Cisco Duo Reviews

I work in an institution with about 6,000 people. I'm a telecommunications engineer. I use Duo Security as my access point when working remotely. Because I'm a telecommunications engineer, I have to have access to my systems remotely, and our VPN client requires that we go through second-level verification, for which we use Duo Security. 

Ours is on-prem. We have on-prem Duo Security. We do not use cloud at this time. 

The benefit of Duo Security, for me, is the very easy remote access. I don't have to go through repeated steps to log in to my platform, and it's the same process every time. It works quickly, and it's just that simple.

When it comes to securing our infrastructure from end to end, I wish I could speak more in-depth about that. I do know that Duo Security does identify me as a user, and the folks that need to track who's using it, when, and why. I know that there are very detailed and well-designed reports to let them do that. I am not on that side of Duo Security. Again, as a user, the best part is the ease of use. 

At the moment, the ease of use is what is the best feature for me. Once it has been set up and the security can hoc to my mobile device, it's very simple to use my single sign-on, get prompted for a Duo Security, push, go to my phone, accept the push, and I'm done. It's a very simple process. 

The only thing I can think of to improve for tech support is to have a dedicated engineer but then I would get an engineer that has priorities in one area or another and maybe not the scope I need.

I like the fact that when I open a ticket, I'm not getting the same caller calling back. I like the variety of support that Cisco offers.

Opening a technical assistant's request is a little challenging at times. I wish that the Cisco website could understand who I am from the chart and just let me in rather than forcing me to pick out my contract number, my address, or something like that. They should make it streamlined, make it simple.

I have been in this current position with Duo Security for two and a half years.

To my knowledge, we are relatively stable. I know there are times when in-house we may have difficulty with servers, connectivity, or databases, but it only happens sporadically. I think in my experience, we've had Duo not work maybe once or twice in the last two and a half years. It usually results in rebooting a server.

When we speak of clients on which Duo Security is deployed, every user in my environment typically has a cell phone and a laptop and we use mobile push. I believe we do use PIN capabilities, as well, but primarily we use mobile push. I suspect that it's on a PC mobile platform.  

On average, Cisco's technical support is very good. There are times that I need to go through escalation processes, but once I escalate it, I know that I'm going to get the service I need. The more challenging part for me is defining the problems so that the technical solution reps can help me solve them. 

My rating for Cisco technical support would vary depending on what they are supporting for me. I would say they've never dropped below, say, a 7.5, but pretty consistently range in a nine out of ten category.

I think Cisco support works very hard to satisfy my needs as a customer rather than frustrating me.

Positive

I believe that they did use a different solution. I actually believe that we did not have multi-level verification on our VPN login when we started out. As a result of COVID, it became necessary to have multi-level verification. That was when Duo Security was introduced. I also understand, this was prior to my employment, that Duo Security was enacted in less than seven days. 

As a case for return on investment, I would stretch my exposure and say that the return has been remarkable because we went from full-time, on-premise workers, to full-time remote for everyone for several months. Subsequently, many of our staff now work a hybrid schedule, and Duo Security makes it entirely possible. 

When it comes to pricing, the only thing I can say is that working in education, when you buy a product, it has to have value. My assumption is that Duo Security has a great deal of value for its cost. 

To advise somebody about Duo Security, I would say it works. It works. 

I have not experienced another security program like Duo Security. I don't have a way of rating it other than to say, I'm happy with how it works, and it makes my job easier. 

I'll give it a 9.25 out of ten. 

We use it for two-factor authentication (2FA) for accessing our portal.

From a security standpoint, 2FA is very crucial, and having a multitude of ways for consumers in your property to utilize 2FA is helpful.

Duo Security has its place in securing our infrastructure. It's great for that, but not for securing our infrastructure end to end because there's no such thing as an end-to-end cure for all the security.

It is great for reducing the risk of breaches. Having 2FA and making it simple for users, it reduces the risk of getting phished or scammed.

Duo Security considers all resources to be external, which is a good idea because everything is done in a completely untrusted model. It's absolutely important for us.

Our cybersecurity resilience has improved in one way. We were successfully able to deploy it to a base system. It's uniform across the whole property, and everyone is using it.

It's simple. It's reliable. I haven't had any issues with it.

