Cisco Duo Reviews

One year ago, I deployed Cisco Duo for one of my clients at my previous company because we are a Cisco Gold Partner company. My client wanted to deploy Cisco Duo on their remote access VPN. They have a Cisco FTD firewall, and mostly users join on weekends through Cisco AnyConnect. My client requested 2FA for these users, so I deployed the solution.

A few months ago, I worked on Upwork where one of my clients approached me and asked if I could install Cisco Duo for their small cybersecurity company. This presented a good opportunity for me because I am in Pakistan, and my client is in the USA.

Cisco Duo is a simple and effective tool that gives detailed information about users who connect to your domain. You can review the logs, including the public IP that the user uses, which country the user is in, and the city where the user is located. Everything is perfect in the logs. One tab shows that a user, for example Hasnain, is connected through remote access VPN and is using a specific public IP from a particular city in a specific country.

Cisco Duo offers a great logging solution in a Cisco environment. Additionally, Cisco Duo integrates easily with single sign-on apps, and I have used it on the Cisco ISE side because you can add the Cisco Duo address to your ISE and create the same user in both Cisco Duo and Cisco ISE. This makes it easy to manage, as Cisco ISE directly sends requests to Cisco Duo to verify, and the user logs in with a push notification or SMS code.

I am using many features in Cisco Duo, including logging in to Cisco ISE, sending requests when I log in to Cisco FTD through Cisco Duo, and checking 2FA on Cisco AnyConnect. Additionally, I have installed Cisco Duo app on my Windows-based machine, which checks for 2FA notifications every time I reboot the system or press Windows + L. This sends notifications to the cloud to check the username, and it also provides features that ensure the Windows Firewall is always enabled and verify that sensitive data partitions are encrypted. Moreover, it checks that antivirus is properly installed on the system. I also integrate my app within my company and have implemented single sign-on services through Cisco Duo, which is outstanding.

Cisco Duo could improve by considering feedback on features or requests for future releases.

When I worked on Cisco Duo, I encountered a limitation that I want to discuss. When a user logs in on a Windows machine using a Microsoft account, it is easy because you install the installer on your system and generate a code to enroll in Cisco Duo app. However, when I installed the package on the system, the user who was already added on Cisco Duo mobile app faced an issue. When I restarted the system, the screen turned black, and the user got stuck because we could not enter the username and password. After reading Cisco documentation, I learned that they do not support Hotmail addresses. This caused a problem since the user was using a Hotmail account. My client was very understanding about it, but I felt I failed to deploy Cisco Duo effectively. There are limitations because Cisco Duo does not support Hotmail accounts, which many people use to log in to their systems.

The two main limitations on Cisco Duo are first, the requirement to install the installer on my server, and second, that Cisco does not support Hotmail accounts. I regret this limitation due to Cisco not supporting Microsoft accounts.

I have been using Cisco Duo in my career for one year.

Cisco Duo provides scalability and smooth integration with some applications.

I have contacted Cisco customer support, which is highly remarkable. I open cases with Cisco regularly, and they provide prompt support for any case. Although I did not open any cases on Cisco Duo specifically, I have worked with many Cisco devices in my current network. Cisco support is notably above average; few companies match Cisco's technical and customer support capabilities when you are stuck on technical or pricing issues.

Positive

Regarding the pricing for Cisco Duo, I find that Cisco is always costly. In my current network, I work in a financial institute where we use 2FA for Fortinet, which is easy to deploy but not scalable. Implementing Cisco Duo is more complicated, but when you integrate the solution fully, Cisco provides a very comfortable experience. The pricing comparison shows a great margin as Cisco is costly, while Fortinet is less expensive.

I use Fortinet, which you can ask me about as an alternative two-factor authentication solution.

If you have any questions, you can ask me. I give this review a rating of 8.5 out of 10.

On-premises

The main use cases for Cisco Duo are for multi-factor authentication and being able to bring your own devices securely.

We don't use Cisco Duo in our organization. We sell the product to our customers.

It is very easy. Having just wrapped up my tenure at Cisco, it was used day in and day out for security. It was always easy to log in and not have to worry about logging in multiple times.

As a former employee, I think it's top-notch when it comes to protecting internal and external threats and preventing unauthorized access to the network.

Cisco Duo could be improved, possibly by adding features for the healthcare space. If you're selling something to a healthcare provider, there needs to be consideration for how to launch Cisco Duo with a handheld device that is not native, where you can install the application.

We have been working with Cisco Duo for at least four or five years.

I would rate their technical support a seven out of ten based on how they respond to issues.

