IT Central Station is now PeerSpot: Here's why

Duo Security OverviewUNIXBusinessApplication

Duo Security is #1 ranked solution in top Authentication Systems and #3 ranked solution in top ZTNA services. PeerSpot users give Duo Security an average rating of 8 out of 10. Duo Security is most commonly compared to Microsoft Authenticator: Duo Security vs Microsoft Authenticator. Duo Security is popular among the large enterprise segment, accounting for 56% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 23% of all views.
Duo Security Buyer's Guide

Download the Duo Security Buyer's Guide including reviews and more. Updated: July 2022

What is Duo Security?
Cloud-based user authentication vendor: authenticate with your phone, Duo mobile app, landline, or tokens with or without an internet connection
Duo Security Customers
Threadless, Yelp, Etsy, Eventbrite
Duo Security Video

Duo Security Pricing Advice

What users are saying about Duo Security pricing:
  • "Our licensing fee is currently on an annual basis."
  • "With regard to pricing, for a small business buying a one off, it's pretty expensive. If it's an enterprise that has thousands of employees, however, it's really nothing to protect your data because if your network goes down or it's breached, you're losing millions of dollars every minute. When it comes to a large enterprise, it's priced where it should be because you're talking business to business. You're not talking business to consumer."
  • "Their pricing model is a little bit weird. Currently, there is no price advantage in signing up for yearly contracts. There are no additional costs to the standard licensing costs."
  • "Price wise, it's not cheap, but it's not expensive at all either. It's in the middle."
  • Duo Security Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Sean Muller - PeerSpot reviewer
    IT Security manager at a energy/utilities company with 201-500 employees
    Real User
    Top 5Leaderboard
    A highly-scalable multi-factor authentication solution
    Pros and Cons
    • "The multi-factor authentication process and the geo-locking features are great."
    • "We had some trouble with the password reset function."

    What is our primary use case?

    When our users are connecting to our Cisco VPN, Duo effectively ensures that they are who they say they are by taking a second factor into account, such as the cell phone that was used to create their profile. To do this, it sends them a second mode of authentication, such as a PIN or push confirmation. It also geo-locks who is allowed to actually log into our systems. We have it locked to the continental United States and Puerto Rico, and one outsourcing firm that we work with. Once you have it set up, all you really have to do is add people to a group in the active directory and send them the instructions on how to do it. If you have a lower technical user base, you may have to walk them through it. But once it's set up, it really is automatic. Not a single person from our IT staff really needed anything other than the instructions. Of the 15 people in our test group, nobody actually needed instructions on how to use it either — beyond what I just wrote up and sent them. As we get to the older population in our company, the less technical population, we're probably going to have to walk them through it or hold their hands a little bit. Within our organization, there are currently 15 employees using this solution. Eventually, we will have all 221 office staff users with it set up. Still, we'll probably top out at about 80 users a day. We will increase the overall usage as our users increase. So, if we hire another 10 people, then we'll buy another license.

    What is most valuable?

    The multi-factor authentication process and the geo-locking features are great. It provides us with statistics about the devices that are used to perform the second authentication factor. Upon successful connection, it tells us where and what device is being used to perform the second authentication factor. For example, when I log in with it, we'll see that I have my iPhone 11 and that it is located in the area via its IP address.

    What needs improvement?

    We had some trouble with the password reset function. When a user's password is expired, you can prompt them using Cisco AnyConnect — a password management feature — to change their password in the same channel during the login process. We had a lot of trouble configuring that. As a result, we now have a second channel that bypasses Duo to allow them to reset their password. For this, we needed Cisco support, Duo support, and our network administrator all lined up. It should have just been something that they could have just configured, but they weren't able to do it in the same channel. We had to actually create a second channel. When you do this, people will try to log on and it'll tell them that their password is incorrect. They'll realize that their password is expired because it's been 90 days. Afterward, they'll have to then go back to AnyConnect, change the channel that they're logging into, attempt to log in, get the password prompt, disconnect from the AnyConnect, and then reconnect using the Cisco Duo multifactor authentication — this is extremely complicated. Still, it's really only a problem for a small subset of users. The ones who ignore the notifications 10 days before saying, "Hey, change your password."  So, it's not as big of a deal as it sounds. Just by having a functional way to do it, it makes it so that if nobody's on staff, the user can reset their own password without having to call us in the middle of the night on a Saturday, because that's the best time for those passwords to expire.  Also, it would be nice if it was easier to modify the splash screen that comes up when entering your username and password.

