Cisco Duo Reviews

We actually partner with Duo Security. We use the API to send a step-up on your phone for granting access to normal doors. You can tap your physical fob card or any other device at the door, and then receive a push notification. Depending on the success or failure of the authentication, we can either grant or reject access at the door. So it provides two-factor authentication. We use Duo for that purpose, as well as for an API and our internal VPN.

However, with our product, we use Duo Security end-to-end. Duo Security has a blind spot when it comes to physical security. It doesn't cover scenarios where someone gains physical access to our network room, which involves different technologies outside of its scope. 

From my perspective, it can't be considered truly end-to-end in that regard. Nonetheless, Duo Security offers significant value for network security and VPN access. If we combine our product with Duo Security, then we can achieve comprehensive end-to-end security.

We work for businesses, B2B. So we work in the data center space. A lot of our work focuses on providing the best authentication at your access points, be it a door or a data center cabinet. 

We can integrate our device without requiring you to replace your card, so we can put our device in. You can keep your card. You don't have to replace it. You can simply tap your card, even if it's in your wallet or for home use. The process remains the same. I tap my card, receive a push notification on my phone, and then press enter to gain access. It's great because it ensures that it's actually me and not someone who found my card.

The product has helped our organization by providing easy-to-set-up security. Additionally, through our partnership, we can offer a use case that adds value to our customers. They don't have to deal with the hassle of replacing their existing systems; instead, they can extend their investment in Duo Security and apply it to their access points. This makes it easier for us to deliver value to our customers.

Having that second-factor validation with Duo, or any multifactor authentication solution, is highly important. There are numerous options available in the market. Whether it's Duo or others, the key is to have that additional layer of security. In our organization, we utilize Duo Security across various use cases, which makes perfect sense. 

With Duo Security, it is easy to get that validation you need to make sure that you have security. It's very easy to set it up. It's simple, but it's secure. For me, that's the best part.

Integration for a partner is very useful because you can work with the API or admin API, whatever it is, and get a lot of logging details and pass them to your SIM. It's very useful for that.

Duo Security provides a high level of certainty regarding the identity of the individual performing an action. Whether it's logging into a system, using VPN, or utilizing Autopay, establishing that trust is crucial. I can't imagine any security company, organization, or IT team that wouldn't prioritize having multifactor authentication enabled when accessing critical systems.

Duo's user authentication and device verification are indeed effective in preventing identity-based attacks. The second factor authentication and clarification it provides are valuable. While there are certain situations where we might desire additional data from the API, I consider that to be a minor aspect.

I have a few suggestions for improving Duo Security. One major aspect would be the ability to gather contextual data. This means being able to determine the location where someone is authenticating from and whether it aligns with their regular location patterns. While two-factor authentication with mobile devices provides a high level of security, it's still not foolproof, as someone could potentially steal your phone. It would be beneficial to have information about the authentication location. 

If a partner could obtain that data, we could implement it, or if we had our own application, we could incorporate this feature. Additionally, having the ability to customize aspects of the API or the app's appearance would be useful. For example, if you're using Duo for both VPN access and authentication, you might want a different user interface for each scenario. This way, you can easily identify if someone is impersonating you at the door or accessing your computer. These are some suggestions to enhance the functionality of Duo Security.

I have been using Duo Security for a few years. We've used Duo Security for all two-factor authentication.

Duo Security is a stable solution. 

It is a scalable solution. From what we've seen, it's pretty scalable. It's really good. In terms of when you get an API response, I don't have to keep pulling that endpoint; I just get a response back, which is better than some of the other ones that exist.

We actually have our own application that we can utilize as well. However, Duo is the prevalent one we use. As a security company, we've conducted tests on various options like Okta Verify and Duo, alongside our own solution. In the end, we opted for Duo. The decision was based on its ease of use.

Implementing Duo Security was actually quite easy. Depending on other factors involved, it could potentially be even easier. The integration process mainly requires three values: the client ID, the secret, and the integration key. It is enough to do. 

However, for layman customers, it might be easier to set it up in a different way, such as a one-click setup, to further simplify the process. This is something we can discuss and collaborate on as partners. Overall, though, the setup of Duo Security is easy to set up. 

Duo Security's add-in value lies in its access security for establishing trust for every access request, no matter where it comes from.

However, when I say "no matter where it comes from," it's not just about computer logins or VPNs; physical access requests are equally important. It covers both cybersecurity and physical security aspects. While Duo Security adds value to both areas, it's worth noting that it doesn't fully cover the physical security aspect, which is the focus of our integration. However, in terms of digital security, it is indeed effective.

