Cisco Duo Reviews

We actually partner with Duo Security. We use the API to send a step-up on your phone for granting access to normal doors. You can tap your physical fob card or any other device at the door, and then receive a push notification. Depending on the success or failure of the authentication, we can either grant or reject access at the door. So it provides two-factor authentication. We use Duo for that purpose, as well as for an API and our internal VPN.

However, with our product, we use Duo Security end-to-end. Duo Security has a blind spot when it comes to physical security. It doesn't cover scenarios where someone gains physical access to our network room, which involves different technologies outside of its scope. 

From my perspective, it can't be considered truly end-to-end in that regard. Nonetheless, Duo Security offers significant value for network security and VPN access. If we combine our product with Duo Security, then we can achieve comprehensive end-to-end security.

We work for businesses, B2B. So we work in the data center space. A lot of our work focuses on providing the best authentication at your access points, be it a door or a data center cabinet. 

We can integrate our device without requiring you to replace your card, so we can put our device in. You can keep your card. You don't have to replace it. You can simply tap your card, even if it's in your wallet or for home use. The process remains the same. I tap my card, receive a push notification on my phone, and then press enter to gain access. It's great because it ensures that it's actually me and not someone who found my card.

The product has helped our organization by providing easy-to-set-up security. Additionally, through our partnership, we can offer a use case that adds value to our customers. They don't have to deal with the hassle of replacing their existing systems; instead, they can extend their investment in Duo Security and apply it to their access points. This makes it easier for us to deliver value to our customers.

Having that second-factor validation with Duo, or any multifactor authentication solution, is highly important. There are numerous options available in the market. Whether it's Duo or others, the key is to have that additional layer of security. In our organization, we utilize Duo Security across various use cases, which makes perfect sense. 

With Duo Security, it is easy to get that validation you need to make sure that you have security. It's very easy to set it up. It's simple, but it's secure. For me, that's the best part.

Integration for a partner is very useful because you can work with the API or admin API, whatever it is, and get a lot of logging details and pass them to your SIM. It's very useful for that.

Duo Security provides a high level of certainty regarding the identity of the individual performing an action. Whether it's logging into a system, using VPN, or utilizing Autopay, establishing that trust is crucial. I can't imagine any security company, organization, or IT team that wouldn't prioritize having multifactor authentication enabled when accessing critical systems.

Duo's user authentication and device verification are indeed effective in preventing identity-based attacks. The second factor authentication and clarification it provides are valuable. While there are certain situations where we might desire additional data from the API, I consider that to be a minor aspect.

I have a few suggestions for improving Duo Security. One major aspect would be the ability to gather contextual data. This means being able to determine the location where someone is authenticating from and whether it aligns with their regular location patterns. While two-factor authentication with mobile devices provides a high level of security, it's still not foolproof, as someone could potentially steal your phone. It would be beneficial to have information about the authentication location. 

If a partner could obtain that data, we could implement it, or if we had our own application, we could incorporate this feature. Additionally, having the ability to customize aspects of the API or the app's appearance would be useful. For example, if you're using Duo for both VPN access and authentication, you might want a different user interface for each scenario. This way, you can easily identify if someone is impersonating you at the door or accessing your computer. These are some suggestions to enhance the functionality of Duo Security.

I have been using Duo Security for a few years. We've used Duo Security for all two-factor authentication.

Duo Security is a stable solution. 

It is a scalable solution. From what we've seen, it's pretty scalable. It's really good. In terms of when you get an API response, I don't have to keep pulling that endpoint; I just get a response back, which is better than some of the other ones that exist.

We actually have our own application that we can utilize as well. However, Duo is the prevalent one we use. As a security company, we've conducted tests on various options like Okta Verify and Duo, alongside our own solution. In the end, we opted for Duo. The decision was based on its ease of use.

Implementing Duo Security was actually quite easy. Depending on other factors involved, it could potentially be even easier. The integration process mainly requires three values: the client ID, the secret, and the integration key. It is enough to do. 

However, for layman customers, it might be easier to set it up in a different way, such as a one-click setup, to further simplify the process. This is something we can discuss and collaborate on as partners. Overall, though, the setup of Duo Security is easy to set up. 

Duo Security's add-in value lies in its access security for establishing trust for every access request, no matter where it comes from.