    For how long have I used the solution?

    We actually just configured Duo Security — we're in the process of pushing it out. Currently, we've been using it for the past three to four months.
    Buyer's Guide
    Duo Security
    July 2022
    Learn what your peers think about Duo Security. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    610,229 professionals have used our research since 2012.

    What do I think about the scalability of the solution?

    Scalability is definitely up there. It could easily handle many, many, many more authentications than we are currently or ever would use. It could definitely go far beyond what we are currently using.

    How are customer service and support?

    The technical support agents are definitely knowledgeable; they give us plenty of recommendations on how to do things. They are very quick to send us white papers describing how to fix things ourselves.  Although they try to push us toward a self-help model, they do eventually get online with us via a WebEx chat with the Cisco reps and help us out. We've never really had any problems finding somebody from chat support that wouldn't jump on to the WebEx meetings with Cisco premium support.

    Which solution did I use previously and why did I switch?

    We didn't have anything covering multifactor authentication. We were using Cisco AnyConnect with the tie-in to the active directory, but we just had the single factor — the username and password. Duo allowed us to greatly enhance our security. Now, not only do users have to know their username and password, but they also have to be able to receive the second-factor authentication in order to get in. The same goes for anyone trying to break in.

    How was the initial setup?

    The initial setup was complex, but due to the support that we received during the onboarding, it was very simple with the exception of the password reset channel that I mentioned earlier that we tried to use but didn't end up doing. The way we have it set up now is actually how it was configured during the onboarding process. It just would've been nice to have had it functionally work — to have that all in one channel.

    What about the implementation team?

    Regarding deployment, we have an in-house person, but we still had Cisco Duo onboarding support to assist us with the setup. If you have a CCNA, you'll probably be able to do it yourself, but it's just much easier to do it with onboarding support. The functional part of the onboarding process only took roughly an hour. Including troubleshooting our channel issue, we spent roughly 16 hours before we just decided to go back to the original build.

    What's my experience with pricing, setup cost, and licensing?

    Our licensing fee is currently on an annual basis. There are two levels of support with Duo that we were considering. The first level of support is just the two-factor authentication — it doesn't do anything else. But the second level of support provides us with network access control. This basically allows us to say, "Hey, your iPhone hasn't been updated in 10 years, update your iPhone to continue using this service." Or, "Your Windows device does not have updates." It also provided us with the geolocation feature. We were experiencing a lot of break-in attempts from Moldavia. So, thanks to this feature, we just locked out Moldavia. If nobody in Moldavia can connect to our system, then nobody in Moldova can hack us. 

    What other advice do I have?

    If you're interested in using this solution, be sure to get the onboarding team to set everything up during the onboarding phase. Set up a proxy server if you can and get them to do everything during the onboarding phase — then you won't have any problems. Compared to the after-purchase support, the onboarding people are a lot more willing to just take over your computer and set things up for you. Overall, on a scale from one to ten, I would give this solution a rating of ten — it's the best. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Ronnie Scott - PeerSpot reviewer
    CTO at Charter
    Reseller
    Expanded our security posture, but needed better integration with our application stack
    Pros and Cons
    • "It was a simple way of providing two-factor authentication for remote access when we hit the COVID pandemic. It was very easy and quick to get it going."
    • "We found it difficult to integrate it into our broader product family of Microsoft tools and other applications used across our organization."

    What is our primary use case?

    Primarily, it was used as remote access for VPNs. It expanded our security posture, due to the increase in people working from home.

    How has it helped my organization?

    It certainly gave us a much more confident security posture as far as users coming on. 

    Having all resources be external is reasonably important for us. Zero trust is certainly a target. Not that we are there yet, but we would expect everything to be considered mostly untrusted.

    It eliminated trust for remote access, but not from inside our organization.

    It was a simple way of providing two-factor authentication for remote access when we hit the COVID pandemic. It was very easy and quick to get it going.

    What is most valuable?

    Simple authentication for VPN was our primary function, and it worked well for that.

    As far as remote access, simple access, and authentication to gateways, it was perfect.

    Distributed access for ISE has been pretty strong for remote access and works very well.

    It has very strong network connectivity, which works reliably and well. It was very easy for people to connect and the app worked as it should. Just once people connected, they typically had to use a different tool from that point on.

    Duo applies and maintains well network connectivity across campus and remote locations. Remote access from people's homes and branches is also strong. Network connectivity is its strength and does that well.