Now, if someone is considering getting Duo Security, my recommendation would depend on their specific needs and reasons for wanting it. However, if their goal is to implement multifactor authentication, then absolutely, they should go for it.

Overall, I would rate the solution a nine out of ten. 

We use Cisco Duo for Cisco Webex smart remote client.

Cisco Duo improved our security posture. It improved our security.

The most valuable feature of Cisco Duo for us is the multi-factor authentication.

The price of Cisco Duo could be better.

I have been using Cisco Duo for about three months.

The stability of Cisco Duo is very high. I would rate it highly.

The solution scales well on a scale of one to ten, I would rate it an eight.

We don't use Cisco Duo's support directly, only through our supplier.

Positive

We used Microsoft Authenticator before switching to Cisco Duo because it was connected to other Cisco technologies.

The initial setup of Cisco Duo was quite easy.

Cisco Duo was implemented by our supplier, who set it up for us.

I would rate the pricing of Cisco Duo as a seven on a scale of one to ten, which means it is quite expensive.

We evaluated Microsoft Authenticator before choosing Cisco Duo.

I would recommend Cisco Duo for its reliability, stability, and ease of implementation.

I'd rate the solution eight out of ten.

You don't need any other Cisco security products in order to use it. That's what makes it easy.

Normally, people use it for multi-factor authentication. It's an easy-to-install multi-factor authentication platform.

Regarding the valuable features, I would say that Duo Security is easy to use, has speed, and is dependable.

It would be nice if there was a biometric option rather where you could accept with a fingerprint. Like, in an iPhone, they have fingerprint authentication and face ID. It would be nice if there was a biometric acceptance as opposed to just clicking and accepting.

I have been using Duo Security for thirteen years. I am a distributor of the solution.

Regarding stability, I don't know if that comes into question. With my clients, I haven't seen them facing stability issues.

I have seen it deployed in an organization with 50 people and another with 5,000 people.

I love the solution's technical support. Regarding the adjectives I would use to describe the support, I would say that the support was professional and accommodating. I wish that the support would be a little bit more prompt and a little bit more flexible because there are certain things that they will do and certain things they won't do. Then they push what they won't do back down to the distributor.

I also wish that they consider us as distributors because we're not the traditional partner. It's almost like we are Cisco. I wish that we could share more resources behind Cisco Firewall and behind Cisco's resources. I rate the support an eight out of ten.

Positive

The reason we chose Duo Security over its competitors is because it's a freebie that you can try and see how it goes. There is also the ease of integration with Duo Security. I don't really know of any other MFA that is as simple. With Duo Security, it's like, here's your authorization, and you need to click on the yes or no options.

I would say that the solution does increase security because it does require MFA, and as long as the company enforces it installed on a specific device, it works.

It does not secure my infrastructure from end to end and detect or remediate threats. It's not the function of the product.

Regarding my assessment of Duo Security for establishing trust for every access request, no matter where it comes from, I would say that it is absolutely dependent on how the company deploys it. If the company says just deploy Duo Security on an old device, then it's kind of a hope.

 The whole point of having Duo Security is that it considers all resources to be external. 

Multi-factor authentication in general helped my organization improve its cybersecurity resilience. Any MFA will do that.

I would tell those considering having Duo Security in their organization that it's easy. You don't need to have every other Cisco product out there since I know that, for a fact, you can do it with Sophos and Fortinet. You can do it with other products, not just Cisco.

I rate the overall product an eight out of ten.

We use Duo Security for multi-factor authentication.

The product makes our organization more secure.

Duo is reliable and easy to use. I’m pretty happy with all of the features. The user experience is pretty good. People without any technical background can run the applications without any issues.

The technical engineers in the first line of support should improve their knowledge. We often have to bounce all the cases to different levels.

I have been using Duo Security for more than ten years.

Technical support is pretty responsive. When there was an issue, support was able to provide a solution.

Neutral

From the security team’s perspective, the solution is pretty easy to deploy. From an end user’s perspective, it is very easy to download it and add the device to the profiles.

We deploy the solution in-house.

The pricing is reasonable.

Since I'm not an admin, I don't know how the device gets set up. The product is pretty good at securing our infrastructure. It protects everything and hardly leaves anything open. The infrastructure is secured.

Duo Security cannot do it all when it comes to reducing the risk of breaches. It can probably provide up to 50%, and the rest depends on the user. Things like phishing emails depend on the user. There is nothing that Duo Security can't do. The product does a pretty good job of protecting the infrastructure.

Duo Security’s user authentication and device verification are very good and very reliable. When we get a message to upgrade, we upgrade the tool. I don't have to spend a lot of time to get the device up to date.