It's fairly simple. Our end users don't have many issues with it other than getting locked out for administrative purposes, but it's not something to do with Duo Security. There might be a little slowness, but that could be my connection.

We have been using this solution in our company for about two years. I have been with the company since we started using it.

I haven't had any problems. In a worst-case scenario, there might be a little slowness, but that could be my connection. They're pretty proactive when they do have issues. I get alerts right away saying that Duo Security is having problems, and they are being looked into.

Their support is okay. They always respond. Sometimes you get really good engineers, and sometimes you don't, but at least they're there. I'd rate them a seven out of them.

Neutral

We had a few other systems. It was piecemeal. We were trying Okta at one point. We were doing demos of the products trying to find the right one. I've limited experience with them, but our security team did a full evaluation. A few times, I've seen demos, which was a while ago, they all seem to be pretty close. It's pretty tough out there. We might have been roped into Duo Security with some other deal that we did with Cisco.

I was not involved in its deployment. Our security team does most of the deployment factor on that. I do remember the provisioning process, and it seemed pretty painless. We have about 5,000 employees, and I'm sure getting the education to the users about what we're doing would have been an effort, but overall, it was pretty easy.

In terms of deployment, it's on the cloud. It's probably a hybrid cloud, but I'm not sure.

There's definitely a return on investment because one compromise can cost billions of dollars.

I'd rate Duo Security a nine out of ten. I haven't had any problems. It's great.

We use it for multifactor authentication for getting in with cell phones and PCs.

Duo Security allows us to be remote, and it keeps us secure. It has been very good for securing our infrastructure from end to end. We haven't had any issues.

It has helped free up our IT staff, but I don't have the metrics on how much time it has actually saved. We don't worry about it. It just works.

It has been good for establishing trust for every access request, no matter where it comes from.

We're working remotely. It helps us keep people more safe. Its adoption has been fine. I like the fact that you can bypass it if you need to because there are situations where the internet doesn't work, etc.

Its ability to help reduce the risk of breaches is pretty good. I like its ability for user authentication and device verification.

We use Yubikey for pushing it to the phones. Yubikeys can get expensive because people tend to lose those for some reason. Fifty dollars a device is pretty high.

I've been using this solution for a couple of years.

I don't deal directly with their tech support myself. I've got some other folks that do that for me, but I don't hear any complaints, so I'd rate them really high.

We did use another solution. I can't remember the name of it, but it had a lot of flaws and a lot of issues. It did not connect to the equipment that we had to use. It would break down, so we had to find something else.

We didn't consider another solution. While researching, Duo Security came out to be the best. The last one was terrible, and this one ranked a lot higher.

We have a hybrid deployment. It was very easy to implement it. 

It integrates well with other systems. We have Cisco Umbrella and Cisco routing and switching. We had Cisco firewalls, but I wouldn't recommend them. 

We've seen an ROI in using this product. There is stability and ease of use. It isn't a problem to handle. It's simple to deal with.

It falls in line with everything else.

To someone researching this solution who wants to improve cybersecurity in their organization, I'd say that it has been very beneficial.

Overall, I'd rate Duo Security a ten out of ten.

We use Cisco Firewalls, Cisco Umbrella, and we played a bit with Cisco Duo. The integration between has gotten better recently.

We use them for a security solution, multifactor authentication, and DNS protection.

It helps increase the security posture of the organization.

Cisco saves us time. We automate as many tasks as possible.

The integration is the most valuable feature. The products talk to each other. 

The products help us to detect and remediate threats.

The integration has improved recently but it can still be better. 

We were considering purchasing other products, like AMP for Endpoints, and it was not properly integrated with the firewall function. It might be better now with SecureX.

My company has been using it since before the company was founded more than ten years ago.

Their support can use improvement when it comes to responsiveness. It can take a few business days to convince an engineer that a device is faulty. 

Neutral

We also use other products from other companies for web applications and firewalling, besides Firepower. There are pluses and minuses for the other companies. 

From Gartner's perspective, Cisco products are not market leaders in some areas. 

With good specialists and support, it's easy to implement multiple Cisco products. 

We should be protecting our network and the cost of security and the OpEx is important, but it is more important to have a protected network.

I would rate their security products an eight out of ten.

It's an MFA solution, and we mainly use Duo Security for secure access to some of the servers with backup data.