However, when I say "no matter where it comes from," it's not just about computer logins or VPNs; physical access requests are equally important. It covers both cybersecurity and physical security aspects. While Duo Security adds value to both areas, it's worth noting that it doesn't fully cover the physical security aspect, which is the focus of our integration. However, in terms of digital security, it is indeed effective.

Now, if someone is considering getting Duo Security, my recommendation would depend on their specific needs and reasons for wanting it. However, if their goal is to implement multifactor authentication, then absolutely, they should go for it.

Overall, I would rate the solution a nine out of ten. 

We use Cisco Duo for Cisco Webex smart remote client.

Cisco Duo improved our security posture. It improved our security.

The most valuable feature of Cisco Duo for us is the multi-factor authentication.

The price of Cisco Duo could be better.

I have been using Cisco Duo for about three months.

The stability of Cisco Duo is very high. I would rate it highly.

The solution scales well on a scale of one to ten, I would rate it an eight.

We don't use Cisco Duo's support directly, only through our supplier.

Positive

We used Microsoft Authenticator before switching to Cisco Duo because it was connected to other Cisco technologies.

The initial setup of Cisco Duo was quite easy.

Cisco Duo was implemented by our supplier, who set it up for us.

I would rate the pricing of Cisco Duo as a seven on a scale of one to ten, which means it is quite expensive.

We evaluated Microsoft Authenticator before choosing Cisco Duo.

I would recommend Cisco Duo for its reliability, stability, and ease of implementation.

I'd rate the solution eight out of ten.

My background is in electrical engineering. I have roughly almost thirty years in the industry, mostly in telecom, but the last ten years or so in enterprise. I'm currently in Anchorage, Alaska working for an organization that's Alaska-native company, which is more or less a conglomerate of different business lines. They work on everything from government contracts with NASA to construction to oil field operations, it's a lot of different businesses. 

Our Duo Security implementation was done about a little over three and a half to four years ago. It was about six months before I joined the company. It was done in response to a breach in the company that involved compromised credentials. 

I have personally been using Duo for as long as I've been in this company, so about three years.

We had a compromise of credentials and it resulted in a breach in the company. Had we had multifactor authentication at that time, we probably would have prevented that breach. In this day and age, I think multifactor authentication is an absolute requirement for anything you're doing. 

I lead an IT organization that has a significant amount of technical debt, and we're not in a zero-trust architecture yet. I'm pushing in that direction. Duo helps me considerably with my identity in an environment where I don't have zero trust. It's helping me bridge the gap until I can build a zero trust architecture. 

It has improved our cybersecurity resilience. Having multifactor authentication is critical because credential-based authentication is weak and it's going to be compromised. Having that additional factor in your authentication process is absolutely necessary. 

Right now, we're only using multifactor authentication. That's the most useful to us right now.

Reduction in risk is the whole point of multifactor. It's authenticating and augmenting the credentials and authenticating the individual that is trying to access your environment. It definitely reduces risk.

I would characterize Duo Security’s user authentication and device verification for helping to prevent identity-based attacks as good. It's intuitive for the users. It's easy to set up. The centralized management for our IT health service desk is good and doesn't take a lot of time. They're skilled with it. I really don't have any complaints.

The Duo Portal for our IT staff is efficient. It's utilized on a daily basis, and they're good with it. So I think it does allow staff to concentrate on other tasks.

I would say it's good at establishing trust for every access request, no matter where it comes from. Anything built by man can be broken by man. So there's always a challenge around that. They're trying to overcome those push bombing and challenges like that, and we're on that journey with them. 

Password management is difficult for us, especially for users. We would like to go passwordless. If we can go passwordless then you don't have a password manager. 

I am looking at other security features with Duo right now. We're currently looking at the passwordless options. We're looking at VPN displacement options. We're looking at those things right now. We haven't adopted yet. 

My impression of the stability is good. I haven't seen issues in the app, the portal, or anything.

Scalability is there. Our organization is somewhere around 5,000 employees, and that is not very many users for a platform like Duo, so I don't see any issues with scalability.

I've been using Cisco support for the better part of 25 years. I've seen good, I've seen bad. 

Cisco support has improved over the years, they tend to be better at getting back to you.

The only challenge is finding the right person sometimes. From what I've seen, being a named account is a big deal. When I came to this organization, they worked named accounts, and I worked really hard to become one because I knew the difference, and our support has greatly improved since becoming one. I have a person I can call and I know they can find the right person to help me get my problem solved. 