The solution is reliable for establishing trust for every access request. It definitely is able to establish trust for the identity to protect the infrastructure. Our organization doesn’t necessarily believe that all resources must be considered external. We try to strike a balance between convenience and security. We don't treat everything as external. We keep certain internal stuff that doesn't have to go through the authentication.

The product increases the awareness of the employees about cybersecurity. Every time I log in, a Duo box pops up saying that I am authenticated and not leaving everything wide open. Try it and get a trial base, and then you will see the difference the tool can make.

Duo is the first platform that we used. My organization did an analysis to see how many potential attacks we'll have and how much money will be lost if we do not deploy Duo. I am not sure about the metrics, though.

Overall, I rate the product a nine out of ten.

My main use case for Cisco Duo is to detect network-based threats.

There is one situation where malware is downloaded via a link, and Cisco Duo has blocked this URL, demonstrating how I use Cisco Duo as a detector for network-based threats.

We can correlate Cisco Duo with other data sources such as cloud and Azure, which represents another interesting scenario about how I use Cisco Duo.

The best feature Cisco Duo offers is its simplicity.

The interface is what makes Cisco Duo simple for me.

Cisco Duo has positively impacted my organization as we can analyze the logs to detect threats.

Analyzing logs and detecting threats with Cisco Duo helps customers gain confidence in our company, showing the positive effects it has had on my organization.

Cisco Duo could be improved with more interesting rules or correlation rules between all the data sources such as Windows and Azure.

I have been using Cisco Duo for six months.

I have not yet implemented Cisco Duo's end-to-end phishing resistance with capabilities such as proximity verification to strengthen my organization's ability to defend against modern phishing and identity-based attacks.

There are no other improvements needed with Cisco Duo that we have not discussed. I would rate this product an 8.

At this point, the primary use case of Cisco Duo is to secure access to systems, applications, and data through multi-factor authentication (MFA), and we use Cisco Duo, which we also provide to other clients. We implemented it and use it ourselves. The IT and finance departments should be involved in the process.

Simplified Access Management with a centralized admin control, security remote access even with their BYOD etc.

All features of the solution are effective, Duo supports BYOD policies by allowing users to authenticate securely from their personal devices. This flexibility allows employees to work from anywhere while ensuring that only secure devices can access corporate data. This has been very effective for our organization, and we have not encountered any issues. We use Cisco Duo and provide it to our clients as well. We implemented it and also use it internally. The IT and finance departments should be involved.

I found some issues yet do not remember them specifically. There was an project requirement related to facial recognition integration imbedded in duo.

I have been using this solution for two years.

The stability of the solution is okay. We have not found any issues.

Until now, we did not find issues related to scalability as we did not implement the solution at a large scale.

The customer service is okay. However, the response time could be faster.

Positive

The initial setup consists mostly of demos, so it is not very hard to implement. 

Additionally, there is also online support available. The setup took around a week, depending on how big the infrastructure is.

The setup cost is reasonable, estimated at around six euros per month.

We did not find any issues. The clients who want to acquire this product need to change something in the security infrastructure by implementing MFA security authentication, like Duo, and so on. My overall rating for the solution is ten out of ten.

We use Duo Security for authentication for all of our SaaS applications. We also use it for RADIUS authentication.

Duo Security makes logging into all our applications easy with one stop for all our activity there. We use Cisco across the board for networking, and we love Cisco.

Since Duo Security provides a single place to log in for our SaaS applications, we don't have to manage user accounts and remember passwords for each specific application.

Duo Security should better organize its tile feature to organize applications better.

We have been using Duo Security for about three years.

Duo Security's stability is good, and we haven't had any issues.

Duo Security's scalability is good. We are a fairly large organization but haven't had any scalability issues.

Duo Security's technical support is great. They do a better job on the Duo side than on the networking side for support.

Positive

We've used Okta in the past. Okta has a really good auto-login feature. Duo Security can do the same thing, but Okta might do it a little bit better. It just automatically logs in if it's part of your profile.

We switched to Duo Security because of our relationship with our account reps.

We have seen a return on investment using Duo Security because it saves time.

Duo Security's pricing is good, fair, and very comparable to today's market.

Duo Security Self-Service Portal has significantly helped free up our IT staff for other projects. Instead of managing thousands of accounts across hundreds of SaaS applications, it's all in one spot now. Duo Security has probably saved us four or five hours at least.

I think Duo Security does a great job of establishing trust for every access request, no matter where it comes from.

It is very important for our organization that the solution considers all resources to be external because it frames the activity as zero trust, and that's how we run our network to zero trust across the board. So when you treat all resources as external, we want to lock them down every time and not just have random passwords floating everywhere.