With Duo Security, we can better secure our servers with backup data. It's very good for our customers for cyber resilience.

It can reduce time in case of a ransomware attack and so on. It protects the data but not directly.

For me and my customers, the best feature is that it's very easy to integrate with the existing infrastructure. It takes a few minutes to configure it.

It's already good, but there could be more integration. There could be ready-made integration. Other than that, it's a good product. It already integrates with lots of products, but it can integrate with more products. There should be easy integration with Cisco products because sometimes, it can be quite complicated.

I've been using this solution for around two years.

I don't see any problems. It's very good.

It seems good.

We already have a different vendor's solution, but the way that Cisco works on global security helps us to sell more. That's because customers want one dashboard or one cockpit, and now, all the Cisco projects go through SecureX. For customers, it's an advantage because they only have to know one interface, not ten interfaces. They don't have to know the interface of each product they've got.

I like Cisco Talos because it's a good source of security information, but it doesn't impact the customers as such.

We mainly work with the public sector, so its deployment is mainly on-premises, but we also have a few customers who have a hybrid setup. We don't have customers with a full public cloud, so it's mainly hybrid, and they mainly use AWS and Azure cloud. There is also one local provider called OVH, and because it's in the country, it's easier. 

I don't take care of its deployment. I have a presales role, so I do demonstrations. I deploy it in our lab but not at the customer. It's my colleague who does that.

The deployment process in the lab is very easy. Duo Security is a cloud solution, so there is almost nothing to install on-prem, and there is also lots of documentation. It's very well-documented how to integrate it with an already existing solution. In one day, you can integrate it quite easily. The web interface is very easy to understand.

One person is enough for its deployment. In terms of maintenance, it doesn't require any maintenance. It's a cloud solution.

The ROI is complicated to calculate. It improves security, and improved security is the return on investment.

Cisco's licensing is always a bit complicated to understand, but the price is fair. It could be more expensive than others, but the way they integrate everything, it has a fair price.

You've got a trial version, so just try it, and you will adopt it.

I'd rate Duo Security a nine out of ten.

We began using Duo Security just after the pandemic began. We set up the VPN for our users so that they could connect from home and use the business applications. It is a security feature that is used on your mobile device, rather than something that is fixed in the office. You can use it at any given moment, as long as you have your mobile device with you.

Prior to implementing it, they were using just a username and password. That was not secure enough, so there had to be the second level of authentication. As it is now, it is integrated with the firewall. You put in your password and it is followed by a six-digit code that needs to be entered.

We operate in the financial sector so this product is crucial for our business.

The security codes are not generated locally, or on-premises. Rather, they are generated and sent from the cloud.

It is integrated with our Check Point firewall, which is used across different departments. People can connect from anywhere, including from home, and then utilize the business applications in different departments. All of them authenticate using the same firewall.

Importantly, it's not limited to one vendor or one firewall. You can use it to connect through a primary DC and a secondary DC, even if they are different vendors.

Using this product has improved our organization, primarily with respect to security. Even the system administrator, in charge of setting up the users, would not be able to use another person's ID to connect. This is because they would then need to use Duo Security, which resides on the user's device. This is something that other people cannot do because they can't generate the six-digit codes.

In terms of securing access to the applications on our network, this solution is very reliable.

With respect to our users feeling safe, secure, supported, and included, Duo Security is among the best solutions that we have ever used. We have not fully utilized all of the features. However, we're looking at using Duo to authenticate internet banking solutions. Providing a second level of authentication in these situations, perhaps in mobile banking, would be valuable.

Our regulatory requirements necessitate creating a very secure connection for financial services, which is what we get from this product.

Having a single solution for multifactor authentication makes it comfortable for the users. They only need to train on one product.

Maintaining network connectivity is not difficult. We are integrated with Fortinet and Check Point solutions. The Check Point solution is in a different data center than Fortinet, and Duo Security integrates with both of them, despite being from different vendors.

Overall, this product has helped us to remediate threats more quickly. There is no way that others can generate the security code, such as by using another server. They will not be able to connect or authenticate themselves another way.

The resilience that Duo Security provides is valuable in terms of meeting our audit requirements. This is important to us because it helps us to meet our regulatory requirements, which are set by the central bank and enforced by our cybersecurity team.

