Cisco Duo Reviews

We use Duo Security for 2FA during logins.

We needed 2FA for compliance. We already used Cisco across the board, so it made sense to use the product. We benefit from using the solution. We were unaware that some users were sharing logins and doing some things that went against policies. Once we had Duo Security in place, we realized that codes were not going where they needed to, and we could sort that out. The solution is easy to use.

We have some users that don't prefer to use the app. The product could be more intuitive on the app. We have users that are a little dated in their technology adoption. Telling some of our non-intuitive users to use the app was a little struggle.

We implemented the solution about a year ago.

We haven't had any issues with the solution’s stability at all. We've had no issues with it not being compatible anywhere.

We're a pretty small shop. We have less than 100 employees, so scalability is not a huge concern because there's not a lot of growth right now. However, bundling and provisioning the tool with any device is pretty easy.

Support is good. We've had a couple of issues with the tool, and anytime we needed anything answered, we've got it resolved. Everything's been quick and reasonable. We generally expect to get answers the same day we have the problem, although it is not possible.

Positive

To my knowledge, we didn't have any issues in the rollout. We tried to phase it out over the course of a few weeks. Once we got a few of them tested, we went to the next phase. Then, we decided to go 100% with it because we saw no problems doing a stack of implementation. It was pretty good.

My organization sees an ROI on the product. If there's any attempt at a breach, then we're confident that it will be stopped.

The solution is deployed on the cloud. We're pretty sure it's on our end with the telephone system. We have set up automated phone calls to the desk phones, and sometimes they don't go through or are delayed. However, we've been looking through it and are pretty sure it’s on our telephone system.

I rate the product a seven out of ten in securing our infrastructure from end to end. It's pretty straightforward for people that have done 2FA before, but we have a lot of users that haven't. We have to do a little convincing to get them to do the additional step.

We have saved time by using the tool so that we can dedicate our time to other valuable projects. The tool’s Self-Service Portal helped us with uptime. The solution is good at establishing trust for every access request, no matter where it comes from.

We have policies for our machines and for our phones. The solution really opened our eyes to what people needed to do on their phones and what they were actually bringing to the building.

Duo Security absolutely helped our organization improve its cybersecurity resilience. Our employee and guest network are separated. However, people were bringing their personal devices and doing work-related things on them that we weren't aware of. The solution allowed us to see a little bit more of what was going on at the user level.

Duo Security was the first implementation in our organization. We did not use similar solutions before. Choosing the solution was a pretty quick process. Duo Security was the first one that we demoed. We didn't have any issues, so we went right with it. We chose it because of its ease of use and implementation. We were able to roll it out fairly quickly, so there was no reason to look elsewhere.

We had some partner companies and sister companies that were starting to have breaches. They told us that if we had 2FA, it wouldn't have been a problem.

Overall, I rate the solution a ten out of ten.

We utilize Duo Security to mitigate phishing and other similar attack vectors in general.

Our phishing attacks have significantly decreased. The number of compromises is almost nonexistent due to the implementation of Duo Security.

Duo Security's self-service portal has definitely helped us save a couple of hours per month. 

Duo Security's ability for establishing trust is great.

The anti-phishing feature is the most valuable.

Previously, we encountered an issue with utilizing the passcode as part of the second factor; however, that has now been transformed into a feature.

I would appreciate it if Duo Security could improve its integrations with Windows Hello.

I have been using Duo Security for five years.

Duo Security is stable.

After Cisco purchased Duo Security, I was uncertain about its scalability. However, it appears that Cisco has granted them the freedom to pursue their own initiatives and has provided the necessary resources for them to achieve their goals.

The technical support is excellent.

Positive

The initial deployment took place five years ago, but during that time, we experienced some growing pains before reaching a satisfactory point.

I was not involved in the implementation, but we did seek external assistance, which proved beneficial.

We have observed a return on investment with Duo Security in terms of anti-phishing and breach prevention.

I rate Duo Security a ten out of ten.

We do not use Duo Security for end-to-end detection and remediation of threats.

Duo Security may not be the only solution available, but it is a fantastic choice.

We use Duo Security for multi-factor authentication.

The product makes our organization more secure.