Duo Security will significantly simplify the life of someone who wants to improve cybersecurity in their organization, and they should definitely try it.

Overall, I rate Duo Security ten out of ten.

We were really looking for two-factor authentication to secure our applications. We are basically looking for it to reduce risk.

I am in the retail space at a company with more than 2,500 employees.

It is SaaS. For VPN, we have our on-prem RADIUS servers, and there is an agent on our servers for RDP.

I definitely had some places where employees had password breaches in other locations, and it saved us there.

It has definitely decreased our security risk.

It does a really good job of helping workers feel safe, secure, supported, and included. In the beginning, it was new to everybody, so there was a little bit of friction with the onboarding. However, after everybody got used to it, they were quickly able to run with it and had very few problems using it. This has definitely been important for us. 

Duo has helped us remediate threats more quickly by having one spot to look at. We can see whether a user authenticated it from somewhere or if they were denied a two-factor request.

The most valuable feature is just the ease of use. Out-of-the-box, there are so many integrations that are really easy to set up and use in a matter of minutes, depending on what the application is.

It establishes trust with every integration or any sort of application that you are using, whether it is VPNs, Azure AD, or remote desktop.

Duo provides single-pane-of-glass management. This is pretty important, especially if you are trying to respond to a security event. You don't want to look at different places and potentially forget to look at one spot. Now, we can have all our logs in one spot.

The single-pane-of-glass management does a really good job of optimizing the user experience, especially with the updates that they provide. They really take in customer feedback. I have been on several customer feedback panels before, and they do surveys. They are constantly improving the product.

They could just continue to add more integrations.

I have been using it for about seven years, since 2015.

It is pretty stable. They are really proactive. So, if there is an issue with a certain cloud instance or feature, they are proactive. They email you and tell you what is going on, sending updates. Stability-wise, we have hardly had any issues using them. It hasn't affected our production at all.

Maintenance is minimal. There are some agent updates that you need to do every now and then, but for the cloud stuff, that is all taken care of.

It is really scalable. It is easy once you get an application in. You can import users from Active Directory and enroll users really fast.

I have only had to use them a couple of times. Every time, support was pretty easy to use. I would rate them as nine out of 10.

Positive

We previously didn't have any sort of two-factor authentication. We were just looking for more security so people wouldn't be reusing passwords or have data breaches. 

Earlier, we had solutions in the cloud and on-prem. So, it just helps having it in one spot. We can make sure any applications that we are using have been secured.

The deployment took two months. We did a proof of concept, which didn't include that time. That time was just for the first application that we did, which was about two months. Then, as we grew into it, we added more applications so time was added as well.

We have seen ROI, but I wouldn't know what that metric would be. I don't have an off-hand, hard metric for that. It is for the unseen risk, and how do you measure an unseen risk?

It definitely offers resiliency. If you are managing all your applications in one location, you can lock people out of it. So, it is just a fast way to remediate any sort of security issues. It has been important for reducing all the risk that comes with users having access to internal applications or cloud applications.

It has a fair pricing model. I know they have different tiers, but it would be nice to have different types of licenses for certain groups of users in our organization. That way, we wouldn't have to lump everybody into one group. That would be also one complaint.

We did evaluate other options. Since it was so long ago, I can't remember which other ones we looked at, but I do remember they were not as easy to implement.

We chose Duo Security for its ease of implementation and the number of applications that they are integrated with.

Definitely take the end user process or perspective into account when trying to choose something. I feel like that will make or break a product.

We did VPN. Network connectivity was a requirement for VPN. In that regard, it would be easy.

I would rate it as nine out of 10.

A colleague and I conducted some market research, where we found the solution and implemented it according to our needs. We installed the agents in our server, which communicate with Duo Security and send a prompt to our mobiles which is very convenient. We can also use the authenticator with other products and integrate it with a password reset disk. The product covers all of our needs.

The solution allows us to cover significant organizations and audit organizations with very high-security demands. At that level, security is non-negotiable, and Duo Security provides a second layer multi-factor server authentication, easy implementation, and Microsoft integration. 

The integration with Azure Active Directory and the AWS cloud is amazing, as most products nowadays require the creation of a customized integration. With Duo Security, it was more like native integration, and it took me five minutes to register.

The solution is straightforward, requiring minimal training and expertise to operate; IT staff have no problem understanding it.

The GUI is excellent, and the solution has valuable features, including policies and easy integration. It's a fantastic product.

