Cisco Duo Reviews

We use it for multi-factor authentication. That's the only use case we have now. We're not using it to its maximum capabilities but we'll use it for more functions moving forward.

Duo Security has improved our cybersecurity resilience. Multi-factor authentication gives us another layer of protection. Having another layer of security is very important for us.

Duo Security establishes trust for every access request, no matter where it comes from. This is something that's absolutely needed.

It's easy to deploy. It's easy to manage. It's easy to integrate with other applications. 

We also use it for single sign-on with Meraki and VPN access for non-Cisco firewalls, but we're now migrating to Cisco firewalls. It's easy to deploy, and it works.

I'm not using it as much as I could. So far, it has everything I need. I don't have any requirements or improvements. Everything is working smoothly, and we're happy with it.

We have been using Duo Security for about two years.

Its stability is great.

We have 1,500 users that use Duo Security. We're planning to use Duo Security for more applications, but the number of users won't increase anymore, so in terms of scalability, I don't think we'll have any issues.

We have opened some cases with Cisco for questions and things at all, and they were very helpful. They're very good. They answer questions quickly, and the people who work there are knowledgeable, so I can't complain. I'd rate them a ten out of ten because I got prompt responses and knowledgeable people.

Positive

We were using Microsoft Authenticator before, but we had a lot of problems with that, so we had to move away from that. Initially, we didn't have any multi-factor authentication, so having a multi-factor authentication for multiple applications and services that we provide helps us in making our network more secure.

You synchronize your AD with Duo Security and create all the groups for access.  You send the emails to do the deployment, and you load the cell phone numbers. That's for the end-user side, and for the firewall, we have the proxies. We're using a proxy for one of the products. Our firewall sends RADIUS requests to the proxy, and the proxy communicates to Duo Cloud. The virtual machine deployment for the process was very easy. The configuration takes a few steps, but it's easy.

We've both on-premise and cloud deployments. We're using the tool on the cloud, but we don't have any infrastructure on the cloud.

We did the deployment ourselves.

We have seen an ROI. The cost of not having it means you're vulnerable to hacking and other things. Nowadays, multi-factor authentication is required for insurance. It's a must now.

It's very simple. Its price is fair. We use the hardware tokens as well. You get what you pay for.

In terms of licensing, Cisco has very complicated products, but Duo Security was surprisingly easy. The licensing model is easy. The license is based on the intent. You can see how many licenses you have. It's one of the easiest solutions I have deployed, so I'm very happy about it. Every other Cisco product—such as switches, APs, wireless, and controllers—has a very complicated license model. The new smart license model doesn't always work. It's very complicated. The vendors will put your license somewhere else. You need to talk to vendors. It's complicated, but Duo Security licensing is simple.

We evaluated RSA, Microsoft, and Duo Security. We evaluated these three, and we realized that Duo Security had better reviews, and it was easier to deploy and cost-effective, so it made sense to use it.

Overall, I'd rate Duo Security a ten out of ten.

We use Cisco Duo for Cisco Webex smart remote client.

Cisco Duo improved our security posture. It improved our security.

The most valuable feature of Cisco Duo for us is the multi-factor authentication.

The price of Cisco Duo could be better.

I have been using Cisco Duo for about three months.

The stability of Cisco Duo is very high. I would rate it highly.

The solution scales well on a scale of one to ten, I would rate it an eight.

We don't use Cisco Duo's support directly, only through our supplier.

Positive

We used Microsoft Authenticator before switching to Cisco Duo because it was connected to other Cisco technologies.

The initial setup of Cisco Duo was quite easy.

Cisco Duo was implemented by our supplier, who set it up for us.

I would rate the pricing of Cisco Duo as a seven on a scale of one to ten, which means it is quite expensive.

We evaluated Microsoft Authenticator before choosing Cisco Duo.

I would recommend Cisco Duo for its reliability, stability, and ease of implementation.

I'd rate the solution eight out of ten.

We use it for two-factor authentication (2FA) for accessing our portal.