    What needs improvement?

    We found it difficult to integrate it into our broader product family of Microsoft tools and other applications used across our organization. So, we have pulled back from this solution a little bit. It was easier to use Microsoft MFA, which integrated with everything and still did the two-factor authentication that we needed. 

    There is nothing wrong with the product, as far as its functionality. It was just the breadth of support. It got harder and harder to integrate.

    For what it does, it is fantastic. Once we started hitting Microsoft Office stacks, we then began to find its limitations.

    It is not so good for securing access to our application and network. We found it harder to integrate, particularly with the Office stack, which is our primary application stack. We did get it working with a few other cloud applications that we were working with as part of our single sign-on story. However, it certainly wasn't easy to integrate in-house.

    It created another step for users who don't know about the benefits, as far as the corporate benefits. I wouldn't consider having another app on their phones and having another thing to deal with a positive for our user community.

    For how long have I used the solution?

    My organization has been using it for about two and a half to three years, since around the beginning of the pandemic.

    What do I think about the stability of the solution?

    Stability was good. It was well-designed and simple to implement. Its cloud interaction went very well. We never had any major stability issues. Yeah. We had nothing to complain about regarding its operational functionality.

    What do I think about the scalability of the solution?

    We are a relatively small shop. It was well within our sizing. We never saw any issues with scaling. Obviously, the indications would be that it will scale very well, but nothing we had to experience with.

    How are customer service and support?

    We didn't encounter the technical support much. Things worked very well. Functionality and reliability were never a problem. 

    We asked a few questions about integration and so on. I think we got good answers back. We have had no big complaints, but we didn't have a lot of interaction with them.

    Which solution did I use previously and why did I switch?

    We did not previously use another solution. We brought Duo in as a tool that we could rapidly and easily deploy. It did that job. We actually removed it later, as our primary tool, because we could achieve what we needed with a more integrated single multi-function tool (Microsoft MFA).

    Which other solutions did I evaluate?

    Duo brings in another application for users to deal with. Whereas, Microsoft integrates with their single authentication stack, allowing us to handle their own personal banking accounts and personal two-factor authentication needs in one app. This isn't Duo's strength, and it's not what we see Google and Microsoft doing out in the cloud.

    Single-pane-of-glass management is important for us, but not critical, because fewer management points are better. Duo didn't provide a single pane of glass because of our different application stacks. Whereas, at least Microsoft Authenticator has allowed us to deal with most applications as well as their deep integration with Office.

    Duo needs to adopt the same kinds of concepts that we see from all the major authentication tools, such as Google Authenticator, Microsoft Authenticator, third-party password tools like Bitwarden, and Secret Server from Delinea. All of these are beginning to incorporate more functions into them as a single security tool,  protecting me with authentication codes and six-digit codes that interact with Google, Microsoft, and any of those vendors as part of the tool. There are more functions, fewer tools, and less user impact, which are all benefits. I don't think Duo showed us that as a single tool. Duo did its job really well, but there are many jobs that have to be done.

    What other advice do I have?

    Resilience security is all about business continuity. Resilience is an expected function of that, which is necessary and not optional.

    For businesses wanting to build more resilience, I would say, "Keep it simple," and fewer moving parts is better. That is one of the reasons that we ultimately moved away from Duo. Not because anything was wrong with it, but we could collapse two functions down into one. I think simplicity is really critical. It reduces the amount of time our staff has to spend on it, making things easier. Simplicity would be my number one reason for building resilience into an organization. It allows you to understand better how you are dealing with threats and more simply respond to threats.

    We are a valued reseller who works with Cisco and other vendors. We are primarily a Cisco networking shop across eight locations with 120-odd users who are mostly working from home or at least part-time working from home post-COVID. We have two major offices, a small data center, and five other locations, which are all remote access, using Cisco DMVPN. Microsoft is the application stack that we primarily use, plus cloud applications, and Juniper Mist for our wireless.

    I would rate it as seven out of 10. In the world of network security, it is outstanding and very strong. I have a lot of positive things to say. I think that it needs to be much more seamlessly integrated with today's application stack.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
    Flag as inappropriate
    Buyer's Guide
    Duo Security
    July 2022
    Learn what your peers think about Duo Security. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    610,229 professionals have used our research since 2012.
    Network Engineer at a tech services company with 11-50 employees
    MSP
    Adds an extra layer of security, is self-managed, and helps remediate threats more quickly
    Pros and Cons
    • "Multifactor authentication is the most valuable feature."
    • "Technical support could be improved. I don't think all support should have to go through an agreement."