Duo is reliable and easy to use. I’m pretty happy with all of the features. The user experience is pretty good. People without any technical background can run the applications without any issues.

The technical engineers in the first line of support should improve their knowledge. We often have to bounce all the cases to different levels.

I have been using Duo Security for more than ten years.

Technical support is pretty responsive. When there was an issue, support was able to provide a solution.

Neutral

From the security team’s perspective, the solution is pretty easy to deploy. From an end user’s perspective, it is very easy to download it and add the device to the profiles.

We deploy the solution in-house.

The pricing is reasonable.

Since I'm not an admin, I don't know how the device gets set up. The product is pretty good at securing our infrastructure. It protects everything and hardly leaves anything open. The infrastructure is secured.

Duo Security cannot do it all when it comes to reducing the risk of breaches. It can probably provide up to 50%, and the rest depends on the user. Things like phishing emails depend on the user. There is nothing that Duo Security can't do. The product does a pretty good job of protecting the infrastructure.

Duo Security’s user authentication and device verification are very good and very reliable. When we get a message to upgrade, we upgrade the tool. I don't have to spend a lot of time to get the device up to date.

The solution is reliable for establishing trust for every access request. It definitely is able to establish trust for the identity to protect the infrastructure. Our organization doesn’t necessarily believe that all resources must be considered external. We try to strike a balance between convenience and security. We don't treat everything as external. We keep certain internal stuff that doesn't have to go through the authentication.

The product increases the awareness of the employees about cybersecurity. Every time I log in, a Duo box pops up saying that I am authenticated and not leaving everything wide open. Try it and get a trial base, and then you will see the difference the tool can make.

Duo is the first platform that we used. My organization did an analysis to see how many potential attacks we'll have and how much money will be lost if we do not deploy Duo. I am not sure about the metrics, though.

Overall, I rate the product a nine out of ten.

We use it for MFA to secure our Outlook webmail and some other applications as well. We use Duo for pretty much anything that uses MFA. 

We were looking for increased security. We wanted to make sure that the person who is trying to log in to our services is actually who they claim to be. We wanted to lock down our applications more and provide extra security.

We have some on-prem servers for the gateways and it's in the cloud as well.

It has definitely made our company more secure. It's pretty easy to incorporate into any sort of application you want to. We also use it for single sign-on for certain applications and that has been nice. People hate passwords.

It's really great for remote workers and a hybrid workforce nowadays, for people who are trying to access their VPN or any applications from outside of the company. It helps us make sure it's someone who should be accessing those things. It does a good job.

It's definitely a factor in achieving that Zero Trust.

In a way, it helps us remediate threats more quickly. If someone is trying a brute-force attack, trying all the passwords they can, and they're not getting a response through Duo, you can see certain security threats that are happening and remediate them.

Duo has also had a big impact on employee morale. People like it. They feel that their data is more secure. Resiliency is very key to keeping people doing their jobs. Cyber security resilience has been very important for us. It used to be that security was not to be the main focus, but it's extremely important now. There are a lot of ransomware attacks and people need to be very cognizant of that. It's important to have redundant and resilient systems in place to support that.

It's nice to have that push notification with the app and it's pretty easy to use. Our users are usually pretty open to it, and it's pretty easy to onboard people.

It also seems like it's accurate, and you can add multiple devices to your account.

In addition, typically, if it detects that you're on an internal network, you can bypass the Duo portion of it. That way, people don't have to do MFA when they're on campus.

Another feature is the single pane of glass management. That's important for analytics and also for troubleshooting. It means there's one place that you go to at least start the troubleshooting process. It also helps with the user experience because you can manage all the user accounts from that one spot, including setting up new users, making adjustments, editing their preferences, et cetera.

It could be a little bit more intuitive when it comes to the sign-up process. I know they send out an email, but sometimes our users get a little confused. It could be an end-user problem, but Cisco could work on that a little.

I've been using Duo Security for about two years.

It seems very stable. I don't think there has been any point at which people have tried to use it and it has failed.

The scalability seems fine. As long as you get the licensing to support it, you can add as many users as you'd like.