From a security standpoint, 2FA is very crucial, and having a multitude of ways for consumers in your property to utilize 2FA is helpful.

Duo Security has its place in securing our infrastructure. It's great for that, but not for securing our infrastructure end to end because there's no such thing as an end-to-end cure for all the security.

It is great for reducing the risk of breaches. Having 2FA and making it simple for users, it reduces the risk of getting phished or scammed.

Duo Security considers all resources to be external, which is a good idea because everything is done in a completely untrusted model. It's absolutely important for us.

Our cybersecurity resilience has improved in one way. We were successfully able to deploy it to a base system. It's uniform across the whole property, and everyone is using it.

It's simple. It's reliable. I haven't had any issues with it.

It's fairly simple. Our end users don't have many issues with it other than getting locked out for administrative purposes, but it's not something to do with Duo Security. There might be a little slowness, but that could be my connection.

We have been using this solution in our company for about two years. I have been with the company since we started using it.

I haven't had any problems. In a worst-case scenario, there might be a little slowness, but that could be my connection. They're pretty proactive when they do have issues. I get alerts right away saying that Duo Security is having problems, and they are being looked into.

Their support is okay. They always respond. Sometimes you get really good engineers, and sometimes you don't, but at least they're there. I'd rate them a seven out of them.

Neutral

We had a few other systems. It was piecemeal. We were trying Okta at one point. We were doing demos of the products trying to find the right one. I've limited experience with them, but our security team did a full evaluation. A few times, I've seen demos, which was a while ago, they all seem to be pretty close. It's pretty tough out there. We might have been roped into Duo Security with some other deal that we did with Cisco.

I was not involved in its deployment. Our security team does most of the deployment factor on that. I do remember the provisioning process, and it seemed pretty painless. We have about 5,000 employees, and I'm sure getting the education to the users about what we're doing would have been an effort, but overall, it was pretty easy.

In terms of deployment, it's on the cloud. It's probably a hybrid cloud, but I'm not sure.

There's definitely a return on investment because one compromise can cost billions of dollars.

I'd rate Duo Security a nine out of ten. I haven't had any problems. It's great.

We use it for multifactor authentication for getting in with cell phones and PCs.

Duo Security allows us to be remote, and it keeps us secure. It has been very good for securing our infrastructure from end to end. We haven't had any issues.

It has helped free up our IT staff, but I don't have the metrics on how much time it has actually saved. We don't worry about it. It just works.

It has been good for establishing trust for every access request, no matter where it comes from.

We're working remotely. It helps us keep people more safe. Its adoption has been fine. I like the fact that you can bypass it if you need to because there are situations where the internet doesn't work, etc.

Its ability to help reduce the risk of breaches is pretty good. I like its ability for user authentication and device verification.

We use Yubikey for pushing it to the phones. Yubikeys can get expensive because people tend to lose those for some reason. Fifty dollars a device is pretty high.

I've been using this solution for a couple of years.

I don't deal directly with their tech support myself. I've got some other folks that do that for me, but I don't hear any complaints, so I'd rate them really high.

We did use another solution. I can't remember the name of it, but it had a lot of flaws and a lot of issues. It did not connect to the equipment that we had to use. It would break down, so we had to find something else.

We didn't consider another solution. While researching, Duo Security came out to be the best. The last one was terrible, and this one ranked a lot higher.

We have a hybrid deployment. It was very easy to implement it. 

It integrates well with other systems. We have Cisco Umbrella and Cisco routing and switching. We had Cisco firewalls, but I wouldn't recommend them. 

We've seen an ROI in using this product. There is stability and ease of use. It isn't a problem to handle. It's simple to deal with.

It falls in line with everything else.

To someone researching this solution who wants to improve cybersecurity in their organization, I'd say that it has been very beneficial.

Overall, I'd rate Duo Security a ten out of ten.

We use it for two-factor authentication so that we're not just relying on the username and password but also on two-factor authentication, whether it's through SMS or through the application.

People use very weak passwords, so it's very easy for attackers to get in and compromise accounts. This is why we need two-factor authentication and why we are with Duo Security. It helps us to not only rely on the username and password but also implement another layer of protection. Attackers are not going to be able to compromise accounts because of the two-factor authentication.

