Cisco Umbrella Reviews

In a previous organization at HBL, we were using Cisco Umbrella as well, so it has been a quite long time.

Cisco Umbrella is specifically designed for DNS protection, with features including a user-friendly console and the easiest installation. It offers very prominent threat feeding from different Talos sources, securing multiple platforms. Cisco Umbrella helps protect from malware and unsafe sites. It is especially useful in mitigating DNS attacks and ensuring secure browsing for end users.

The major issue is that sometimes when you install the client, it shows you protected and displays that it is live with the backend servers and everything. However, in reality, it was not getting any feed from the main client and is just sending your traffic to open DNS, which sometimes causes an issue because the protection you have implemented can be breached by users.

The primary thing that Cisco Umbrella lacked most of the time is their client. Previously, they had a separate Cisco client. Now they have merged everything into the Cisco Secure Endpoint client—one client for everything, for Cisco Endpoint, for Cisco AnyConnect, and for Cisco Umbrella, which they did probably in 2025.

I have been using this solution for almost two years.

As a customer, I have never been satisfied with any product for a longer period of time, so that is a tricky question to answer.

If you require 10 clients or however many you need or whatever expansion you require, they are just a click away.

Cisco is always known for their best technical support, so there is no doubt about it.

Positive

At that time I was working in HBL on the Symantec DLP product.

Cisco Umbrella is specifically designed for DNS protection, and the features they have include a user-friendly console and probably the easiest installation.

If you go with the main competitor product, there is no doubt that Infoblox is the best product.

There are a couple of products we are working on. We use Cisco EDR and XDR, for DLP we have Forcepoint, and for cyber threat intelligence, we have EPP.

We focus on DLP and the classification tool, which is for data visibility and DLP. It is kind of data protection that is used for classification.

For Cisco, we use FTDs. It is the Cisco Secure Endpoint, which is known as Cisco EDR, Endpoint Detection and Response.

We use Cisco Umbrella for DNS protection. In the current environment, cyber security resolves your addresses securely and protects from threats from outside. Most attacks happen over DNS, so those DNS queries can be mitigated if you have a secure way for browsing for your end users.

We are not using Cisco Umbrella for the proxy. We are using it from our DNS perspective. As a strategy, we are using it for outside communication through the DNS resolver. However, Cisco Umbrella has now combined with Secure Access, which comes with different features. Previously, Cisco had WSA for the proxy. Now they have come up with a proxy solution that gives Cisco Umbrella protection with remote proxy and cloud proxy solution, which is known as Secure Access.

As I mentioned earlier, they have very prominent threat feeding from different Talos sources, securing us on multiple platforms where, as an enterprise, you might not have those features and the feed to protect yourself. Cisco Umbrella is definitely a good product from that perspective and is going to help you protect from malware and from sites which are reputedly not marked as safe for the user. I would rate this review an eight out of ten.

Public Cloud

My use cases for Cisco Umbrella in my company are basically to allow and block URLs, to block websites, mostly external websites, and to allow or block accordingly.

The feature I appreciate most about Cisco Umbrella is the dashboard and how easy it is to see the reporting, what is blocked and allowed, and it makes it very user-friendly. The dashboard and the reporting functionality are standout features. Cisco Umbrella has improved my company as it makes it very easy to allow or deny any URL, websites, and internal communication, and it is very easy for the administrator to use.

I am unsure how Cisco Umbrella can be enhanced, but sometimes there are some lags, and I have to refresh multiple times to access parts of the dashboards. Sometimes the dashboard pages crash and I'm not sure why, so that's one area for improvement. However, this doesn't happen frequently.

I have been using Cisco Umbrella for two years personally, and enterprise-wise, it has been in use for approximately four to five years.

Cisco Umbrella is stable and reliable. Sometimes, for whatever reason, some features on the dashboard crash, and I have to refresh, but I wouldn't say it's significantly hurting the functionality. It's just something to improve.

Cisco Umbrella is very scalable. We use it with multiple customers, and my customers use that solution. It's very scalable, and I've heard from other teams within my company that it's been used at least with a few teams.

