Cisco Umbrella Reviews

The various powerful query options are the most valuable features of this product to me. Using the Investigate API, we can gather the detailed history of a domain, whois information, NS records, etc. All of this information helps us determine whether a domain is malicious or not.

It helps us identify malicious domains.

I would be happy if they could add the whois information of an IP. That would further help us determine whether an IP is malicious or not by identifying the domains associated with the IP, whether there are any known bad domains associated with the IP, and more.

I have been using this solution for two months.

I did not encounter any issues with deployment, stability or scalability.

We implemented it in-house.

The APIs are very powerful. You can use any programming language and integrate it with your products. It can be really handy for security analysts.

We have a number of terminals that are NOT on our MPLS network, so we depend on the OpenDNS services to provide URL filtering where we normally have no visibility or control.

By using OpenDNS, we block sites that are looked at as malicious and cut down on incoming threats.

One thing I can mention is network security. There's no real mention about the potential of malware & virus protection for locations that we are using OpenDNS on. In certain areas, we only have a few people on-site and there’s no real need for a firewall at that point.

That would be the only thing I can think of with OpenDNS that we have NO information on.

Otherwise, for me, I think it’s a good packaged deal. I wouldn’t really change anything.

We have been using this solution since 9/25/15.

I did not encounter any issues with deployment at all. It was pretty straightforward.

Their customer service is pretty good from what I remember. We called them at one point to ask a question about one of our devices not showing up and they were pretty quick at resolving the issue.

Previously, it was the Wild West at our locations that are not on our MPLS network. They were looking at whatever they wanted as they were only on a personal wireless device. We upgraded them to a Cisco 819 or a Cradlepoint but didn’t have much in the way of filtering or DNS with their GUI.

I believe, for the most part, initial setup was straightforward. You just have to look around and set it up, link it to the device, etc. It’s not too difficult where you couldn’t just figure it out, but to be sure, we called support and they confirmed what we were doing. They even helped by showing us the policy setup area.

We implemented this ourselves. We had the access points, set them up, tested them and shipped them out.

The pricing is fair. We’re paying under $40 per license for 60 licenses.

If you have locations where there are a small number of users that doesn’t merit a dedicated line with high monthly costs, it’s quite easy and efficient to give them some kind of access point and use OpenDNS for security and filtering.

The ability to use custom categories to block out websites was valuable because the predefined categories were either too restrictive or not restrictive enough. For example, one category would block everything from social media to webmail, while another category did not block either. So to be able to customize categories made it a lot easier.

This product has made it easier for our IT team to keep employees on track to work and away from distracting websites.

Perhaps an option to be able to block only specific users would be a way to improve the free version of OpenDNS. In our department, there are multiple users that need different levels of access. For example, those who work in the advertising department need access to social media, while those in the accounting department do not. The ability to be able to set different rules for each user would have been nice to have.

I have used it for about six months.

I did not encounter any stability issues.

I did not encounter any scalability issues.

I did not need to contact technical support when using OpenDNS. The product is very self-explanatory.

This was the first product we used for filtering websites.

The initial setup was very straightforward. I did not have any issues.

I was using the free version of OpenDNS, so I am not aware of the pricing.

We were choosing between pfSense and their packages versus. OpenDNS looked easier to setup, so we went for that first. Eventually, we moved to using pfSense’s SquidGuard, because it allows us to be more precise with filtering websites.

This product is very straightforward and simple to setup. I would recommend others to just give the product a try. I am sure they will be happy with the results. OpenDNS has different filtering levels, but I found it easier to just go for the custom level versus the ones they had set up already.

OpenDNS allows us to maintain low network resource overhead on our (relatively) small network. Intuitive, flexible web filtering controls also help us enforce compliance over logically separated networks at our school for teachers, students, and non-academic staff.

Given the small to medium scale of our network architecture, our current gateway/firewall DMZ infrastructure is specced too low, and our budget too limited to accommodate more fully featured security appliances. While some organisations may utilise higher specced security appliances with powerful software features available directly on the device including user management, granular IP filtering and more, we must make do with lower spec appliances.

Furthermore, while our network is based around a gigabit fibre core, we have seen bandwidth utilisation increase greatly over the past several years due to cloud hybridisation of our infrastructure (AWS, Google Nearline, et.al.), and as a result are currently stretching the performance limits of what our current hardware stack can do. Given these limitations, the granular control which OpenDNS provides us for Web Content Filtering, malware protection and data logging are crucial in filling gaps in our network security stance.