It has definitely reduced embedding. We found a lot of problems with attackers being able to compromise accounts. Now, when they try to access accounts, they are not able to do so because there is an added layer of protection. Once we know that a username and password are compromised, we just reset the password to protect the company.

I like the two-factor authentication, which gives another layer of protection.

It's very important for our organization that this solution considers all resources to be external. Our company has thousands of people who access from outside, and it's hard for us to know which one is legitimate and which one is illegitimate. Having two-factor authentication with Duo helps us to implement a second layer of authentication so that we know for certain that the people who are accessing accounts are legitimate.

It's a great solution for securing access to the applications and network because we can integrate the solution with all types of applications. The system has the ability to integrate customized applications built in-house and those that were brought in from outside. It integrates with network access as well, such as when you want to access a different node. It has multiple ways to authenticate applications, network access, etc., which helps us a lot to spread the solution across all our assets.

That the solution helps support hybrid work is very important to our organization because people access accounts from everywhere. Duo Security gives us the second layer of protection.

The solution provides a single pane of glass management to help us monitor all of the access.

Duo Security helped us remediate threats more quickly.

It is not easy to maintain network connectivity.

Duo Security should have more customized use cases. For example, if a client needs to have more customization, it would be better to connect directly with Duo's R&D to try to discuss the issues together in order to add customizations.

I've been using this solution for the last two years.

The stability is definitely good.

The scalability is great. The solution is deployed in multiple locations, and we have around 30,000 people.

The technical support is good. They are helping us, and I would give them an eight out of ten.

Positive

We switched to Duo Security because it's easier to implement and can be spread across all the applications.

We have definitely seen an ROI from a protection perspective. It helped us a lot to protect against compromised accounts.

Price-wise, it's not cheap, but it's not expensive at all either. It's in the middle.

I would rate Duo Security at nine on a scale from one to ten.

Our web developers use Duo Security as a WordPress plugin to provide security for our websites.

Duo offers dual-factor authentication for our logins. I put in my credentials and hit go. Then I get an alert on my Apple watch, and I approve it. That part is just phenomenal. 

Duo has some issues that we're trying to work through. For example, if I install it on a WordPress site and another admin needs to log in, they can't because Duo hasn't been set up for them. It doesn't appear that I can add permissions on a user-by-user basis. It's not obvious.  

I would also like to see password-free login. There used to be a password-free product where you used your phone and looked at the screen. I can't remember what it's called now, but it was great. It used blue wavy lines that constantly changed, so nobody could ever screen capture and use them to log in. That was by far the best solution. 

Duo bought them out and did away with them. They probably saw it as a threat because it was a better solution. And a couple of companies have tried to mimic that, but they have never come close. If Duo were to go back to something like that, I would be ecstatic. Passwords are supposed to be a thing of the past.

I've used Duo Security for about two years.

Duo Security is stable.

I don't know how Duo would scale. If I've got a hundred websites and I install it on several of them, scalability just means adding it to a new website. It would be as easy as adding it to the first. 

That's not an issue, but I  still haven't figured out how to add new users to a site that already has it installed. I checked their online documentation and haven't found an answer yet,  so we temporarily took it off on that particular site.

We tried several authentication solutions before, but I liked the way Duo works better. 

I rate Duo Security eight out of 10 for ease of deployment. It takes a minute or two to download and install the plugin. 

Duo Security is free.

I rate Duo Security nine out of 10. Duo is a solid solution, but it still has some minor issues with adding users. 

When our users are connecting to our Cisco VPN, Duo effectively ensures that they are who they say they are by taking a second factor into account, such as the cell phone that was used to create their profile. To do this, it sends them a second mode of authentication, such as a PIN or push confirmation. It also geo-locks who is allowed to actually log into our systems. We have it locked to the continental United States and Puerto Rico, and one outsourcing firm that we work with.