There are going to be problems with any system that's as complex as the products that Cisco sells. That's to be expected. It's really about how you get them resolved and how your partnership is there to make sure you're back up and running. Cisco, I believe, is really committed to that. 

I would rate them at an eight because there's no ten and because they have the in-house expertise to solve the problem once you can find them. They have the resources to bring to bear to solve just about any problem you can imagine. They are a committed partner. 

Positive

I have personally used other multi-factor authentication platforms. I currently do personally use others. Duo was selected by the company before I came there, and I've been very pleased with it.

I would say we have absolutely seen ROI. We have not had another breach that involved a loss of credentials since implementation.

The cost is very comparable to other solutions that I've used. I would in no way see any weaknesses in Duo over the other products, I would say it's a premium product, and it commands a premium price.

I would rate Cisco Duo Security an eight out of ten.

You don't need any other Cisco security products in order to use it. That's what makes it easy.

Normally, people use it for multi-factor authentication. It's an easy-to-install multi-factor authentication platform.

Regarding the valuable features, I would say that Duo Security is easy to use, has speed, and is dependable.

It would be nice if there was a biometric option rather where you could accept with a fingerprint. Like, in an iPhone, they have fingerprint authentication and face ID. It would be nice if there was a biometric acceptance as opposed to just clicking and accepting.

I have been using Duo Security for thirteen years. I am a distributor of the solution.

Regarding stability, I don't know if that comes into question. With my clients, I haven't seen them facing stability issues.

I have seen it deployed in an organization with 50 people and another with 5,000 people.

I love the solution's technical support. Regarding the adjectives I would use to describe the support, I would say that the support was professional and accommodating. I wish that the support would be a little bit more prompt and a little bit more flexible because there are certain things that they will do and certain things they won't do. Then they push what they won't do back down to the distributor.

I also wish that they consider us as distributors because we're not the traditional partner. It's almost like we are Cisco. I wish that we could share more resources behind Cisco Firewall and behind Cisco's resources. I rate the support an eight out of ten.

Positive

The reason we chose Duo Security over its competitors is because it's a freebie that you can try and see how it goes. There is also the ease of integration with Duo Security. I don't really know of any other MFA that is as simple. With Duo Security, it's like, here's your authorization, and you need to click on the yes or no options.

I would say that the solution does increase security because it does require MFA, and as long as the company enforces it installed on a specific device, it works.

It does not secure my infrastructure from end to end and detect or remediate threats. It's not the function of the product.

Regarding my assessment of Duo Security for establishing trust for every access request, no matter where it comes from, I would say that it is absolutely dependent on how the company deploys it. If the company says just deploy Duo Security on an old device, then it's kind of a hope.

 The whole point of having Duo Security is that it considers all resources to be external. 

Multi-factor authentication in general helped my organization improve its cybersecurity resilience. Any MFA will do that.

I would tell those considering having Duo Security in their organization that it's easy. You don't need to have every other Cisco product out there since I know that, for a fact, you can do it with Sophos and Fortinet. You can do it with other products, not just Cisco.

I rate the overall product an eight out of ten.

A colleague and I conducted some market research, where we found the solution and implemented it according to our needs. We installed the agents in our server, which communicate with Duo Security and send a prompt to our mobiles which is very convenient. We can also use the authenticator with other products and integrate it with a password reset disk. The product covers all of our needs.

The solution allows us to cover significant organizations and audit organizations with very high-security demands. At that level, security is non-negotiable, and Duo Security provides a second layer multi-factor server authentication, easy implementation, and Microsoft integration. 

The integration with Azure Active Directory and the AWS cloud is amazing, as most products nowadays require the creation of a customized integration. With Duo Security, it was more like native integration, and it took me five minutes to register.

The solution is straightforward, requiring minimal training and expertise to operate; IT staff have no problem understanding it.

The GUI is excellent, and the solution has valuable features, including policies and easy integration. It's a fantastic product.

Cisco owns Duo Security, and they are trusted everywhere, so establishing trust for access requests is never an issue. This is a major factor because when it comes to security, the solution must come from a trusted organization. We don't want to place our security in the hands of unknown third-party organizations; data leaks are a genuine concern. 

I can't give specific details of my organization's security risks, but I can say that Duo Security has eliminated trust from my organization's network architecture. 

I'm amazed by the product, especially by the ease of implementation. One of our major clients was equally impressed with the product. We use this solution to secure our network, which meets all our needs.   