We have five or six offices locally, and a few more in different states in the US. We also have one in Shanghai, but they're doing their own thing there. But everyone in our US offices uses it, they all get enrolled. Typically, people will install the app on their phones although they don't have to.

I don't think we've had to use technical support too often, which is a good thing about the product itself.

We didn't use an MFA before Duo.

When the solution was rolled out, I wasn't with the company, but we then expanded it in different ways and I have been involved in that. In terms of the initial deployment, from what I can tell, it was relatively straightforward. And from what I've seen since, it hasn't been too hard to expand it to other services.

It's definitely a valuable product to have.

We may have evaluated other options at a surface level, but we didn't really go too deeply into them. We pretty much went with Duo out the gate.

I would tell leaders who want to build more resilience within their organization to do it right now. It's definitely important and there are a lot of resources out there that can help them on that path. Duo helps with that.

It does what it's marketed to do.

We use it citywide. I work for a city, local government, and we implemented it during the pandemic.

We support it for remote access to our network. Every city employee is required to use it, including the police and fire departments. However, it's hard to concretely say if the solution has helped reduce the risk of breaches in one way or another.
Apart from that, we focus on user education in cybersecurity and provide training to our end-user population to heighten awareness. This is in addition to the two-factor authentication, so we don't solely rely on that.

Duo Security has improved our organization from a security standpoint. The two-factor authentication has become a requirement in most cases. It is specifically required by cybersecurity insurance.

Not only are we doing it for requirement purposes, but it also gives us an additional layer of confidence. Duo Security's additional layer of security gives us added confidence that our network will be less likely to get hacked, compromised, or otherwise.

Moreover, we're very satisfied with the solution for helping secure our infrastructure from end to end. It definitely gives us an added layer of our confidence knowing that two-factor authentication is implemented. In our organization, network-wise, the confidence level is fairly high, and we're happy with it.

The way we involve the end users is with their mobile devices and mobile phone numbers. Once they do get involved, we are pretty confident that they are being reached out to through the number that we have in the system for them, and there's really no reason on our end to doubt the validity of those authentication requests when they come through. We trust Duo Security for every access request, no matter where it comes from.

Duo Security has become essential to our environment, considering today's time when our workforce is becoming more and more mobile.

Duo Security helped our organization improve its cybersecurity resilience. It has given that added layer of security and keeps the awareness on the user's end as well.

It's easy to use, frankly. All it takes really is for the end user to download the app. For me, I have an Apple Watch; I don't even have to wait for my phone. I can accept the prompt right there and just be on my way.

Moreover, we are comfortable and have high confidence in the solution's user authentication; device verification can prevent identity-based attacks.

One of the challenges was for the police force. A lot of them, at first, weren't keen on using their personal cell phone for, quote-unquote, city business. As a city, we require them to download an app for two-factor authentication. There is a little bit of apprehension for some users thinking, well, "How do I know this app is not collecting personal information from my personal device?" was the only obstacle we ran into. Overall, satisfaction is good.

To mitigate this problem, there was an option where the city would choose to just go with utilizing the app. There's another option where you can get a text message as opposed to having to download the app and accept what the app has on it.

I have been using Duo Security for three years. 

Duo Security is a stable solution. 

We never encountered any issues in terms of scalability. 

The customer service and support have been very good. We haven't had to call them many times. They've been able to assist every time there was an issue.

The responses have always been timely, and I haven't gotten any complaints from our security manager.

We used a different solution but had it in limited use only for our public safety team. That was a requirement at the time because of the type of information that they had access to. We were looking for something versatile. 

With Duo Security, the easier user access and user adaption were a little easier. We felt the solution was a little clunky at times, and we are already in the Cisco ecosystem, and that's one of their products. So we decided that was the best solution at the time. That's why we switched to Duo Security.

Implementation was fairly easy. Moreover, once you have it implemented, it's very minimal.

Duo Security doesn't require a lot of maintenance. From that standpoint, the solution has freed up time. However, it's not something that we had beforehand. In other words, it's not necessarily alleviating work. However, it is easy to manage.

The pricing was a lot more than what we were paying for our previous solution. However, our previous solution only covered two out of the sixteen departments within the city.

It’s a bit of a pie chart in that sense but we understood that with Duo Security, we were deploying it on a broader scale.