Cisco owns Duo Security, and they are trusted everywhere, so establishing trust for access requests is never an issue. This is a major factor because when it comes to security, the solution must come from a trusted organization. We don't want to place our security in the hands of unknown third-party organizations; data leaks are a genuine concern. 

I can't give specific details of my organization's security risks, but I can say that Duo Security has eliminated trust from my organization's network architecture. 

I'm amazed by the product, especially by the ease of implementation. One of our major clients was equally impressed with the product. We use this solution to secure our network, which meets all our needs.   

Compared with other products, Duo Security is excellent; I'm very impressed, and so are my colleagues. I can't speak highly enough of this solution. The support of hybrid work is vital nowadays, as many organizations are moving from on-premises to cloud and hybrid environments, so it's important for the product to be compatible with both environments.

In the enterprise segment, we require many solutions to defend against different threats, with each system responsible for its own security function. Duo Security remediates the specific threats we need and has all the necessary features. 

I would rate the solution a 10 out of 10 in this area. 

Integration with a product such as Microsoft Sentinel would be great. As the product continually improves, I'm unsure if this feature is available.

We have been using the solution for two years. 

The solution is 100% stable.

I work with many products, and I've realized that the ones based in America run SMS and phone call communications through Twilio. As we are outside America, Twilio isn't correctly integrated with our local ISPs, so it has some issues with our IPs. This can impede our communications and is an issue I've faced multiple times because of Twilio.

The platform is highly scalable, and Duo Security is constantly improving its product; I receive weekly emails about new features and improvements they have made.

The support staff are fantastic, they're very impressive and I would rate them a 10 out of 10. 

Positive

We use the native Microsoft Authenticator and implement Duo Security as an additional layer of protection.

The initial setup is straightforward; Duo Security provides excellent documentation and support compared to other companies. This solution can be deployed in a day.

I deployed the solution myself using the provided documentation and sometimes reached out to support. I never had an issue, and implementation took just two days.

We definitely received an ROI; the solution improved our security by perhaps 70%, and this particular landing zone requires significant protection.

I only need the solution for IT staff, which makes it relatively cheap. If I deployed it for the whole company, it would be costly, so it depends on the number of users. Duo Security is affordable compared to other products in the segment.

I don't exactly remember which other solutions we considered, but we used G2's platform's reports to evaluate them.

I would rate this solution a nine out of ten. 

The maintenance of network connectivity depends on the complexity of the organization. It is easy to implement for our company and our architecture, but it wouldn't be as easy for a more complex network structure like a bank. We use the SaaS version of the product, so it's straightforward to implement and maintain. 

Our staff weren't used to using MFA, so it was initially frustrating for them, but this is a security requirement for us, and they adapted to it.

I would advise leaders looking to build resilience in their organization to implement another MFA product like Duo Security. 

On my end, Cisco Duo suits my account needs well. The application remains in place. We generally apply Cisco Duo across various use cases. Many customers, including banks and private organizations, use it for enhanced security, particularly in financial and general security tasks.

I am interested in adding auto-admin services and incorporating icons for easier navigation. This could contribute to a new business idea platform. I have seen the features, and they make things easier, resolving issues from before. The platform has been updated, and there's now another link in my platform for media access.

When it comes to improvements, the UI can be more user-friendly, and there is room for easier navigation. 

There could be enhancements in customization. I haven't had issues with storage or backup, but I am open to improvements in customization functionality. It's not my environment, but I see possibilities for improvement in the deployment of funds.

I have been using Cisco Duo for the past year. Customers request server protection using various servers, and it can integrate with applications. It is an MFA solution, designed for server access and data security.

Typically, I manage things directly from the GUI, and I handle whatever comes up. So far, stability has been an issue, but I am not the creator of the solution, so I cannot predict future occurrences. 

Generally, it has been fine without any notable issues, but the future is uncertain. I would rate it 8 out of 10. 

It is scalable and I would rate it 8 out of 10. Regarding the size of your customers, they are mostly large enterprises.

We haven't encountered any significant issues so far. The only time we need to contact support is when something arises, and they promptly address it. Everything else has been running smoothly.

Neutral

I would rate it seven because it comes with numerous features that require continuous upgrades. I have observed the need for consistent updates in the inventory. It is beneficial for newcomers to the platform, as data is continuously added, and automation has reduced the effort required to find information. It roughly takes 12 hours to be deployed.

I am not aware of the pricing. There are two departments, and I don't have any information about them.

Cisco Duo effectively safeguards against customer factors, such as unauthorized access attempts or server breaches. It provides a high level of protection, ensuring only authorized individuals have access to the environment. I am confident in its security features.

I would rate it 8 out of 10.