Once you have it set up, all you really have to do is add people to a group in the active directory and send them the instructions on how to do it. If you have a lower technical user base, you may have to walk them through it. But once it's set up, it really is automatic.

Not a single person from our IT staff really needed anything other than the instructions. Of the 15 people in our test group, nobody actually needed instructions on how to use it either — beyond what I just wrote up and sent them.

As we get to the older population in our company, the less technical population, we're probably going to have to walk them through it or hold their hands a little bit.

Within our organization, there are currently 15 employees using this solution. Eventually, we will have all 221 office staff users with it set up. Still, we'll probably top out at about 80 users a day.

We will increase the overall usage as our users increase. So, if we hire another 10 people, then we'll buy another license.

The multi-factor authentication process and the geo-locking features are great. It provides us with statistics about the devices that are used to perform the second authentication factor.

Upon successful connection, it tells us where and what device is being used to perform the second authentication factor. For example, when I log in with it, we'll see that I have my iPhone 11 and that it is located in the area via its IP address.

We had some trouble with the password reset function. When a user's password is expired, you can prompt them using Cisco AnyConnect — a password management feature — to change their password in the same channel during the login process. We had a lot of trouble configuring that. As a result, we now have a second channel that bypasses Duo to allow them to reset their password.

For this, we needed Cisco support, Duo support, and our network administrator all lined up. It should have just been something that they could have just configured, but they weren't able to do it in the same channel. We had to actually create a second channel. When you do this, people will try to log on and it'll tell them that their password is incorrect. They'll realize that their password is expired because it's been 90 days. Afterward, they'll have to then go back to AnyConnect, change the channel that they're logging into, attempt to log in, get the password prompt, disconnect from the AnyConnect, and then reconnect using the Cisco Duo multifactor authentication — this is extremely complicated.

Still, it's really only a problem for a small subset of users. The ones who ignore the notifications 10 days before saying, "Hey, change your password."  So, it's not as big of a deal as it sounds. Just by having a functional way to do it, it makes it so that if nobody's on staff, the user can reset their own password without having to call us in the middle of the night on a Saturday, because that's the best time for those passwords to expire. 

Also, it would be nice if it was easier to modify the splash screen that comes up when entering your username and password.

We actually just configured Duo Security — we're in the process of pushing it out. Currently, we've been using it for the past three to four months.

Scalability is definitely up there. It could easily handle many, many, many more authentications than we are currently or ever would use. It could definitely go far beyond what we are currently using.

The technical support agents are definitely knowledgeable; they give us plenty of recommendations on how to do things. They are very quick to send us white papers describing how to fix things ourselves. 

Although they try to push us toward a self-help model, they do eventually get online with us via a WebEx chat with the Cisco reps and help us out. We've never really had any problems finding somebody from chat support that wouldn't jump on to the WebEx meetings with Cisco premium support.

We didn't have anything covering multifactor authentication. We were using Cisco AnyConnect with the tie-in to the active directory, but we just had the single factor — the username and password. Duo allowed us to greatly enhance our security. Now, not only do users have to know their username and password, but they also have to be able to receive the second-factor authentication in order to get in. The same goes for anyone trying to break in.

The initial setup was complex, but due to the support that we received during the onboarding, it was very simple with the exception of the password reset channel that I mentioned earlier that we tried to use but didn't end up doing. The way we have it set up now is actually how it was configured during the onboarding process. It just would've been nice to have had it functionally work — to have that all in one channel.

Regarding deployment, we have an in-house person, but we still had Cisco Duo onboarding support to assist us with the setup. If you have a CCNA, you'll probably be able to do it yourself, but it's just much easier to do it with onboarding support.

The functional part of the onboarding process only took roughly an hour. Including troubleshooting our channel issue, we spent roughly 16 hours before we just decided to go back to the original build.

Our licensing fee is currently on an annual basis.

There are two levels of support with Duo that we were considering. The first level of support is just the two-factor authentication — it doesn't do anything else. But the second level of support provides us with network access control. This basically allows us to say, "Hey, your iPhone hasn't been updated in 10 years, update your iPhone to continue using this service." Or, "Your Windows device does not have updates." It also provided us with the geolocation feature. We were experiencing a lot of break-in attempts from Moldavia. So, thanks to this feature, we just locked out Moldavia. If nobody in Moldavia can connect to our system, then nobody in Moldova can hack us. 