Overall, the pricing was higher than our expectations, but considering the circumstances during the pandemic and the increased demand, we understood the importance of making the right decision and moving forward with the best product.

I would say we are happy with it. However, I haven't conducted any recent market surveys to compare pricing, so it's difficult to make a definitive statement. Ultimately, what matters most is the satisfaction of our end users, and in that regard, it is currently very high.

We did look at some other products. We had a security manager who was responsible for conducting the necessary research and legwork. However, he did present us with a few different solutions, and our network manager was also involved in exploring options. Ultimately, Duo Security was selected as the preferred solution.

And also, what happened right before then, we had attended Cisco Live, had been exposed to Cisco Duo, and really liked what we saw. So we went into it with a bit of bias, to be honest, because we already saw it.

Duo Security is a great solution. The adoption and learning curve for the end user is low, in our opinion.

Overall, I would rate Duo Security an eight out of ten.

Duo is part of a complete security package that Cisco provides. Initially, we only used Duo to secure Microsoft 365, but we now use it for other applications like VPN, terminal server access, etc.

A couple of months ago, our colleagues got phishing emails from real accounts because other companies got hacked. The scammers write emails from a hacked account because they see an employee on the contact list. They seem real because the images are authentic. That leads to a portal where you have to insert your credentials. 

Like any MFA, Cisco Duo sends a message when someone tries to access your account. That's the part that helped us because a person always falls for it. Unauthorized access is a serious problem, even if it doesn't affect your files. It's a potential risk to our reputation because it doesn't look good if a hacker is using your company email address to send spam.

I'm not sure if Duo saved us time. Any security measure inevitably makes things more complicated. If you eliminate security solutions, it's easier on your users, but you have no security. It's like wearing a helmet on a motorcycle. You don't need it until you fall. 

Our security posture is getting better, but we still have room for improvement. We're implementing several security packages currently and hope to be where we want to be by the end of this year. 

Most of my colleagues from other companies use the Microsoft MFA solution because it's included in Office 365. Few people are considering Cisco Duo. That's the primary problem in our area. It's a solution mostly adopted by Cisco users.

We are new users and only started transitioning to Cisco last year.

We haven't experienced any issues so far, and I hope it stays that way. Nothing is 100 percent, but it's close to that. 

Our company isn't too big. Cisco is the perfect product for our current size, and I don't think we'll have problems with scalability as we grow.

We rely on our partner for technical support, so we've never contacted Cisco for that. 

We used HP networking and security products but transitioned to Cisco last year. In the food manufacturing industry, Cisco has some advantages over others. For example, Cisco switches are made for heavy industry and are designed for devices in the mills. Cisco is certified to integrate with Siemens microprocessors. 

What is critical for me isn't the product itself, it's your partner. If you have a great partner, you can also work with HP or other competitors. Having a partner to implement everything and suggest best practices is essential. Our partner NTS works exclusively with Cisco, so we switched from the competitor to Cisco when we switched partners.

The deployment was straightforward with the help of our partner. I can't do it all alone, but our partner has 450 Cisco-certified technicians. 

Cisco has the most expensive products because market leaders tend to charge a lot.

I rate Cisco Duo Security a nine out of ten. I would give the solution a perfect score if it were a little cheaper. Cisco is expensive.

We use it for security in general. We were looking for something that would integrate with what we already had and that would give us an extra layer of security on top of what we were doing. Since a lot of people were starting to use a lot of handheld devices and equipment at home, we wanted another layer in there.

It hasn't done as much in terms of remediation as it has just flat-out in prevention. Duo has done a very good job in making sure that a problem doesn't become a bigger problem. It's done that very well.

We like the different ways that it allows you to push notifications to people. It can do text, a phone call, and email. We liked the versatility for all of our different end-users, regardless of their level of understanding of the technology.

It does a very good job of helping workers feel safe and secure and supported. Some people view it as just another layer of things that they have to go through, but the simplicity of use, such as being able to call in if they need to, or receive a text, takes into account all levels of end-users and what it takes to get that authentication from them.