My experience with customer service and technical support for Cisco Umbrella has been minimal, which indicates that's a good thing. If I don't need to go to support all the time, that means the product is working fine, so I'm very happy with them.

Positive

I did not use another solution in my company before choosing Cisco Umbrella that does the same things.

From my point of view, the biggest return on investment when using the solution is that it makes it a lot easier to delegate some of the tasks that were traditionally used, such as building policies on the firewalls and doing it through Cisco Umbrella. This aspect cuts a lot of time, resulting in significant time savings.

I have not utilized the experienced insights feature of Cisco Secure Access. I am not sure how Cisco Talos Threat Intelligence influences my company's ability to act against emerging threats. As an administrator, I see there's a threat and I'm not going to allow those websites for my internal users to access unless they specify why they need to go to that website.

Cisco Secure Access is doing its intended purposes. If I don't hear a lot of complaints, it's probably doing something good. It's one of the products that I have the least issues or complaints with, which is why I don't interact much with support. I haven't used the Secure Internet Gateway feature of Cisco Umbrella and cannot assess it.

I would rate Cisco Umbrella a nine overall from one to ten.

Public Cloud

The primary use case for Cisco Umbrella is DNS security.

The most valuable feature of Cisco Umbrella is its DNS security. It is beneficial for end-users, particularly mobile users, as they benefit from the enhanced security posture provided. The solution helps in improving the security posture mainly because mobile users benefit from security.

I do not interact with the product on a daily basis, so I will not be able to provide detailed insights into potential improvements. However, the prices need to go lower. The price of technology is just crazy.

I have been working with Cisco Umbrella for more than five years, at least five years.

I will give stability a score of seven out of ten, as there are some glitches from time to time. 

I would give the scalability a score of seven. It seems adequate for our needs.

Technical support from Cisco is okay. I do not have a problem with it. However, sometimes, it takes a while to get a response, and the team can be very rigid.

Positive

The setup process was simple and not too complex or complicated.

The prices need to be lower as the current pricing is exceedingly high.

The main competitor for Cisco Umbrella on the market is Netskope Security Cloud Gateway. I prefer Netskope Security. Its security capabilities are more favorable to me.

Overall, I rate Cisco Umbrella an eight out of ten. 

While my use case is primarily for mobile users, the entire enterprise can benefit, whether they are mobile users or not. The benefit is across the board.

Hybrid Cloud

Other

I have implemented Cisco Umbrella for one of our customers. I did an installation of two virtual appliances onsite, on-premises, and all the DNS redirection is done to the Umbrella cloud. The customer uses it primarily in the office for their DNS queries to the Internet and also internally, as the virtual appliances redirect to the internal DNS servers.

The most valuable aspect is that it is hosted with Cisco and can detect any new anomalies, acting almost like an XDR. It provides zero-day protection by detecting any new suspicious DNS queries. Another key aspect is its DNS layer security, which helps in creating scheduled reports and allows access to these reports through the Umbrella dashboard. I can export the reports to PDF, CSV, or Excel files, and even generate reports as needed. Furthermore, Cisco Umbrella has improved the security of my customer's organization because all DNS queries pass through the platform. They are able to see reports and get ratings of different sites their users try to access. If a machine is attempting to access compromised sites, it can pinpoint the machine to prevent it, thus narrowing down the attack surface.

The channel of support needs improvement. It is not under normal Cisco support, and I cannot simply call for support. Instead, I have to write an email to Umbrella support to get assistance, unlike the other products where I can call the Cisco technical assistance center and get an engineer.

I have not faced any challenges with Cisco Umbrella. As long as DNS is pointed to Umbrella, everything runs as expected.

The scalability is good. I have no complaints.

Getting a response takes a while, so I would rate the support a seven. The support channel isn't like the usual Cisco support where I could call instantly for a hardware issue like a router or switch. Umbrella requires me to write an email.