Neutral

There is certainly ROI with Cisco Duo, assuming that you can get the other MFA type products uninstalled, and customers truly understand why they purchased Cisco Duo in the first place.

From a reseller perspective, it's still challenging to explain the whole license strategy to a client, so we really have to be ahead of that for all the true forward conversations.

We did not consider many other solutions before Cisco Duo. I am biased towards Cisco because I came from Cisco, so I am more familiar with it.

The benefit of having a complete passwordless environment is more of a conversation that we have with our clients. There is ease of use. We focus on what outcomes they are trying to achieve with the different personas they're using and the security protection in their workplace. There aren't any disadvantages to the passwordless environment, but it all boils down to what our customers are saying about the product that we sell to them. I haven't heard anything negative about Cisco Duo.

I would rate Cisco Duo overall an eight out of ten.

Our customers in the fertilizer industry use Cisco Duo for their security needs. The solution helps secure access to their private cloud, enabling client VPN and SSL VPN connections with ASA.

I find that the client VPN and multi-factor authentication (MFA) features are the most useful. Additionally, I appreciate the adaptive authentication capabilities. Integration with existing security solutions is easy, and the simplicity and user-friendliness of the product have satisfied me and my customers, as evidenced by subscription renewals over the past four years.

I think Cisco should allow easier integration with third-party equipment because Cisco's own equipment is expensive. This change would be beneficial for customers using third-party hardware, as the integration of Cisco software and Cisco Duo subscriptions with non-Cisco devices is currently limited.

I have been working with Cisco Duo for the past four years.

The deployment of Cisco Duo is straightforward. It generally takes about two days to complete.

I have received no complaints about stability from my customers.

I find Cisco Duo is scalable enough for my customers' needs.

I would rate Cisco's technical support at ten out of ten.

Positive

My customers have previously used SafeNet solutions. However, they switched to Cisco Duo because it offers more technical features and is cost-effective.

The initial setup of Cisco Duo is very easy. I would rate the ease of setup as a nine out of ten.

Cisco Duo is cost-effective, providing a good return on investment as it saves costs compared to other brands.

The price is reasonable for my customers. The approximate cost is around eighty dollars per user.

My customers previously evaluated SafeNet solutions.

If I were to recommend Cisco Duo to my customers, it would be for its cost-effectiveness and user-friendliness, as it offers a lot of features compared to other brands. My total rating for Cisco Duo is ten out of ten.

Private Cloud

Other

The main use case for Cisco Duo is authentication.

I appreciate the mobile authentication feature of Cisco Duo; it's quite good. The features of Cisco Duo have benefited my organization because it's secure, provides a way of accessing the workspace, and it's easy to operate from mobile.

My experience with Cisco Duo's strong security authentication system has been easy; logging in is straightforward.

I do not think about how Cisco Duo can be improved right now, including additional features or enhancements.

I have been using Cisco Duo for about six months.

I would assess the stability and reliability of Cisco Duo as pretty stable.

Cisco Duo scales with the growing needs of my organization; we haven't seen any complexity or issues so far.

I evaluate customer service and technical support as quite good.

Positive

Before adopting Cisco Duo, I was using a homegrown solution to address similar needs. I transitioned from our homegrown solution to Cisco Duo because it's Cisco; we've been using Cisco products for some time.

I have definitely seen ROI by using Cisco Duo because we used to have our own homegrown solution, and this is far better than that.

My experience with pricing, setup, costs, and licensing is that I do not get into pricing much; I leave it to procurement, but I think it's very competitive.

We use other Cisco products such as firewalls, and I find them competitively positioned, although I need to watch out for companies such as Palo Alto, as prices vary across different companies.

I have not considered any specific products to use instead of Cisco Duo.

We have a few employees using the traditional way of accessing and securing, which had some challenges; before the solution, people put a lot of effort in, and that's one advantage we have using Cisco Duo.

The flexibility and integration of Cisco Duo were a big advantage when selecting it over other solutions, and specifically, we can introduce user-level security for specific databases.

My experience with performance, cost, support, and scalability is that performance is quite good, and I do not see any issues with scalability. My experience with deploying Cisco Duo is positive; we got good support from Cisco. I would definitely recommend it to other organizations considering Cisco Duo.

I would rate Cisco Duo overall a nine.

I usually work with clients in the financial sector. Many of those clients need to meet certain security requirements that are mandated by their auditor or recommended by their auditor, which is dual multifactor authentication. That is usually the reason why they first look at Cisco Duo, and then I pitch Cisco Duo to those customers for authentication into most of their financial applications as well as VPN access.

It is very commonly used for VPN access.

I think seamless login, as well as less administrative overhead in terms of managing users and their login credentials and passwords, and tighter security are valuable.