It is also important that the solution considers all resources to be external. When you already have certain pieces of security in place, it's really difficult to just rip everything out and replace them. You need something that can start as a standalone solution and then slowly work its way into the rest of your corporate network. When we changed buildings, we had a lot of people working at home for the first time and suddenly using different devices to do their day-to-day jobs, so that aspect became very important.

When it comes to supporting an organization across a distributed network it becomes very important, again, because the traditional method of backhauling security solutions to a central point gets very dicey. It starts to generate a lot of traffic across a wide area. And what happens if some of that can't get back to you? Or what happens if you're dealing with low bandwidth or other scenarios? Plus, depending on where you're at, they may view that as some kind of encrypted back tunnel and not let that happen. Whereas Duo, because it's more distributed and it's trusted out there, allows you to drop something in on a footprint on a very large scale. Before, it would've been a nightmare to get all that configured properly and working.

In addition, the single pane of glass management is very important because security is an extremely complex issue. If you have all these different windows to look at, you're not sure if somebody was looking at this window at this particular time, or if they were over there at that window and missed something. The single pane of glass is very important because the biggest enemy of security is complexity. If you miss something because somebody is not watching the right dashboard, it can blow right by you.

The single pane of glass management does a pretty good job of helping to optimize the user experience, in my particular role. And from what I hear from my team, they're very happy with it. They feel it does a good job for the clients and they love the simplicity.

There could be improvements made to the dashboards and more integration with the rest of the Cisco ecosystem. Duo was clearly purchased, and Cisco has a lot of other panels for their Firepower products, et cetera. They need to continue bringing it, Umbrella, and the endpoint pieces even more together and make the integration a little more seamless among all of them.

Our company has been using Duo Security for about two years.

It's very stable. I don't think we would have gotten it if it wasn't stable. It obviously had set quite a reputation before Cisco acquired it, and that has continued.

The scalability has worked great for us. We've not had any issues with it.

My team gives demonstrations of Duo regularly. The number-one piece of feedback that we get from people is that they like the simplicity. They like the windows, that it's easy to set up, and the features. There are different features and you don't have to turn them all on right away. You can turn on the basic features and get the authentication piece. They like the ability to then drill down and turn on some of those extra features because they don't have to ramp up straight away. They can turn on the basics and be in good shape. Then, if they want to keep tweaking it and turn on all the other pieces, it scales really nicely that way.

End user-wise, we're probably up to about 600 to 700. Our central office is out of Harrisburg, PA and we have a couple of warehouses across the U.S. where I believe they use it too. It's a bit of a distributed model, but it's not a massive distributed model.

I have not personally had to deal with tech support, but my engineers who have had to deal with them have said that they've been very on the ball with quick responses. There have been no major issues.

We did not use a solution for authentication.

It was a little interesting in the beginning when we first put Duo out there because everybody was concerned about text messages on their personal cell phones, and use of their cell phones, and who actually owns their cell phones. We dealt with a lot of what was more along the lines of company policy issues, back and forth.

But after we got past the initial rollout, everybody seemed to calm right down and we don't get any complaints or negativity about it now. It's just part of normal life. Before Duo was pushed out, there were a lot of other companies that were starting to do the same type of thing. That helped ease the release of the Duo product in our organization because people were already starting to get somewhat used to having that kind of stuff happening.

Licensing and pricing are a little bit out of the area that I play in, but I think the pricing is in pretty good shape. 

One of the issues that we used to have is that Umbrella, Duo, and Cisco Secure Endpoint all had different license quantities that you had to buy. That made it really difficult to buy a complete solution with all the other pieces. I had to buy 25 of this one at a time, and 10 of that at a time, and 15 of another one at a time. They seem to have fixed that and the number of seats that you buy now matches across all the different products.

We shopped around for other layers of security but I don't think we specifically shopped around for the authentication piece. When we looked at everything, and the dust settled, this was the easiest piece to put on top of what we had and to give us another layer of security.

Duo hasn't eliminated trust, but it has certainly been a piece of what has helped build our whole hierarchy. We're moving forward and starting to put other pieces in place too on top of that, things that sync a little better with it.