The most valuable feature is the ability for users to connect securely to the office using the VPN. There's no way to breach security using Duo. No user can connect from a different device, which guarantees access on a per-user basis. The only way somebody else can connect is if the user shares their VPN password, as well as the six-digit code. This is a well-accepted, business solution.

It is very easy to set up, configure, and integrate this product. It is also easy, from the user's side of things.

The interface is such that all of the management can be done from a single pane of glass. You can integrate as many applications as you want, and it's up to the enterprise that dictates that. Overall, it's easy to manage and administer. There are not too many moving pieces, which would make things more difficult to administer and troubleshoot when there are problems.

From our employees' perspective, they are confident that they are the only people that can connect to their accounts. Access to their own accounts remains under their control, and they are the only ones that can connect. 

The reporting feature is somewhat limited. All that you get is the list of times that the user connected. Given that it's only a secondary authentication, it may not be possible to enhance the reporting.

We have had instances where Duo Security stops working on a user's device, which we have fixed by uninstalling and then reinstalling it.

I am in my third year of using Duo Security.

Due Security is a very stable product. We have never had issues in that regard.

This is a very scalable solution. It's not limited to specific applications and we can use it across multiple ones.

We have 175 end-users.

If we need to reach out to them, they would quickly assist us. At any given time, you can get support from Duo Security. This is not a free product and the technical support team is very reliable.

I would rate the technical support a nine out of ten.

Positive

Prior to implementing Duo Security, our users were not using multifactor authentication. They were simply authenticating with a username and password. That was not secure enough, which is why we implemented the second level of authentication.

The initial setup is easy and straightforward. It is very quick to integrate and manage. As it is very easy to integrate, it works well to secure our infrastructure from end to end, helping us to detect and remediate threats.

You just download the application and within a minute or so, you have an admin panel. After that, it is integrated with the firewall and the users can then quickly connect.

The integration is easy because Duo gives you a list of steps that vary based on the application and vendor that you want to integrate with. For example, if you want to integrate with a Check Point product then you have one set of instructions, whereas if you want to integrate with a Fortinet product, there is an alternate set for that.

In total, the deployment took less than two hours to complete.

Our ROI is mainly from the security side. Because of the regulator's requirement, it's worth the procurement. That said, on our end, we're not fully utilizing the product because you can integrate it with different applications. At this point, we are just using the basic feature, which is to connect to the VPN.

The administration is comfortable knowing that no user can connect to the system without using Duo authentication.

From a business perspective, it is a little bit costly. The licensing is on a per-user basis. However, it's worth the cost.

We began with a free trial of the product that lasted for one month. After that, we paid for the license to use it.

We had an option to use Google Authenticator. It is also a secure solution but we chose Duo Security because it was recommended to us, and it has been acquired by Cisco.

We do not utilize all of the features that are offered by Duo Security.

I would rate this solution a nine out of ten.

Our primary use case is for two-factor authentication. We also use the solution to secure Microsoft Remote Desktop, VPN, and SSH connections.

We deployed the product primarily to address security concerns, for example, implementing a more secure security posture using Duo Security.

My initial deployment of the product at a previous employer was across multiple environments and business units. We were primarily an active directory shop using Windows servers and desktops and Wise desktops, all of which utilized Duo Security as their two-factor solution.

In my current environment, the tool is implemented in different forms, on-premise and in the cloud. We deploy it everywhere.

Duo Security has been utilized in multiple organizations I've worked for, and it simplifies connecting securely via VPN, Microsoft Remote Desktop, and SSH.

The app has greater stability than rival solutions such as Google Authenticator, and Duo Push authentication is a valuable feature. 

The product worked to establish trust for as long as I've used it. It's a more functional solution than some competitors, which I discovered during the POC process. I think that Duo Security considering all resources to be external is one of the reasons why they are at the top of their field. 

Duo Security simplified establishing trusted connections, making it easier to implement distributed network solutions. I've always found it to be a good part of a layered defense strategy. 

Most of the end users when I was responsible for implementation, didn't quite understand the value of the solution until it was demonstrated. 

The tool does provide single-pane-of-glass management in my experience. I haven't implemented the solution for years, but I'm a user in my personal and professional life. Therefore, I can say that feature is essential in making Duo Security one of the critical steps in a defense-in-depth strategy. 