    What is our primary use case?

    With Duo, MFA allows the network to have an authenticated user sign-on seamlessly. If someone's entering a password and their user credentials and they want to get access to the network, the Duo app will have a code that the end-user has to input, which then authenticates them. It's a second layer of security before they can access the network. Even if a third party gets your username and password, without that Duo access, they won't be able to access your network.

    How has it helped my organization?

    We don't have to worry so much about the end-user that's logging in.

    What is most valuable?

    Multifactor authentication is the most valuable feature.

    As for establishing trust for every access request, that's exactly what this solution does. Outside of having a username and password, you have to get authentication from Duo as well.

    You can never eliminate trust, but what Duo Security does do is add an extra layer of security. When it comes to the internet, networks, inbound traffic, and outbound traffic, you're always subject to a potential threat. Duo Security just adds another layer.

    It's a great addition to the security of any network infrastructure.

    In terms of helping workers feel safe, everyone knows that the information within the enterprise is safe because the people that are logging in have been authenticated in more than one way.

    It's pretty easy to maintain network connectivity once it's set up; the end-user uses it to log in. It's not something that you have to constantly manage and deal with apart from pushing updates. It's pretty much self-managed.

    In terms of consistency across workspaces, it works all the time, except for when a forced update is needed.

    It helped us remediate threats more quickly. For instance, if someone accesses your credentials or you leave your laptop open and someone gains access when it times out, you still need the Duo code that is sent. A new code is always needed to be able to access that laptop or even that phone. Then, from there you're able to safeguard the information that your company has.

    Nowadays, data is the number one commodity, so protecting that at all costs is really important. Duo helps with that with end-users. The thing about end-users is that they are volatile. You can't really control what someone does. So, Duo security helps with managing that by having them implement a new time code that's always sensitive.

    What needs improvement?

    Technical support could be improved. I don't think all support should have to go through an agreement.

    For how long have I used the solution?

    I've been using this solution for seven years.

    What do I think about the stability of the solution?

    It's very stable. There aren't many issues with Duo.

    What do I think about the scalability of the solution?

    The scalability is just fine. If you scale a certain amount, you have to upgrade and update your license. Outside of that, it's fine.

    We are a large organization that deals with a lot of high transactional payments, and we have a large number of users, maybe 100,000 a day, and inbound user traffic.

    How are customer service and support?

    If you open up a TAC case and they get to you quickly, it's fine. If you have a service agreement that says that they will get back to you within one to two hours, that's fine because you can resolve an issue. Now, if you don't have that agreement and are just a regular user, they take 48 hours to get back to you, and if you and the network team or the security team can't figure out the issue, a lot of money could be lost in two days.

    Because there's always room for improvement and because I don't think all support should have to go through an agreement, I would rate technical support at eight on a scale from one to ten.

    How would you rate customer service and support?

    Positive

    What was our ROI?

    Anytime your network is secure and it's not breached or there's no downtime or infiltration of your perimeter, there's always an ROI.

    What's my experience with pricing, setup cost, and licensing?

    With regard to pricing, for a small business buying a one-off, it's pretty expensive. If it's an enterprise that has thousands of employees, however, it's really nothing to protect your data because if your network goes down or it's breached, you're losing millions of dollars every minute. When it comes to a large enterprise, it's priced where it should be because you're talking business to business. You're not talking business to consumer.

    What other advice do I have?

    To leaders who want to build more resilience within their organization's security, I would say that you can't go wrong with Cisco products when it comes to security. You can start with Cisco Umbrella, then go down to their firewalls, and then the next-generation firewalls. Then, you can move down to their end-user security endpoints.

    The whole lineup through their security portfolio is really strong. If you're spending $50,000 on a suite and a $100,000 total contract value, you can enter a 3.0 Enterprise Agreement. Then from there, you can lock in prices for one, three, to five years. So, when it comes to any enterprise, when you're talking about security, if you use all of Cisco's security features, from end-user out to your data centers, you'll be pretty well off.

    If you have security concerns, implement Duo for your end-users.