Compared with other products, Duo Security is excellent; I'm very impressed, and so are my colleagues. I can't speak highly enough of this solution. The support of hybrid work is vital nowadays, as many organizations are moving from on-premises to cloud and hybrid environments, so it's important for the product to be compatible with both environments.

In the enterprise segment, we require many solutions to defend against different threats, with each system responsible for its own security function. Duo Security remediates the specific threats we need and has all the necessary features. 

I would rate the solution a 10 out of 10 in this area. 

Integration with a product such as Microsoft Sentinel would be great. As the product continually improves, I'm unsure if this feature is available.

We have been using the solution for two years. 

The solution is 100% stable.

I work with many products, and I've realized that the ones based in America run SMS and phone call communications through Twilio. As we are outside America, Twilio isn't correctly integrated with our local ISPs, so it has some issues with our IPs. This can impede our communications and is an issue I've faced multiple times because of Twilio.

The platform is highly scalable, and Duo Security is constantly improving its product; I receive weekly emails about new features and improvements they have made.

The support staff are fantastic, they're very impressive and I would rate them a 10 out of 10. 

Positive

We use the native Microsoft Authenticator and implement Duo Security as an additional layer of protection.

The initial setup is straightforward; Duo Security provides excellent documentation and support compared to other companies. This solution can be deployed in a day.

I deployed the solution myself using the provided documentation and sometimes reached out to support. I never had an issue, and implementation took just two days.

We definitely received an ROI; the solution improved our security by perhaps 70%, and this particular landing zone requires significant protection.

I only need the solution for IT staff, which makes it relatively cheap. If I deployed it for the whole company, it would be costly, so it depends on the number of users. Duo Security is affordable compared to other products in the segment.

I don't exactly remember which other solutions we considered, but we used G2's platform's reports to evaluate them.

I would rate this solution a nine out of ten. 

The maintenance of network connectivity depends on the complexity of the organization. It is easy to implement for our company and our architecture, but it wouldn't be as easy for a more complex network structure like a bank. We use the SaaS version of the product, so it's straightforward to implement and maintain. 

Our staff weren't used to using MFA, so it was initially frustrating for them, but this is a security requirement for us, and they adapted to it.

I would advise leaders looking to build resilience in their organization to implement another MFA product like Duo Security. 

My primary use case for Cisco Duo revolves around multifactor authentication, which serves as a secondary layer of security for all users within our organization.

The authentication and single sign-on features of Cisco Duo have been particularly valuable for enhancing user identity verification and providing an additional layer of security for our organization.

The product price needs improvement. 

I have been using Cisco Duo for approximately six to seven years. I am using the latest version available.

I rate the platform stability a nine. 

We can scale Cisco Duo up or down to accommodate our company's requirements. Around 120 executives in our team utilize it. I rate the scalability an eight.

While implementing Cisco Duo may require additional time for secondary multifactor authentication, it has significantly enhanced our organization's security posture, providing valuable returns in terms of heightened security measures.

I rate the product pricing a seven out of ten. 

The platform plays a crucial role in supporting our organization's remote access security needs by serving as the secondary email security for our VPN, thereby enabling secure remote access for our employees.

It has continuously evolved by introducing new solutions and products to address emerging security threats in our industry, demonstrating its commitment to staying ahead of evolving security challenges.

If the pricing aligns with their budget, I recommend considering Cisco Duo for its robust security features and scalability.  It is highly adaptable and scalable, making it suitable for organizations of various sizes within the industry. Thus, there are no significant considerations to be made regarding infrastructure compatibility.

I rate it an eight out of ten overall.

We use it for multi-factor authentication. That's the only use case we have now. We're not using it to its maximum capabilities but we'll use it for more functions moving forward.

Duo Security has improved our cybersecurity resilience. Multi-factor authentication gives us another layer of protection. Having another layer of security is very important for us.

Duo Security establishes trust for every access request, no matter where it comes from. This is something that's absolutely needed.

It's easy to deploy. It's easy to manage. It's easy to integrate with other applications. 

We also use it for single sign-on with Meraki and VPN access for non-Cisco firewalls, but we're now migrating to Cisco firewalls. It's easy to deploy, and it works.

I'm not using it as much as I could. So far, it has everything I need. I don't have any requirements or improvements. Everything is working smoothly, and we're happy with it.

