intuitive and easy to configure, with very little possibility of messing things up."
"The most valuable feature of Zscaler Internet Access is that it is a consolidated solution, it comes with many features, such as DLP."
"The users are at different locations, and Zscaler helps us to put the organization's central security controls on these roaming users."
"One feature that is valuable to me from an implementation point of view is that it's very easy to implement."
"Zscaler Internet Access's best feature is the granular policy controls."
"The protection is most valuable."
"Zscaler covers all the features needed to replace a VPN or proxy solution. They are good. They've been on the market for 15 years now, so they are mature enough."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel."
"For us, as an MSP, the initial licensing changes were a roadblock, and they still could be a lot clearer. Specifically, it's an honor-based licensing system. We'd like it to be more specific to our traffic or our users so that we can make sure that the customer is paying for all their licensing."
"Its reliability and the response time of the support team can be better."
"Cisco Umbrella should add some more documentation on proxies."
"I would like to see Cisco enable us to get objects from the internet. I would also like to be able to choose groups."
"In my experience with Umbrella support, sometimes the response times take a bit more time than we would like... sometimes, if you go through email, it can take quite a while to get a response."
"Client delivery and client updates should be improved. Client delivery was not as easy as expected. Another area for improvement is the integration of escalation procedures for security issues."
"Its price could be better."
"We'd like to have more plugins and integration."
"There are some performance issues when we add on additional controls."
"The tool should improve the predefined dictionaries."
"The solution can be improved by advancing some of the newer technologies such as the DLP feature, and adding email security."
"What could be improved in Zscaler Internet Access is its price. It could be cheaper."
"One thing that needs to be improved is their presence in China. I'm not sure if that's a Zscaler thing or if it's a problem with all vendors in this space, but it would be nice to have better coverage in China. This concern is a common one for vendors across the board when dealing with the Chinese market."
"The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments."
"In terms of user experience, it could be better."
Cisco Umbrella is ranked 1st in Secure Web Gateways (SWG) with 49 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 33 reviews. Cisco Umbrella is rated 8.8, while Zscaler Internet Access is rated 8.2. The top reviewer of Cisco Umbrella writes "We can see all of our locations in one place and only have to make changes once for all our locations". On the other hand, the top reviewer of Zscaler Internet Access writes " AI decision-making on quarantined documents reduces manual work". Cisco Umbrella is most compared with Microsoft Defender for Cloud Apps, Palo Alto Networks DNS Security, Prisma Access by Palo Alto Networks, Fortinet FortiGate SWG and Infoblox Advanced DNS Protection, whereas Zscaler Internet Access is most compared with Microsoft Defender for Cloud Apps, Netskope , Forcepoint Secure Web Gateway, CyberArk Privileged Access Manager and Skyhigh Security. See our Cisco Umbrella vs. Zscaler Internet Access report.
See our list of best Secure Web Gateways (SWG) vendors and best Internet Security vendors.
We monitor all Secure Web Gateways (SWG) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I would widen my options to include Netskope.
Tech support is far better should or if you require it, deployment is much faster, and integrations with API's is better than either of the other two.
Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.
Zscaler Internet Access is a good option for carrying out multiple security functions in a single solution. It includes web filters, firewalls, and sand boxing. The platform is simple to implement and update. Since it is cloud-based, it saved me from having to handle complex local security configurations. The single-sign-on feature saved me from having to log in every time.
The web filtering and scanning are fast and don’t generate any latency. The bandwidth control is very useful for controlling endpoints and gives consistent service.
Although Zscaler Internet Access is easy to set up, it is far from user-friendly. The user interface for the management dashboard is difficult to navigate. Blocking websites is frustrating, and it only works well if you whitelist webs. The reporting feature is not customizable.
One advantage to Zscaler is that you can deploy it to your company’s mobile phones so you can keep all endpoints secure.
Cisco Umbrella is easy to implement, and it comes with built-in configurations so you don’t need to configure them yourself. It gives you statistics so you can adjust policies according to threat patterns. It is stable and very simple. Once you install it, you can get it running in a few minutes. It is very well suited for distributed networks with many on-premises endpoints. Additionally, DNS security is top notch.
On the downside, the statistics on Cisco Umbrella are quite difficult to parse. We found it was difficult to integrate the solution with MS Active Directory.
Conclusions
Cisco Umbrella is powerful and helps to secure a network, especially with distributed users. Both solutions are strong, but I think Cisco Umbrella might be more useful for large enterprises.
Fantastic points you have highlighted Leah. The DNS functionality of the Umbrella.
I think the functionality I love about Umbrella is that it's an enterprise solution providing web security for both on-prem and mobile users. Being a cloud solution centralized management of the solution is made easy. Thank you, Cisco.