    Overall, I would rate Duo Security an eight on a scale from one to ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    Carl Smith - PeerSpot reviewer
    Network engineer at a manufacturing company with 1,001-5,000 employees
    Real User
    Easy to incorporate into any sort of application and makes our company more secure
    Pros and Cons
    • "Another feature is the single pane of glass management. That's important for analytics and also for troubleshooting. It means there's one place that you go to at least start the troubleshooting process."
    • "It could be a little bit more intuitive when it comes to the sign-up process. I know they send out an email, but sometimes our users get a little confused. It could be an end-user problem, but Cisco could work on that a little."

    What is our primary use case?

    We use it for MFA to secure our Outlook webmail and some other applications as well. We use Duo for pretty much anything that uses MFA. 

    We were looking for increased security. We wanted to make sure that the person who is trying to log in to our services is actually who they claim to be. We wanted to lock down our applications more and provide extra security.

    We have some on-prem servers for the gateways and it's in the cloud as well.

    How has it helped my organization?

    It has definitely made our company more secure. It's pretty easy to incorporate into any sort of application you want to. We also use it for single sign-on for certain applications and that has been nice. People hate passwords.

    It's really great for remote workers and a hybrid workforce nowadays, for people who are trying to access their VPN or any applications from outside of the company. It helps us make sure it's someone who should be accessing those things. It does a good job.

    It's definitely a factor in achieving that Zero Trust.

    In a way, it helps us remediate threats more quickly. If someone is trying a brute-force attack, trying all the passwords they can, and they're not getting a response through Duo, you can see certain security threats that are happening and remediate them.

    Duo has also had a big impact on employee morale. People like it. They feel that their data is more secure. Resiliency is very key to keeping people doing their jobs. Cyber security resilience has been very important for us. It used to be that security was not to be the main focus, but it's extremely important now. There are a lot of ransomware attacks and people need to be very cognizant of that. It's important to have redundant and resilient systems in place to support that.

    What is most valuable?

    It's nice to have that push notification with the app and it's pretty easy to use. Our users are usually pretty open to it, and it's pretty easy to onboard people.

    It also seems like it's accurate, and you can add multiple devices to your account.

    In addition, typically, if it detects that you're on an internal network, you can bypass the Duo portion of it. That way, people don't have to do MFA when they're on campus.

    Another feature is the single pane of glass management. That's important for analytics and also for troubleshooting. It means there's one place that you go to at least start the troubleshooting process. It also helps with the user experience because you can manage all the user accounts from that one spot, including setting up new users, making adjustments, editing their preferences, et cetera.

    What needs improvement?

    It could be a little bit more intuitive when it comes to the sign-up process. I know they send out an email, but sometimes our users get a little confused. It could be an end-user problem, but Cisco could work on that a little.

    For how long have I used the solution?

    I've been using Duo Security for about two years.

    What do I think about the stability of the solution?

    It seems very stable. I don't think there has been any point at which people have tried to use it and it has failed.

    What do I think about the scalability of the solution?

    The scalability seems fine. As long as you get the licensing to support it, you can add as many users as you'd like.

    We have five or six offices locally, and a few more in different states in the US. We also have one in Shanghai, but they're doing their own thing there. But everyone in our US offices uses it, they all get enrolled. Typically, people will install the app on their phones although they don't have to.

    How are customer service and support?

    I don't think we've had to use technical support too often, which is a good thing about the product itself.

    Which solution did I use previously and why did I switch?

    We didn't use an MFA before Duo.

    How was the initial setup?

    When the solution was rolled out, I wasn't with the company, but we then expanded it in different ways and I have been involved in that. In terms of the initial deployment, from what I can tell, it was relatively straightforward. And from what I've seen since, it hasn't been too hard to expand it to other services.

    What was our ROI?

    It's definitely a valuable product to have.

    Which other solutions did I evaluate?

    We may have evaluated other options at a surface level, but we didn't really go too deeply into them. We pretty much went with Duo out the gate.

    What other advice do I have?

    I would tell leaders who want to build more resilience within their organization to do it right now. It's definitely important and there are a lot of resources out there that can help them on that path. Duo helps with that.

    It does what it's marketed to do.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Ryan Lloyd - PeerSpot reviewer
    Systems Engineer Virtualization at a engineering company with 501-1,000 employees
    Real User
    Easy to use and integrates well with the rest of our cloud-based Cisco ecosystem
    Pros and Cons
    • "The single pane of glass management is very important and it is part of the reason we went with Duo. Anything we can do to save time for our administrators, help desk staff, and engineers, is valuable to us."
    • "I wouldn't mind seeing some options for remembering a device for a short period of time or a specific login, particularly for administrative engineering staff, as we may be logging in to four or five different services."