I never had any problems maintaining network connectivity, and it always performs well.  

Based on the logging I have seen Duo Security use, I would say their solution does help with threat remediation. It is an integral part of the defense strategy. 

A robust two-factor authentication solution is a massive part of a proper defense strategy, and having Duo makes it easier to implement and manage that two-factor solution. 

I would like to see some features simplified, such as securing, configuring, and implementing Microsoft Remote Desktop. Other than that, the solution was rock solid throughout my time administering it. 

I have been using the solution for six years.

The solution is very stable, I've never seen it go down.

The product is incredibly scalable.

I had to contact technical support on a few occasions, and my problem was always resolved, but it took some time and work to reach a workable solution. My experience with them is primarily positive, but there is room for improvement.

Neutral

At the job in which I carried out the POC for the solution, we used physical RSA tokens, and I have been at locations that use HID tokens. In my opinion, the soft token solution is far better; it's more user-friendly, and staff can utilize the strategy more efficiently, effectively, and, unfortunately for RSA, more securely than the physical tokens offer.

The basic deployment is very straightforward, though some Microsoft Remote Desktop support elements were a little more complicated. Primarily in getting the correct values and additional resources required for the deployment.

I wasn't involved in the deployment at my current company. At my previous employer, I did the POC and the initial training for our help desk groups.

I carried out the implementation myself; I was responsible for maintaining all of the integration points and training the help desk team members to support the product.

It's hard to precisely measure an ROI for security solutions, but I would say it provides a return.

I haven't seen any information on the pricing in four years, so I can't comment on that. 

We tested a SecureAuth solution that didn't meet our security standards. We wanted to try RSA Authentication Manager, but that was more complex for users, so we decided to go with Duo Security.

I would rate this solution an eight out of ten.

When I carried out the POC for Duo Security at my former employer, I pitched it to them because it simplifies the login process and has excellent notifications. Physical tokens can be hard to read, especially for admins and staff trying to remediate problems late at night. We wanted a solution that was easy to set up and configure, and that is what we got; being a cloud-based solution, Duo Security is much easier to manage. We don't need to worry about managing, upgrading, and configuring much on our side; that's all handled in the cloud.   

The first company I mentioned working for was based in Ann Arbor, and Duo Security is or was based there too. I had personal relationships with several team members and recognized their product's value.

The solution improved trust models within our organization, significantly changing how people view connecting to the network. I don't think that it has had an impact on employee morale.

We have implemented it in our organization, and we also implement it for our clients. Duo Security is used to push multi-factor authentication while signing onto computers. We have integrated it with on-premises Active Directory, Azure Active Directory, and Office 365. We have also integrated Duo Security with Mimecast and Mac devices. We have a couple of other use cases, but predominantly, it is for multi-factor authentication. It verifies the identity of a user through a token or a mobile phone app.

It is pretty seamless for establishing trust for every access request, no matter where it comes from. There is logging everywhere. So, if something did happen, you can see everything. In terms of getting conditional access in Azure AD, once you have it set up properly, it just works as expected. They have a huge application inventory that you can integrate with to get that established. They're one of the top vendors.

It is seamless with an easy-to-use portal. It has a lot of automation in there to onboard users and get them to talk with the Duo system. Once they're in the Duo system, it really comes down to what applications they need to get access to, and they're off to the races. They do a great job on that.

It helps support hybrid work. It is very important to have something like that in place because when you are in a hybrid environment, you lose some visibility and control. Having Duo Security in place, you can analyze all different authentication logs and anything else that applications might be interacting with. You can quickly pinpoint and troubleshoot something if an issue comes up.

It is seamless in maintaining network connectivity. In terms of its uptime, in the last couple of years, I can't think of how many times it ever went down. It has to be a very high SLA. It is consistent in maintaining network connectivity across all workplaces, such as campus, branch, home, and micro-office environments.

It helps to remediate threats more quickly. With application logs, it definitely starts to point you in the right direction to figure things out instead of hunting in a bunch of different directions. In a single pane of glass, you can very quickly see which IP address it was coming from and who was trying to initiate that and on which device. It definitely speeds up the process.

