We performed a comparison between Microsoft Defender for Cloud Apps and Symantec CloudSOC CASB based on real PeerSpot user reviews.Find out in this report how the two Cloud Access Security Brokers (CASB) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The Global Block List is one of the most valuable features because it's really easy to block domain names as well as URLs. Sometimes you don't want to block the whole site, you just want to block one URL. The Global Block and Allow Lists are the best features for us."
"The most valuable thing is how easy it is to deploy. We did it with 9,000 users at my last job, and it took a week to get to all the endpoints. Doing that without having to physically touch all those endpoints was very simple."
"The single-pane-of-glass management is very important. We have a very small team. We can't spend a lot of time going from product to product to product to either investigate or set up policy. We need to have one place that we can go to and set everything up."
"It enables us to go granular in the customization of blocking some categories on the DNS."
"When it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well."
"Its simplicity is most valuable. I can install it and get it up and running, and it can be pervasive across my business within a business day. It is pretty simple and straightforward to install and configure. Its remit is reasonably clearly defined. When you look at solutions like Darktrace and Carbon Black, the mission objective isn't as clearly defined. Cisco Umbrella, Sophos Central, or some of the other solutions have a more standardized approach to antivirus, which includes enhanced response from the machine learning or deep learning perspective."
"One of the most important features is the security posture check which Umbrella offers when a user accesses any website. That is one of the most unique features that it offers."
"The solution is extremely stable. It has excellent performance."
"On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."
"It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place."
"I like the alert policies because they are quite robust. It has some built-in templates that we can easily pick up. One of them is the alert for mass downloads, when a particular user is running a massive download on your SharePoint site."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"Better logging allows us to find problems and take appropriate steps to lock them out."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"The value in some of these solutions is just the integration of technologies with their on-prem DLP solution. So, you can tie on-prem and cloud DLP policies together. You can apply on-prem policies to the cloud to have consistent policies in a hybrid environment. So, it works very well in that hybrid environment of on-prem and cloud."
"The active directory integration is very valuable as we can connect to the list of users that we have and the cloud control, the blocking, the access control of the cloud, can be handled by this product."
"The integration with Cisco could be better."
"Cisco Umbrella should introduce an on-premises device."
"We would like them to add more features to Cisco Umbrella."
"It should have more integrations with multiple end user OEMs."
"There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad."
"If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all."
"I'd like to see this solution more closely integrate with other products Cisco has in its portfolio."
"In my experience with Umbrella support, sometimes the response times take a bit more time than we would like... sometimes, if you go through email, it can take quite a while to get a response."
"Currently, reporting is not very straightforward and it needs to be enhanced. Specific reports are not included and you need to run a query, drill down, and then export it and share it. I would love to have reports with more fine-tuning or granularity, and more predefined reports."
"Sometimes the support is actually lacking."
"There are challenges with detection and there are challenges with false-positive rates."
"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."
"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."
"They have some room for improvement in terms of being able to do troubleshooting. If you're trying to troubleshoot it, you have to work a lot with their backend people in order to get to a solution. So, trying to do your own troubleshooting can be a little bit difficult."
"It's a niche product. Not many people use it, and therefore there isn't as much of a knowledge base surrounding it."
Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.
Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.
Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.
Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.
Why use Cisco Umbrella?
Reviews from Real Users
Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.
Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”
Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”
Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) that provides multifunction visibility, control over data travel, and sophisticated analytics. With Microsoft Cloud App Security, you can:
- Manage, control, and audit apps to streamline cloud access security
- Mange your access to resources to discover shadow IT and understand your digital information estate
- Use real-time controls to enable threat protection on all the access points that touch your environment
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
The Symantec CloudSOC platform enables companies to confidently leverage cloud applications and services while staying safe, secure and compliant. It provides visibility into shadow IT, governance over data in cloud apps, and protection against threats targeting cloud accounts.
CloudSOC takes a data science approach to security using machine learning at its core and leveraging native SaaS APIs, real-time traffic processing and other data sources to provide insightful visualization and intuitive controls.
CloudSOC offers a cloud audit for Shadow IT plus granular transaction visibility, user behavior analytics (UBA), threat detection, data governance and DLP, security controls and post-incident forensic analysis for sanctioned and unsanctioned cloud apps.
Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 18 reviews while Symantec CloudSOC CASB is ranked 7th in Cloud Access Security Brokers (CASB) with 2 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Symantec CloudSOC CASB is rated 9.0. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Symantec CloudSOC CASB writes "Good for blocking access, very scalable, and quite reliable". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Netskope CASB, Qualys VM, Prisma SaaS by Palo Alto Networks and Fortinet FortiCASB, whereas Symantec CloudSOC CASB is most compared with Netskope CASB, VMware SD-WAN, Skyhigh Security, Zscaler SASE and Forcepoint CASB. See our Microsoft Defender for Cloud Apps vs. Symantec CloudSOC CASB report.
See our list of best Cloud Access Security Brokers (CASB) vendors.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.