Duo is beneficial to the overall connectivity. It doesn't cause any issues. It doesn't cause an excessive amount of delay, from what we have seen. The nice thing about it is that it just sits on top of whatever else is already in place and it doesn't cause disruption to whatever else you're using.

I rate it highly because it's something that can grow with you, whether you have very little security or a lot of security, whether it's already Cisco or not, and whether you have a mixed mess that you're trying to put into some kind of order. It will go in any direction with you and grow. It will get better as you improve the stuff around it and it will start to integrate with Cisco solutions. It's one of the best products because you have the ability to go with or without Cisco, and it gets better as you add more.

With Duo, MFA allows the network to have an authenticated user sign-on seamlessly. If someone's entering a password and their user credentials and they want to get access to the network, the Duo app will have a code that the end-user has to input, which then authenticates them. It's a second layer of security before they can access the network. Even if a third party gets your username and password, without that Duo access, they won't be able to access your network.

We don't have to worry so much about the end-user that's logging in.

Multifactor authentication is the most valuable feature.

As for establishing trust for every access request, that's exactly what this solution does. Outside of having a username and password, you have to get authentication from Duo as well.

You can never eliminate trust, but what Duo Security does do is add an extra layer of security. When it comes to the internet, networks, inbound traffic, and outbound traffic, you're always subject to a potential threat. Duo Security just adds another layer.

It's a great addition to the security of any network infrastructure.

In terms of helping workers feel safe, everyone knows that the information within the enterprise is safe because the people that are logging in have been authenticated in more than one way.

It's pretty easy to maintain network connectivity once it's set up; the end-user uses it to log in. It's not something that you have to constantly manage and deal with apart from pushing updates. It's pretty much self-managed.

In terms of consistency across workspaces, it works all the time, except for when a forced update is needed.

It helped us remediate threats more quickly. For instance, if someone accesses your credentials or you leave your laptop open and someone gains access when it times out, you still need the Duo code that is sent. A new code is always needed to be able to access that laptop or even that phone. Then, from there you're able to safeguard the information that your company has.

Nowadays, data is the number one commodity, so protecting that at all costs is really important. Duo helps with that with end-users. The thing about end-users is that they are volatile. You can't really control what someone does. So, Duo security helps with managing that by having them implement a new time code that's always sensitive.

Technical support could be improved. I don't think all support should have to go through an agreement.

I've been using this solution for seven years.

It's very stable. There aren't many issues with Duo.

The scalability is just fine. If you scale a certain amount, you have to upgrade and update your license. Outside of that, it's fine.

We are a large organization that deals with a lot of high transactional payments, and we have a large number of users, maybe 100,000 a day, and inbound user traffic.

If you open up a TAC case and they get to you quickly, it's fine. If you have a service agreement that says that they will get back to you within one to two hours, that's fine because you can resolve an issue. Now, if you don't have that agreement and are just a regular user, they take 48 hours to get back to you, and if you and the network team or the security team can't figure out the issue, a lot of money could be lost in two days.

Because there's always room for improvement and because I don't think all support should have to go through an agreement, I would rate technical support at eight on a scale from one to ten.

Positive

Anytime your network is secure and it's not breached or there's no downtime or infiltration of your perimeter, there's always an ROI.

With regard to pricing, for a small business buying a one-off, it's pretty expensive. If it's an enterprise that has thousands of employees, however, it's really nothing to protect your data because if your network goes down or it's breached, you're losing millions of dollars every minute. When it comes to a large enterprise, it's priced where it should be because you're talking business to business. You're not talking business to consumer.

To leaders who want to build more resilience within their organization's security, I would say that you can't go wrong with Cisco products when it comes to security. You can start with Cisco Umbrella, then go down to their firewalls, and then the next-generation firewalls. Then, you can move down to their end-user security endpoints.

The whole lineup through their security portfolio is really strong. If you're spending $50,000 on a suite and a $100,000 total contract value, you can enter a 3.0 Enterprise Agreement. Then from there, you can lock in prices for one, three, to five years. So, when it comes to any enterprise, when you're talking about security, if you use all of Cisco's security features, from end-user out to your data centers, you'll be pretty well off.

If you have security concerns, implement Duo for your end-users.

Overall, I would rate Duo Security an eight on a scale from one to ten.