    What is our primary use case?

    We use it for two-factor authentication for end-user and administrator login. We wanted to secure our endpoints.

    What is most valuable?

    The single pane of glass management is very important and it is part of the reason we went with Duo. Anything we can do to save time for our administrators, help desk staff, and engineers, is valuable to us.

    What needs improvement?

    I wouldn't mind seeing some options for remembering a device for a short period of time or a specific login, particularly for administrative engineering staff, as we may be logging in to four or five different services. We're having to use it a lot. I understand it, it's just part of it. That's not specific to Duo. That's two-factor authentication in general.

    For how long have I used the solution?

    I've been using Duo Security for about a year.

    What do I think about the stability of the solution?

    It's stable. We haven't had any downtime that I can recall or any problems with maintaining network connectivity.

    Any issues we've had have been local to a specific user. Maybe the phone number was not set up right or there was some conflict as a result of somebody changing a device, but it's always been pretty straightforward to get that kind of thing resolved.

    What do I think about the scalability of the solution?

    We started off with a small deployment and, in one or two steps, sent it out to everybody and it scaled fine. We didn't have to change anything in our setup.

    We have about 1,200 users across 60 branches around the U.S. We occasionally have people using it internationally and we're able to handle that fine with our geographic location blocking or allowing, as the case may be. It's a fully virtualized environment. We have a lot of remote users, people who work in remote fields. As long as they have a cell signal, it works.

    How are customer service and support?

    I have not had to deal with any support for Duo. The less I have to talk to support the better, for sure.

    Which solution did I use previously and why did I switch?

    This is our first venture into two-factor authentication.

    We didn't have a specific problem we were trying to solve when we got it. We were just trying to add more and more security. We did have regulatory requirements for two-factor authentication and that is what drove it.

    How was the initial setup?

    The deployment of Duo Security was mainly a project done by our network and security team, but I was involved in it to some extent. I found it pretty straightforward. As enterprise-wide security solutions go, it wasn't too bad.

    We got it integrated with Active Directory. There were some struggles there that I don't know the specifics of because our network team was working on that. But once everything was set up, it was pretty easy to add a new user and do whatever we wanted to.

    It took a little time for our users to get used to it, but everybody took to it pretty well. The users don't really have to interact with it other than getting their push notifications. For them, it's easy. It requires minimal training. It pops up and it's all pretty self-explanatory.

    Which other solutions did I evaluate?

    It's pretty easy to use as two-factor authentication systems go. We evaluated a few others, including the Microsoft two-factor authentication, a little bit, and one other, and Duo ended up being our favorite. Part of that was because we're in that Cisco ecosystem and we were able to integrate it with our other services that are all cloud-based. It fit in pretty well for us, and it would for anybody with a similar setup.

    Duo was also the least obtrusive to the user and the ease of administration through the administrative portal was a little better.

    What other advice do I have?

    Fortunately, we haven't had to evaluate it when it comes to helping us remediate threats more quickly, but we're confident that it will.

    Regarding resilience in cyber security, two-factor is definitely a must-have. We're satisfied with it as far as that goes, in addition to it fulfilling our regulatory requirements.

    For our use case, for logins, it just works.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Senior Aerospace Engineer at a manufacturing company with 10,001+ employees
    Real User
    Enables us to pick out unsuccessful login attempts quickly and shut down those accounts proactively
    Pros and Cons
    • "The ability for users to authenticate via phone, from any random phone number, has been very helpful for managing a distributed workforce. Using it across a distributed network for securing access to our applications is big for us."
    • "We have users who move throughout the world, and their levels of connectivity change. It can be a challenge, if someone is in Bahrain, to authenticate via Duo."

    What is our primary use case?

    We wanted multi-factor authentication across a variety of platforms.

    How has it helped my organization?

    It's improved security by enforcing strong, reliable multi-factor authentication, and it has reduced intrusions across our organization. It makes sure all the user sessions are at least a little more trustful than if we just had single-factor.

    In terms of remediating threats, we are able to pick out unsuccessful login attempts pretty quickly on the Duo platform and we can shut down those accounts. It makes us more proactive. That works well.

    What is most valuable?

    The ability for users to authenticate via phone, from any random phone number, has been very helpful for managing a distributed workforce. Using it across a distributed network for securing access to our applications is big for us. It works very well, and we have no major complaints about the integration of any of our third-party applications.