Neutral

The only problem with Cisco Umbrella is the support. The product itself has good performance, a user-friendly interface, and excellent scalability. I rate Cisco Umbrella a nine out of ten.

On-premises

We use Cisco Umbrella to detect malicious URLs, DNS queries, data exfiltration, and DNS tunneling. It is particularly effective in showing DNS queries and providing visibility for external DNS queries, especially in communications to malicious sites from internal systems.

The DNS data exfiltration and the blocking of DNS tunneling are the most effective features for threat prevention in our company. The DNS layer security provided by Cisco Umbrella is very effective for our security posture, offering us vast improvements in visibility over DNS queries and potential threats.

We need to work on integration as it is very complex. Making it more flexible and easy to deploy, particularly when integrating with other technologies like Active Directory and proxies, would be beneficial.

I have been working with Cisco Umbrella for the last three months.

Cisco Umbrella is stable, and I would rate its stability at nine out of ten.

Cisco Umbrella is scalable for our company. I would rate it nine. We are in the POC stage with twenty users, and once we purchase and deploy it, the number of users may increase.

I am satisfied with Cisco support. I would rate customer support ten out of ten due to the excellent assistance throughout the POC process.

Positive

The initial setup was complex, requiring two months for deployment due to the challenging integration process.

Currently, we have not been provided with the financial terms. We are evaluating our internal environment before proceeding with an RFP for a quotation.

The main concern with solutions is financial. Whichever solution gives us a good financial deal, we will consider it. All solutions have similar features yet vary slightly in deployment and workflows.

I recommend using Cisco Umbrella at full capacity with all features. My overall rating for Cisco Umbrella is ten out of ten.

Our primary use case for Cisco Umbrella is to provide DNS layer security, secure web gateway, and cloud access security broker functionality. We also utilize its integration with other security solutions, policy management, and mobile device support. Customers use Cisco Umbrella for these features to enhance their cybersecurity measures.

Cisco Umbrella offers DNS layer security, a secure web gateway, and cloud access security broker functionality. It provides threat protection by blocking threats before they reach the user's device. The firewall and integration capability with other security solutions are valuable for effective security management. Customers choose Cisco Umbrella for its DNS layer security, policy management, and mobile device support.

Cisco Umbrella can be improved in terms of limited coverage and wind vulnerability. The product can only shield a small area, making it less effective for larger spaces or multiple users. 

Additionally, strong winds can disrupt its functionality, and the opening and closing mechanism can be awkward in tight spaces.

We have been working with Cisco Umbrella for two years. My technical team has been handling the Cisco portfolio for the last fifteen years.

I have not experienced any major stability issues with Cisco Umbrella. Occasionally, troubleshooting and firmware upgrades are required, however, overall, the solution is stable.

I rate the scalability of Cisco Umbrella as seven out of ten. It is a scalable solution but requires improvement in specific areas.

The customer and technical support for Cisco Umbrella are very good. Cisco's support is fantastic, providing assistance when needed, especially during the initial installation process.

Positive

The initial setup of Cisco Umbrella is not very complex. Certified resources trained for two to three days can easily implement the solution. On a scale from one to ten, I would rate the setup experience as a six.

Our customers have seen a return on investment since implementing Cisco Umbrella. It effectively enhances security and meets customer requirements.

The pricing for Cisco Umbrella is average. The only cost associated is the license cost unless additional solutions need to be integrated with Umbrella, which would incur extra costs.

We also evaluated Infoblox for DNS, as Cisco does not offer DDI (DNS, DHCP, and IP address management) capabilities. Infoblox offers a more comprehensive solution for these functions.

I would recommend Cisco Umbrella for its overall functionalities but not specifically for DNS purposes. For a complete security management solution, Infoblox is a better option for DNS management. 

Overall, I rate Cisco Umbrella six out of ten.

Hybrid Cloud

Other

We use Cisco Umbrella as a security layer for all our employees. We deployed it two years ago as a security solution in order to cover our roaming workforce. Our employees are scattered throughout more than 20 locations, including homes and hotspots, and we had to cover the security gap. We needed to be sure that regardless of the location our employees would be covered by the security features.