To add, we are also an educational institution. Our standards for compliance, both internal and external, can be quite strict. We are beholden to security and compliance standards enforced by the Government of Japan, its Ministry of Education, as well as internal compliance enforced by our own Business Administration department.
This is not to mention the sort of 'soft compliance' which comes from the families of our students regarding how we handle sensitive data and personal records.

It has been our experience that the following features available within OpenDNS have helped us meet compliance reporting requirements quite readily:

• Botnet Protection
• Malware Protection
• Internet-Scale Malware/Botnet Protection- Phishing Protection
• Stats and Logs

The management interface for these features is highly user friendly and it is simple and easy to make configuration changes on the fly. This is important to us as specific security policies can and do change on a weekly or even daily basis. The size of our department also dictates that we do not have any single engineer dedicated to network security (or even networking) and so it is crucial that each of our members have the ability to log in and manage this service when needed.

All in all, I can not recommend OpenDNS as a one-size-fits-all solution for security and compliance, especially for larger organisations. I can, however, strongly recommend that any Systems and Network Engineering team consider this product on its merits regardless of scope. Personally speaking, this tool has proven itself invaluable in allowing myself and my team to perform our duties efficiently and securely.

Because we have a small sysadmin team, the less time we need to devote to responding to threats, parsing data logs and putting out fires, the better. OpenDNS saves us time in this regard, as well as providing fast and easy configuration control.

Difficult to answer as we haven't yet pushed the outer limits of what this product can do.

Nonetheless, one thing to keep in mind when using OpenDNS is how it will interact with your internal network and DNS architecture. You run the risk of breaking any local subnet DNS lookups in a domain-bound enterprise environment. While this criticism can be applied to other third-party DNS providers, it is nonetheless one reason for withholding a perfect rating.

Additionally, OpenDNS will handle server caching differently than your local service provider. This can cause service slowdown or interruptions, and generally prevents OpenDNS from becoming the "one-size-fits-all" solution that some would like it to be.

Finally, although this has never posed a problem in our environment specifically, OpenDNS has been known to grab NXDOMAIN records and redirect traffic to their own internal ad pages. Some people may find this unethical; however, that might depend upon whether you are utilising paid or unpaid services from OpenDNS as well.

I have been using for over a year.

We currently have OpenDNS deployed across two sites providing coverage to more than 500 active clients. No problems so far. We will be further expanding this year and hope to leverage OpenDNS web filtering at our new sites as well.

On the rare occasions we have used it, technical support has been prompt and professional, if a bit lacking in personal touch.

Previous infrastructure relied on router/gateway-installed software for filtering and security. It simply isn't enough for a modern network, especially not one as complicated and security-conscious as education.

With a basic understanding of networking, implementation should be straightforward. For non-technical people, there is probably enough documentation floating around that basic configuration is possible for anybody motivated enough.

An in-house team implemented it.

Implementation was a no-brainer. We do recommend notifying and educating users in advance of implementation to avoid potential headaches caused by sudden changes to filtering policies and such.

ROI for OpenDNS: time saved, checkboxes ticked, and organizational leadership satisfied.

Get a quote! You also need to weigh any licensing costs against potential risk factors. (I.e., what is the potential cost factor of not implementing this or other solutions?) OpenDNS licensing structure and policy is generally straightforward and easy to understand. In our case, managing a network in use by students, many of them younger, necessitates certain compliance and security implementations not found in typical corporate environments.

Plan out your security coverage and filtering strategy in advance of purchasing and implementation. Think about what role you expect OpenDNS to fill in your security architecture. Do you have Layer 3 security in place? Where do your vulnerabilities lie and what threats can you expect to counter?

We use Cisco Umbrella to block student access to pornographic and non-education websites. I also use the solution to block access and restrict student permission to download from malicious websites.

Cisco Umbrella is easy to monitor, manage, and deploy.

The solution is very expensive in Brazil.

I have been using Cisco Umbrella for five to six years.

The solution’s initial setup is easy.

We have different profiles for students and tutors for internet access. Students cannot access applications like Instagram and WhatsApp, but tutors are permitted to access these applications. We use Cisco Umbrella for access security, and I don't use another layer of security.

Overall, I rate the solution a nine out of ten.