    We have a high level of confidence in the platform, especially for identifying potential logins from unexpected geolocations. The data associated with logs is very helpful for helping to make that determination.

    It's very important for us that Duo Security considers all resources to be external, especially as we lead up to Zero Trust. It needs to be like that.

    What needs improvement?

    End-users find it more annoying than anything else. It's tough to manage user perception of the service, especially when there isn't feature parity between Mac and Windows users. There are some challenges in making that user experience the same between platforms and helping users feel the least amount of burden possible while helping to ensure the organization's security.

    Network connectivity depends on where users are located. Internally, on-premises, it's not hard keeping connectivity, but we have users who move throughout the world, and their levels of connectivity change. It can be a challenge, if someone is in Bahrain, to authenticate via Duo.

    For how long have I used the solution?

    I have been using Duo Security for two years. 

    What do I think about the stability of the solution?

    We've had no issues with the stability of Duo. I consider it to be a stable product.

    What do I think about the scalability of the solution?

    It has scaled to meet our needs. I don't know how it scales if you have 10,000 or 20,000 users, but for our organization, with fewer than 5,000 users, it's been fine.

    How are customer service and support?

    The technical support has been adequate. They are responsive regarding support for troubleshooting tickets. We haven't had any issues that required escalation, so we've been happy with it.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We did have a previous solution. The interoperability has been improved with Duo compared to that solution.

    How was the initial setup?

    Our physical deployment of the solution is in the continental United States, but our users are worldwide.

    What other advice do I have?

    I don't place too much value on any single product, since placing too much trust in one thing creates a single point of failure. This is just a single piece in a broader spectrum of security products to accomplish our actual goals.

    Building resilience is nice, but there's a point of diminishing returns when it comes to doing that. Part of my job is to help our leaders understand where that diminishing return is.

    The single pane of glass management is desirable, but it's like a unicorn. No single pane of glass is ever really a single pane of glass. That's something that would be nice, but it's not something I expect.

    Duo is a very consistent product and flexible in how it can be deployed and has good support. It's a product we're very happy with.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Head of IT and Security at a consultancy with 11-50 employees
    Real User
    Top 10
    Stable, easy to set up, and has useful push notifications, integrations, and mobile app
    Pros and Cons
    • "The push notifications and the integrations they offer are valuable. Their mobile app is very useful. It is very easy to use."
    • "The only time I really had some negative feedback for them was about the UI of their mobile app, but they improved it in the last version. It is good on the functionality side, but their pricing model is a little bit weird. Currently, there is no price advantage in signing up for yearly contracts. If you are on a monthly term or a yearly contract, you basically pay the same price, and that is very unusual. Normally, there is a discount when someone signs up for the 12-month system."

    What is our primary use case?

    Duo Security provides multi-factor authentication for anything that requires multi-factor authentication. It could be our internal corporate services, such as a single sign-on portal, or applications, such as Google Cloud.

    How has it helped my organization?

    It is very easy for users to enroll. There are a lot of insights that we get from using the app on devices that people use to authenticate.

    What is most valuable?

    The push notifications and the integrations they offer are valuable. Their mobile app is very useful. It is very easy to use.

    What needs improvement?

    The only time I really had some negative feedback for them was about the UI of their mobile app, but they improved it in the last version. There was no way to (re)name 3rd party OTP accounts so it got confusing when multiple ones were existing. In addition, each account took a lot of space on the screen, they condensed it in the new version to make it easier for people that have a lot of accounts added. Duo has a beta program and actively solicits and listens to feedback which personally I think is great.

    It is good on the functionality side, but their pricing model is a little bit weird. Currently, there is no price advantage in signing up for yearly contracts. If you are on a monthly term or a yearly contract, you basically pay the same price, and that is very unusual. Normally, there is a discount when someone signs up for the 12-month system.

    For how long have I used the solution?

    I have been using this solution probably since 2014. In this company, we have been using it for two years in total.

    What do I think about the stability of the solution?

    It is stable. Over the last six or seven years, I didn't have any issues where something wasn't working.

    What do I think about the scalability of the solution?

    The maximum number of users that I have had is around 600, and I haven't found any issues there. In my current organization, every employee is using this solution. We have 250 employees.

    How are customer service and technical support?

    I have not interacted with them. I never had to open a support case.

    Which solution did I use previously and why did I switch?

    We didn't have anything in place.

    How was the initial setup?