The main thing is it helps the customers meet their security requirements.

Cisco Duo is very easy to deploy. The documentation is very thorough, which makes deployment straightforward.

The only area I could think of is support for more applications. Cisco Duo already covers a wide range of apps, especially the common ones, but there is always room to add more.

I have 27 years of experience in this field. I have been using Cisco Duo for two years.

Cisco Duo has excellent stability, as is usual with Cisco products.

I work for a company that is a Cisco Duo reseller, so scalability has not been an issue.

The customer service has been excellent.

Positive

I have never used a previous solution before Cisco Duo.

Since the company I work for is a Cisco Duo reseller, I did not need an external implementation team.

The return on investment is positive and is not a problem.

Compared to other vendors, Cisco Duo is on the pricey end. However, the other vendors do not have the wide range of features that Cisco Duo offers.

There are no alternate solutions that I can think of.

Other

The use case is good.

What I appreciate the most is that you can push a notification with your phone and log in to your computer. I use it to log in to my IT department. All the employees of the IT department can use it and another 2FA authenticated before they go in to log into a computer.

It needs to be made more comfortable for the customer and for the system administrator. The GUI environment could be improved. There is another issue with removing the application from your computer. It is difficult to remove the application on Windows. Additionally, if you don't have internet access, you can't access your computer, only local access is available. This is problematic.

I have been using this solution for three years.

There are no stability issues.

I am not familiar with any scalability issues.

I have used VIP OTP by Symantec.

The installation is easy. It consists of clicking next several times and then finish.

Cisco Duo is more comfortable because it is very user-friendly for the customer and it is very easy to set up and use.

The solution can be used by private customers. I would rate this solution as nine out of ten.

We have been using Duo Security for authentication in our in-house sales operations technologies. Therefore, as a Cisco partner, we regularly recommend Cisco Duo Security to our customers to help secure their VPN environments or connectivity to business-critical systems.

For our customers, Duo Security is a significant advantage because it provides them with a straightforward method to implement MFA across their entire environment. Moreover, once we delve into the more advanced features of Duo Security, it enables us as a partner to engage in ongoing discussions regarding security strategies with our customers. Initially, we may only introduce them to MFA during the onboarding process. However, as their security strategy evolves, we can leverage Duo to perform additional tasks such as risk-based assessments and deployments, thereby assisting in the development of their security measures.

Duo Security helps secure our infrastructure. It serves as our gateway layer of protection, allowing us to understand who is logging in and why. We conduct risk-based assessments on each user to determine whether their actions are appropriate or not. Duo Security is not a comprehensive security solution, but it is undoubtedly a crucial component, a critical layer of security. This aspect resonates with our customers consistently.

Their ability to reduce the risk of a breach is of utmost importance. It serves as the primary line of defense. Currently, credential gathering and leaks are widespread in the market. By implementing an MFA solution like Duo Security, we can effectively prevent these issues. When we put a stop to credential harvesting, it becomes much harder for attackers to infiltrate and navigate our network. Therefore, Duo Security acts as an excellent first line of defense.

User authentication and device verification are the methods through which we envision our customers navigating in order to prevent identity-based attacks. Initially, when we employ Duo Security, it is a straightforward implementation of multi-factor authentication. As we progress, we enhance security measures by incorporating device risk assessment and potentially even regional assessment. This includes considerations such as whether the login is being attempted from a specific IP address. These gradual enhancements contribute to the establishment of an additional layer of protection. Thus, it is not necessary to implement a completely disruptive strategy right from the start. Instead, it is possible to gradually adopt and integrate this approach, following a crawl, walk, or run methodology.

The Duo Security self-service portal helps free up our customers' IT staff time, allowing them to focus on other projects. As a Cisco partner, we have received feedback from our customers that the portal is highly interactive, enabling them to easily navigate and resolve issues. After setting up their Duo environment, we rarely receive callbacks for assistance, as the portal is intuitive and empowers users to handle everything they need on their own.

The appealing aspect of Duo Security is its ability to establish trust for every access request, regardless of its origin. It is a cloud-based solution with excellent API integrations. It doesn't matter where or how a user logs in; Duo will be there to protect the user, whether it's through MFA, risk assessment, or similar methods. 

It is extremely beneficial to our customers that Duo Security considers all resources as external. Our customers frequently inquire about a zero-trust model, and this is a key component of it. Unfortunately, I would love to say that there is a simple solution for zero trust where we can just deploy this solution and be done with it. But that's not the case. It requires a layered approach, and that's what we convey to our customers. Duo Security is definitely a part of that.