Documentation is the most valuable feature, and if you ever have to reach out to them with a question, their support is also fantastic.

Its ease of use is also valuable. From start to finish, you can get the whole environment set up within a couple of hours. Everything is easy to follow. The UI is good, and the process is very straightforward.

More automation and device insights would be helpful in achieving a seamless single pane of glass. Having the additional capability to streamline processes would also make things better.

We have been implementing Duo Security for about four years. 

It is very stable, and they constantly update the documentation to make it easy to integrate with. The SLAs have been very good when working with them where it is not going down or there are constant problems or anything like that. Overall, it is a very good experience for anybody who is using it.

Its scalability is great. There are tons and tons of applications that you can integrate it with. It could become a key piece for the organization for authentication.

There are probably more than 20 customers who are using this solution.

We seldom had to use their support. Most of the time, we go to their FAQs or review their documentation, and we are able to find the answers that we are looking for.

We had an agent that wasn't installed properly on a Mac device, and they could quickly identify the issue and give us recommendations about what we needed to do to fix it. Once or twice, they've taken a little bit longer to get back to me. They've helped me in solving the issue, but it wasn't a seamless experience. I would rate them an eight out of ten.

Positive

I haven't yet used another solution, but that doesn't mean that I won't. Microsoft is another multi-factor authentication provider. Duo Security is a much more streamlined implementation. If you want easier management, Duo wouldn't meet that need. It is an additional layer of cost that has to get factored in versus a Microsoft solution that may already come included with your license.

It is very simple to integrate. You do need to have an understanding of how it integrates with all potential applications, and Duo documentation is fantastic and helpful in getting it implemented.

Its implementation takes as little as a few hours. Your bigger challenge usually is onboarding end-users into the Duo environment, which comes down to:

• How many users are part of the project?
• How easy is it to get in touch with them?
• How well can they follow the directions to get it fully set up?

We implement it for our clients. We are like an integrator. Our clients may purchase the licensing through Duo, and then they sign a statement of work with us to install and get it provisioned for them. Inexperience and not having the time to do it are the two primary reasons why clients ask us to implement it. Sometimes, they can set up the basic pieces of Duo, but they need help with integrating it with Office 365. That's because there are things that need to be set up on that side, and they may not know how to do that.

Most of the integrations are cloud-based. There are a few clients who want to have a user sign on to a remote desktop, which needs integration with on-premises Active Directory, but most integrations are with Mimecast, Office 365, and Azure AD, and all these are cloud-based.

It is affordable for what's coming to the table with it, but in this day and age, the cost is looked at under a microscope, and companies need to very finely define what is needed versus what is critical. In some cases, it might not be cost-effective for a company to have it. In a lot of other cases, it is the cost of doing business.

It is somewhat of an uphill battle to get users to buy into it, but after it gets implemented and they see how easy it is, it is a pretty seamless experience.

A big challenge with end-users is that they see it as another layer that they have to remember and worry about. It is very easy to set up the application to get authenticated. Once you break that curve, it gives end users a sense of security where they know that if they're trying to sign on to Office 365 or some other application, they need to authenticate with Duo to make sure that they have the multi-factor authentication. If they saw a request come in and it wasn't them, they can deny it.

Duo Security has had minimal impact on our organization, but we do have an increased feeling of security. Knowing that you have to have a certain device to authenticate into whatever you need to authenticate into gives peace of mind.

It hasn't eliminated trust from our organization's network architecture, but it has added efficiencies to it. There are other things that we might put in place to make sure that we get towards a zero-trust model, but it obviously aids in achieving that end goal.

It doesn't really provide single-pane-of-glass management. In terms of the security posture of an organization, Duo Security is not a one-stop solution for everything. You still need a combination of a lot of different security measures to develop the full posture, but as far as authentication is concerned, in that one layer, you get the authentication logs and easy integration with all different applications, and you also get some device insights and things like that. All of those together definitely give it points towards being a single pane of glass, but you need other security applications to make that holistic environment very security agnostic.

It is one of the many key pieces that all organizations need, especially if they want to integrate with many applications. There are other solutions out there, such as from Microsoft, for multi-factor authentication.

I would rate it a nine out of ten. There is always room for improvement, but for end-to-end authentication, it definitely provides a great mechanism for organizations in getting that single pane of glass.