    It is pretty straightforward. I just need to log in to an account and integrate systems that should be using Duo Security. That's basically it. It probably took me an hour to roll out the accounts.

    What about the implementation team?

    IT support helps users if they run into problems with the application, but that's about it. There is no separate team for its maintenance and deployment. There are a lot of service options for our users. They don't even need to contact IT support. On a new phone, they can even do it on their own.

    What was our ROI?

    It has provided ROI.

    What's my experience with pricing, setup cost, and licensing?

    Their pricing model is a little bit weird. Currently, there is no price advantage in signing up for yearly contracts. There are no additional costs to the standard licensing costs.

    Which other solutions did I evaluate?

    We looked briefly at Okta Verify. It is the Verify app from Okta to use a single sign-on provider. It had the same price but far less functionality. It was a no-brainer to just go with Duo Security.

    What other advice do I have?

    I would advise others to look at the integrations that are available and see if they can roll it out to as many applications as they can. Encourage users to use Duo Push versus the six-digit pin code that the applicant generates.

    I would rate Duo Security a nine out of ten.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Yasser Alghamdi - PeerSpot reviewer
    CDC director at Stc
    Real User
    Supports hybrid work, is easy to implement, and can be spread across all applications
    Pros and Cons
    • "It has definitely reduced embedding. We found a lot of problems with attackers being able to compromise accounts. Now, when they try to access accounts, they are not able to do so because there is an added layer of protection. Once we know that a username and password are compromised, we just reset the password to protect the company."
    • "Duo Security should have more customized use cases. For example, if a client needs to have more customization, it would be better to connect directly with Duo's R&D to try to discuss the issues together in order to add customizations."

    What is our primary use case?

    We use it for two-factor authentication so that we're not just relying on the username and password but also on two-factor authentication, whether it's through SMS or through the application.

    People use very weak passwords, so it's very easy for attackers to get in and compromise accounts. This is why we need two-factor authentication and why we are with Duo Security. It helps us to not only rely on the username and password but also implement another layer of protection. Attackers are not going to be able to compromise accounts because of the two-factor authentication.

    How has it helped my organization?

    It has definitely reduced embedding. We found a lot of problems with attackers being able to compromise accounts. Now, when they try to access accounts, they are not able to do so because there is an added layer of protection. Once we know that a username and password are compromised, we just reset the password to protect the company.

    What is most valuable?

    I like the two-factor authentication, which gives another layer of protection.

    It's very important for our organization that this solution considers all resources to be external. Our company has thousands of people who access from outside, and it's hard for us to know which one is legitimate and which one is illegitimate. Having two-factor authentication with Duo helps us to implement a second layer of authentication so that we know for certain that the people who are accessing accounts are legitimate.

    It's a great solution for securing access to the applications and network because we can integrate the solution with all types of applications. The system has the ability to integrate customized applications built in-house and those that were brought in from outside. It integrates with network access as well, such as when you want to access a different node. It has multiple ways to authenticate applications, network access, etc., which helps us a lot to spread the solution across all our assets.

    That the solution helps support hybrid work is very important to our organization because people access accounts from everywhere. Duo Security gives us the second layer of protection.

    The solution provides a single pane of glass management to help us monitor all of the access.

    Duo Security helped us remediate threats more quickly.

    What needs improvement?

    It is not easy to maintain network connectivity.

    Duo Security should have more customized use cases. For example, if a client needs to have more customization, it would be better to connect directly with Duo's R&D to try to discuss the issues together in order to add customizations.

    For how long have I used the solution?

    I've been using this solution for the last two years.

    What do I think about the stability of the solution?

    The stability is definitely good.

    What do I think about the scalability of the solution?

    The scalability is great. The solution is deployed in multiple locations, and we have around 30,000 people.

    How are customer service and support?

    The technical support is good. They are helping us, and I would give them an eight out of ten.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We switched to Duo Security because it's easier to implement and can be spread across all the applications.

    What was our ROI?

    We have definitely seen an ROI from a protection perspective. It helped us a lot to protect against compromised accounts.

    What's my experience with pricing, setup cost, and licensing?

    Price-wise, it's not cheap, but it's not expensive at all either. It's in the middle.

    What other advice do I have?

    I would rate Duo Security at nine on a scale from one to ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Buyer's Guide
    Download our free Duo Security Report and get advice and tips from experienced pros sharing their opinions.
    Updated: July 2022
    Buyer's Guide
    Download our free Duo Security Report and get advice and tips from experienced pros sharing their opinions.