Duo Security has helped improve our customers' cybersecurity resilience. Internally, it protects our users from accessing sales operations-based environments. Additionally, our customers use it regularly to protect business-critical applications.

The ease of deploying Cisco Duo Security and onboarding has greatly benefited our customers. When they have the need or requirement to implement an MFA solution, being able to swiftly set up Cisco Duo Security is perhaps the fastest and simplest feature available.

There is always room for improvement. Duo Security is a great product in its current state. However, Cisco can further enhance the integrations, as they possess exceptional integrations with various providers' products and feature sets. They should continue to improve and expand these integrations to include more products. The more integrations they offer, the more advantageous it becomes for us as a Cisco partner to promote and sell their product.

I have been using Duo Security for one and a half years.

The stability has been excellent. I haven't heard of any issues, either internally or from our customers, regarding any problems with the Cisco Duo platform, the authentication VM, or anything of that nature.

Scalability is excellent. Being cloud-driven, our customers are not concerned. They can simply purchase licenses as they need them, and scale up or down as required. Typically, scaling up and scaling out is the norm. The flexible licensing model and cloud-based delivery enable this process.

Cisco support has consistently been exceptional, and Duo is no different. Although we seldom encounter issues, when we do, they usually relate to product integration or similar matters. However, these problems are never troublesome. The support documentation provided by Duo is superb, possibly even top-notch opinion. Therefore, even if we do experience an issue, more often than not, we can locate a solution within the existing documentation.

Positive

We have always used Duo Security internally. We have observed some of our customers replacing Microsoft Azure MFA with Duo Security due to its superior capabilities. Duo Security offers better compatibility and works seamlessly with various other vendors. Therefore, we have witnessed cases where customers replace their Azure MFA with Duo Security. In other instances, customers have chosen to complement Azure MFA with Duo Security. Some customers have investments in Microsoft that they do not want to lose, which is understandable. We acknowledge that fact. However, Duo Security is a highly complementary technology they may utilize for high-profile business applications or even VPN authentication. This is because it integrates well with their hardware or software.

The flexibility offered by Duo Security, its ease of operation, and the overall advantage of having the Cisco name behind it is significant. Knowing that Cisco is a global leader in security and backed by Cisco Talos is one of the primary reasons organizations make the switch. Consequently, it is straightforward to discuss with customers the benefits that Cisco brings to the table and how Duo Security can provide flexibility in their security strategies.

Deploying Duo Security is extremely easy. As a cloud-based solution, we can have services up and running within a day.

What we have observed from some of our customers is that having an MFA solution like Cisco Duo Security in place actually reduces their premiums for cybersecurity insurance. This means that investing in MFA provides an immediate return on investment, as they are guaranteed to recoup the money. Many cyber insurance companies now mandate the inclusion of MFA features. If we do not have MFA, we either have to pay higher premiums or risk not having coverage at all. Therefore, deploying Cisco Duo quickly and effortlessly offers an instant ROI for many of our customers, allowing them to obtain the necessary coverage from their cyber insurance carrier.

If we meet not only MFA solutions but also other criteria within the cybersecurity insurance industry, savings could be upwards of fifty percent on our premium. This is because, as we deploy more security solutions, our level of risk decreases, as observed by cybersecurity insurance companies. Consequently, we become a lower-risk customer, leading to reduced premiums. However, if we don't have some of these solutions in place, there are two significant risks: firstly, we may not be covered at all, which is a considerable risk; and secondly, if we are covered, our premiums will be exorbitantly high.

I believe the licensing model is excellent as it offers flexibility to our customers, allowing them to adopt a crawl, walk, or run approach. We don't have to sell the highest licensing feature set right from the beginning because they may not require it. Therefore, starting with the MFA license can be sufficient for them, as it helps onboard them and allows them to become comfortable with the solution. As they develop their strategy, we can gradually introduce them to different layers of Duo Security. This approach has been a successful business model for us.

I give Duo Security a nine out of ten.

For those who want to enhance their cybersecurity, Duo Security is an excellent initial step. It enables individuals to eliminate easily exploitable vulnerabilities and embark on their security strategy journey. This journey cannot be completed in a single day, but Duo will assist in taking that crucial first step.

For those currently evaluating Duo Security, I encourage them to take advantage of the free trial. They can sign up at little or no cost and try the product to assess its feature sets and availability. Utilize this opportunity to thoroughly test and explore the product and make use of the available documentation. It's an excellent method to gauge the capabilities of Duo Security.

Private Cloud

Our general use cases are for multi-factor authentication for our networking and data center environment devices. We also do some SAML for our network monitoring tools with our different partners in our environment. With SAML, we use it for RADIUS and TACACS authentication.