If you're interested in using this solution, be sure to get the onboarding team to set everything up during the onboarding phase. Set up a proxy server if you can and get them to do everything during the onboarding phase — then you won't have any problems.

Compared to the after-purchase support, the onboarding people are a lot more willing to just take over your computer and set things up for you.

Overall, on a scale from one to ten, I would give this solution a rating of ten — it's the best. 

I work in an institution with about 6,000 people. I'm a telecommunications engineer. I use Duo Security as my access point when working remotely. Because I'm a telecommunications engineer, I have to have access to my systems remotely, and our VPN client requires that we go through second-level verification, for which we use Duo Security. 

Ours is on-prem. We have on-prem Duo Security. We do not use cloud at this time. 

The benefit of Duo Security, for me, is the very easy remote access. I don't have to go through repeated steps to log in to my platform, and it's the same process every time. It works quickly, and it's just that simple.

When it comes to securing our infrastructure from end to end, I wish I could speak more in-depth about that. I do know that Duo Security does identify me as a user, and the folks that need to track who's using it, when, and why. I know that there are very detailed and well-designed reports to let them do that. I am not on that side of Duo Security. Again, as a user, the best part is the ease of use. 

At the moment, the ease of use is what is the best feature for me. Once it has been set up and the security can hoc to my mobile device, it's very simple to use my single sign-on, get prompted for a Duo Security, push, go to my phone, accept the push, and I'm done. It's a very simple process. 

The only thing I can think of to improve for tech support is to have a dedicated engineer but then I would get an engineer that has priorities in one area or another and maybe not the scope I need.

I like the fact that when I open a ticket, I'm not getting the same caller calling back. I like the variety of support that Cisco offers.

Opening a technical assistant's request is a little challenging at times. I wish that the Cisco website could understand who I am from the chart and just let me in rather than forcing me to pick out my contract number, my address, or something like that. They should make it streamlined, make it simple.

I have been in this current position with Duo Security for two and a half years.

To my knowledge, we are relatively stable. I know there are times when in-house we may have difficulty with servers, connectivity, or databases, but it only happens sporadically. I think in my experience, we've had Duo not work maybe once or twice in the last two and a half years. It usually results in rebooting a server.

When we speak of clients on which Duo Security is deployed, every user in my environment typically has a cell phone and a laptop and we use mobile push. I believe we do use PIN capabilities, as well, but primarily we use mobile push. I suspect that it's on a PC mobile platform.  

On average, Cisco's technical support is very good. There are times that I need to go through escalation processes, but once I escalate it, I know that I'm going to get the service I need. The more challenging part for me is defining the problems so that the technical solution reps can help me solve them. 

My rating for Cisco technical support would vary depending on what they are supporting for me. I would say they've never dropped below, say, a 7.5, but pretty consistently range in a nine out of ten category.

I think Cisco support works very hard to satisfy my needs as a customer rather than frustrating me.

Positive

I believe that they did use a different solution. I actually believe that we did not have multi-level verification on our VPN login when we started out. As a result of COVID, it became necessary to have multi-level verification. That was when Duo Security was introduced. I also understand, this was prior to my employment, that Duo Security was enacted in less than seven days. 

As a case for return on investment, I would stretch my exposure and say that the return has been remarkable because we went from full-time, on-premise workers, to full-time remote for everyone for several months. Subsequently, many of our staff now work a hybrid schedule, and Duo Security makes it entirely possible. 

When it comes to pricing, the only thing I can say is that working in education, when you buy a product, it has to have value. My assumption is that Duo Security has a great deal of value for its cost. 

To advise somebody about Duo Security, I would say it works. It works. 

I have not experienced another security program like Duo Security. I don't have a way of rating it other than to say, I'm happy with how it works, and it makes my job easier. 

I'll give it a 9.25 out of ten.