We have been using Duo Security for about two years.

Its stability is great.

We have 1,500 users that use Duo Security. We're planning to use Duo Security for more applications, but the number of users won't increase anymore, so in terms of scalability, I don't think we'll have any issues.

We have opened some cases with Cisco for questions and things at all, and they were very helpful. They're very good. They answer questions quickly, and the people who work there are knowledgeable, so I can't complain. I'd rate them a ten out of ten because I got prompt responses and knowledgeable people.

Positive

We were using Microsoft Authenticator before, but we had a lot of problems with that, so we had to move away from that. Initially, we didn't have any multi-factor authentication, so having a multi-factor authentication for multiple applications and services that we provide helps us in making our network more secure.

You synchronize your AD with Duo Security and create all the groups for access.  You send the emails to do the deployment, and you load the cell phone numbers. That's for the end-user side, and for the firewall, we have the proxies. We're using a proxy for one of the products. Our firewall sends RADIUS requests to the proxy, and the proxy communicates to Duo Cloud. The virtual machine deployment for the process was very easy. The configuration takes a few steps, but it's easy.

We've both on-premise and cloud deployments. We're using the tool on the cloud, but we don't have any infrastructure on the cloud.

We did the deployment ourselves.

We have seen an ROI. The cost of not having it means you're vulnerable to hacking and other things. Nowadays, multi-factor authentication is required for insurance. It's a must now.

It's very simple. Its price is fair. We use the hardware tokens as well. You get what you pay for.

In terms of licensing, Cisco has very complicated products, but Duo Security was surprisingly easy. The licensing model is easy. The license is based on the intent. You can see how many licenses you have. It's one of the easiest solutions I have deployed, so I'm very happy about it. Every other Cisco product—such as switches, APs, wireless, and controllers—has a very complicated license model. The new smart license model doesn't always work. It's very complicated. The vendors will put your license somewhere else. You need to talk to vendors. It's complicated, but Duo Security licensing is simple.

We evaluated RSA, Microsoft, and Duo Security. We evaluated these three, and we realized that Duo Security had better reviews, and it was easier to deploy and cost-effective, so it made sense to use it.

Overall, I'd rate Duo Security a ten out of ten.

We use it for two-factor authentication (2FA) for accessing our portal.

From a security standpoint, 2FA is very crucial, and having a multitude of ways for consumers in your property to utilize 2FA is helpful.

Duo Security has its place in securing our infrastructure. It's great for that, but not for securing our infrastructure end to end because there's no such thing as an end-to-end cure for all the security.

It is great for reducing the risk of breaches. Having 2FA and making it simple for users, it reduces the risk of getting phished or scammed.

Duo Security considers all resources to be external, which is a good idea because everything is done in a completely untrusted model. It's absolutely important for us.

Our cybersecurity resilience has improved in one way. We were successfully able to deploy it to a base system. It's uniform across the whole property, and everyone is using it.

It's simple. It's reliable. I haven't had any issues with it.

It's fairly simple. Our end users don't have many issues with it other than getting locked out for administrative purposes, but it's not something to do with Duo Security. There might be a little slowness, but that could be my connection.

We have been using this solution in our company for about two years. I have been with the company since we started using it.

I haven't had any problems. In a worst-case scenario, there might be a little slowness, but that could be my connection. They're pretty proactive when they do have issues. I get alerts right away saying that Duo Security is having problems, and they are being looked into.

Their support is okay. They always respond. Sometimes you get really good engineers, and sometimes you don't, but at least they're there. I'd rate them a seven out of them.

Neutral

We had a few other systems. It was piecemeal. We were trying Okta at one point. We were doing demos of the products trying to find the right one. I've limited experience with them, but our security team did a full evaluation. A few times, I've seen demos, which was a while ago, they all seem to be pretty close. It's pretty tough out there. We might have been roped into Duo Security with some other deal that we did with Cisco.

I was not involved in its deployment. Our security team does most of the deployment factor on that. I do remember the provisioning process, and it seemed pretty painless. We have about 5,000 employees, and I'm sure getting the education to the users about what we're doing would have been an effort, but overall, it was pretty easy.

In terms of deployment, it's on the cloud. It's probably a hybrid cloud, but I'm not sure.

There's definitely a return on investment because one compromise can cost billions of dollars.

I'd rate Duo Security a nine out of ten. I haven't had any problems. It's great.