The solution has definitely made our administrative access and privileged access to our data center architecture more secure by using multi-factor authentication. It's no longer just a password. You need to have Duo Push. It also helps the security team keep track of when people log in a lot easier, and you can just go to Duo Security to do that. The multi-factor aspect for us was the big reason why we chose Duo. We are Cisco, and it's integrated with Duo Security.

The administrator tool in the dashboard is the most valuable feature. It's really easy to quickly see if users are locked out from their device, firmware code, or just all the little dashboards and reports I can run to give the security for monthly reports. The dashboard's really good.

The pain point for us at one point was the Duo Authentication Proxy since we're on-premises and not in the cloud. We had to have a proxy machine that's in our DMZ to talk to Duo for us. The configuration of that was a little complicated.

I have been using Duo Security in my organization's environment for eighteen months.

I never faced any stability issues.

I never faced any scalability issues.

The solution's technical support has been great. The only times I've ever had to call them was when I had to deal with Duo Authentication Proxy, and they were very helpful. They would go through your config and help you figure out any little pain points you're dealing with as far as integrating those different protocols, but they were fine every time I had a call. I rate the support a nine out of ten.

Positive

Regarding implementation, it was a really quick project. I think we did PoC to the final rollout in six weeks. Duo Security is very integrated with other security and Cisco products, it took us around six weeks, and we had the solution up and running along with multi-factor authentication for all privileged access users in our environment. Previously, we just had a username and password. It was a big win for us.

Price-wise, the solution has been very, very reasonable, especially since I like that you can scale, and they work really well if you need to expand quickly or retract. We haven't had any problems. Licensing is the last thing I think about regarding Duo Security because it's so easy, and I had no problems with it.

During our evaluation phase, we looked at Okta. For privileged access and for our authentication protocols like RADIUS and TACACS, Okta didn't have that functionality. They did SAML, so you could secure web apps or SaaS platforms or anything like that, but not our internal data center networking infrastructure. Duo Security was the only one that really had that capability. It was a really quick process. It's been great ever since.

It is a very powerful tool when it comes to securing infrastructure from end to end. It makes authentications seamless for the users, and it's very well integrated with, like, Cisco ISE. It's not hard to maintain, and that was the biggest bonus. You don't want pain points for your users. Integration and the solution's seamlessness were the two big points.

Regarding my impressions of Duo Security's ability to help reduce risks and breaches, I would say that it is very high. The biggest pushing risk for us is insider threats, so mitigation requiring multi-factor authentication for privileged access reduces that threat surface. Duo Security was a really quick and really easy way to get a really quick win on that.

Duo Security's user authentication and device verification for helping to prevent and identify attacks is pretty good, especially for profiling the devices and for devices that have Duo's app in them. It helps us to understand the users of Duo about which firmware is running and whether they're possibly running firmware that could have some vulnerabilities. It's all in the dashboard. It's very easy to make reports and see them. It really helps people who use Duo, and they have their endpoint in there. It really helps us see a lot about their device.

It helps us save money and time, especially for identify privileged access users who are having problems logging into devices. We get it to automatically alert us, so we can be proactive about finding out what the issue is because if you see a lot of repeated attempts to log in to something, then you see that in Duo, it will email us, and then we can go to just investigate and remediate the issue. It's usually somebody with a bad password, trying to put it in many times, but you never can be sure. So it really helps us be proactive in the aforementioned situations.

Regarding my assessment of Duo Security for establishing trust for every access request, no matter where it comes from, I would say that it does pretty well. So, I don't know if I can talk more about this because we really only have certain avenues into privileged access devices, so I really can't say if it is from anywhere.

It is very important for me that Duo Security considers all resources to be external, especially from a principal security standpoint. It's a great posture to have, and I think that having that kind of posture is good for your security just inside your own network if you treat everything as external. They speak the same language security-wise that we look for in our organization. 

Duo Security has helped improve my company's cybersecurity resilience, considering that in our limited scope of where we use it, we are more resilient because of those formation things where we learn about issues proactively, and then we can actually mitigate them, and the report shows trends. So if we see trends, we can see what we mitigated, and we can look at those trends and see if there's a more focused approach than maybe a more long-term thing we need to look at or a bigger change we need to look at. I would say it's helpful from that point.

I would tell those planning to use the solution that Duo Security is a seamless and really transparent solution for its users, and it's very integrated into one's existing systems. Ease of implementation is for somebody who has to engineer a solution and implement it. The ease of implementation is one of the top five things. It's the ease of implementation and it's the integration in your existing systems that really sells Due Security for me. 

I rate the overall product a ten out of ten.

On-premises