We compared Cisco Umbrella Zscaler Internet Access based on our users’ reviews in five categories. After reading the collected data, you can find our conclusion below.
Comparison Results: Cisco Umbrella offers more comprehensive features, including granular customization of DNS blocking, tenant lock content filtering, and support for hybrid work. It also has better integration with other products and more reliable technical support. Zscaler Internet Access has a competitive pricing model and a cloud-native proxy architecture, it lacks certain features such as VPN and client-to-client communication. Overall, Cisco Umbrella provides a more complete and user-friendly solution for organizations.
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The solution is stable."
"What we like most is security and how easy it is to integrate with other appliances."
"It is a good cloud-based solution for DNS security."
"It enables us to go granular in the customization of blocking some categories on the DNS."
"When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances."
"The customer experience is very good, and the product improves security posture."
"One valuable feature is definitely its simplicity in terms of deployment. It is very easy to integrate it into the environment without any heavy lifting. Users didn't notice that we implemented it. You can start with a very low monitoring mode and start observing what Cisco Umbrella sees."
"Meraki features and cloud-based functionality are advanced and easy to manage centrally."
"I haven't found any issues related to latency or any other issue."
"The URL filtering has been the most valuable feature."
"Zscaler covers all the features needed to replace a VPN or proxy solution. They are good. They've been on the market for 15 years now, so they are mature enough."
"Whether you are in a hotel somewhere, or in Africa, it does not matter. You will get the Zscaler protection presence anywhere."
"The most valuable features of Zscaler Internet Access are it's on the cloud, high network performance, and the interception of users is very easy."
"One on the main benefits is protection all time from anywhere."
"The most valuable feature of the solution is SWG traffic."
"We enjoy all of the proxy capabilities and the capability to integrate into the SIEM/SOC solution."
"Overall, we're very happy with our product."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"In the future, they should combine some of the Cisco AMP features that they already have, for anti-malware purposes."
"We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run."
"I think it's a very basic solution, and because of that, Cisco Umbrella would not be a suitable solution for large companies."
"In my experience with Umbrella support, sometimes the response times take a bit more time than we would like... sometimes, if you go through email, it can take quite a while to get a response."
"I would like to see more integrations with more products. Some of the integrations need to be simpler as well. For example, the integration with Cisco Secure Firewall could be simpler. It would be good to make reporting simpler. For those who don't use SecureX, it would be good to make Umbrella really simple to use upfront. It's not a difficult product, but it can be daunting for someone who isn't exposed to it because there are so many options."
"It could be more secure. It would be better if they provided a transferring proxy as an add-on and more integration."
"I would like to see more integration between Cisco Umbrella and Cisco DNA Center."
"Something on our end that might make it better is alerting going to our ticketing system. It's not something that we have discussed, but that would be a proactive option for us to provide a learning experience for the staff."
"Technical support could be better."
"Zscaler should provide adjacent services, which would be complementary to their current offering that could to be more pragmatic for a customer. For example, if you take Akamai, you get multiple sets of services, all depending on the customer and the strategy and the complexity and the problems. In some areas, they are more varied in terms of coverage."
"In terms of user experience, it could be better."
"They could provide more time for the onboarding the training of an IT person."
"In terms of usage, here in the GCC, it's still growing a growing market, so the combination of DLP, data leak prevention, to a certain extent is fine. But what it requires is user-based access or role-based access. The solution needs to grow into that, which definitely takes time. There's not an easy way to integrate it, when you have a cloud-based solution."
"The tool should improve the predefined dictionaries."
"The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments."
"I would like to see more training and video documentation."
Cisco Umbrella is ranked 1st in Secure Web Gateways (SWG) with 55 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 29 reviews. Cisco Umbrella is rated 8.8, while Zscaler Internet Access is rated 8.2. The top reviewer of Cisco Umbrella writes "We can see all of our locations in one place and only have to make changes once for all our locations". On the other hand, the top reviewer of Zscaler Internet Access writes "Configuring policies is user-friendly but challenges with stability". Cisco Umbrella is most compared with Microsoft Defender for Cloud Apps, Prisma Access by Palo Alto Networks, Palo Alto Networks DNS Security, Fortinet FortiGate SWG and Infoblox Advanced DNS Protection, whereas Zscaler Internet Access is most compared with Microsoft Defender for Cloud Apps, Netskope , Prisma Access by Palo Alto Networks, Forcepoint Secure Web Gateway and FortiSASE . See our Cisco Umbrella vs. Zscaler Internet Access report.
See our list of best Secure Web Gateways (SWG) vendors and best Internet Security vendors.
We monitor all Secure Web Gateways (SWG) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I would widen my options to include Netskope.
Tech support is far better should or if you require it, deployment is much faster, and integrations with API's is better than either of the other two.
Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.
Zscaler Internet Access is a good option for carrying out multiple security functions in a single solution. It includes web filters, firewalls, and sand boxing. The platform is simple to implement and update. Since it is cloud-based, it saved me from having to handle complex local security configurations. The single-sign-on feature saved me from having to log in every time.
The web filtering and scanning are fast and don’t generate any latency. The bandwidth control is very useful for controlling endpoints and gives consistent service.
Although Zscaler Internet Access is easy to set up, it is far from user-friendly. The user interface for the management dashboard is difficult to navigate. Blocking websites is frustrating, and it only works well if you whitelist webs. The reporting feature is not customizable.
One advantage to Zscaler is that you can deploy it to your company’s mobile phones so you can keep all endpoints secure.
Cisco Umbrella is easy to implement, and it comes with built-in configurations so you don’t need to configure them yourself. It gives you statistics so you can adjust policies according to threat patterns. It is stable and very simple. Once you install it, you can get it running in a few minutes. It is very well suited for distributed networks with many on-premises endpoints. Additionally, DNS security is top notch.
On the downside, the statistics on Cisco Umbrella are quite difficult to parse. We found it was difficult to integrate the solution with MS Active Directory.
Conclusions
Cisco Umbrella is powerful and helps to secure a network, especially with distributed users. Both solutions are strong, but I think Cisco Umbrella might be more useful for large enterprises.
Fantastic points you have highlighted Leah. The DNS functionality of the Umbrella.
I think the functionality I love about Umbrella is that it's an enterprise solution providing web security for both on-prem and mobile users. Being a cloud solution centralized management of the solution is made easy. Thank you, Cisco.