To provide connectivity to our members, we use Cisco Meraki. When our employees are within the co-working space, we use the integration with Cisco Umbrella security and the Meraki network.

The reports and notifications are the most useful part of the platform. As soon as you deploy the security layers, the reporting is very comprehensive. It helps you to have, at a glance, a clear view of what's going on.

The integration between Cisco Secure solutions is pretty good. We have been able to deliver the solution in a few days. The integration of Umbrella and Meraki is literally one click away from the customer.

One of the reasons why we chose Umbrella was its capability to perform end-to-end detection of malware and web traffic. In the last two years, we have been covered, detection has been faster, and we have been able to contain some potential threats along the way. We use the Umbrella stack from DNS protection to web and content protection. Our workforce is made up of 150 Macs; thus, we use Mac as a client. We have some PCs and integration with the network in our co-working spaces.

Utilizing Cisco Secure has helped us save time. Being a nimble organization, we don't have IT staff who are fully dedicated to security. The maintenance is also not very time-consuming. In terms of the amount of time saved, it would be half an FTE a year, given the fact that we are informed and notified when threats arise.

In terms of operating expenditures, we have been able to negotiate a better cyber insurance rate with our insurance company due to the fact that we are covered by Umbrella.

Another benefit of using Cisco Umbrella is application scanning. We have been able to understand how many other applications we were consuming in the cloud, address them, and save money. Without Cisco Umbrella, we would not have realized that we had so many cloud applications in the company.

We have been able to close at least four or five applications that were duplicates of others that we were already using in the company. We have realized approximately 10,000 to 12,000 euros a year of immediate savings in an organization of 150 people, which is quite significant.

Client delivery and client updates should be improved. Client delivery was not as easy as expected. Another area for improvement is the integration of escalation procedures for security issues.

In the next release, I would like to see the addition of notification flows like SMS and popups.

Cisco Umbrella is stable. We have had some issues, for example, when deploying from home or from slow networks, but 99% might be covered by a backup deployment of the client.

The moment Cisco Umbrella is installed, it scales. It's a matter of deploying policies. You can scale from one to thousands or tens of thousands of clients very quickly.

We are mainly supported by our partner. We escalate to Cisco's technical support when needed, and they are always outstanding. I would rate them at ten out of ten.

Positive

In my environment, the initial deployment was not as easy as we expected it to be. The delivery of the client in a Mac environment was not that easy, and the fact that we do not have a directory made things a bit more complicated. On the other hand, as soon as we were able to deliver the client, everything went well. We were able to deploy the solution in one week.

We were supported by our partner both on the network side and the security side. Being a solution focused on the client, we involved the partner for support on the endpoints, which are the critical part of the delivery.

Our experience working with our partner was good because they know our organization and our needs. When you increase security, you may see a higher number of false positives. Our partner played a key role resolving any issues that arose for the customer during deployment.

Cisco Umbrella is not a cheap product. However, it's not a matter of the cost; it's more a matter of the value of security. It is easy to measure this value when you have a security incident. I think the price is a good trade-off for a product that can help you avoid security threats.

You can try to partner as much as you can with insurance and other companies. It can help you reduce acquisition costs.

We had several reasons for choosing Cisco Umbrella, including the rise in attacks, the need to be careful with our customers' information, and our desire to have an extra layer of information security.

The main reason for going with Cisco Umbrella versus other competing solutions was its capability to integrate with our network. The first deployment we did was pure DNS and was a client deployment. Then, we were sure that we wanted to have a deeper integration. The fact that we are 100% running on Meraki infrastructure helped us to have this blended architecture, which is very efficient from the point of view of the client, service, and security.

If you're considering Cisco Umbrella, my advice would be to take your time and have 10% to 20% of your company pilot the solution. It's a solution that is easy to pilot in a specific environment, even with very deep integration with the network. I would advise you to go with a good use case, pilot the solution, and then move forward with a broader deployment.

On a scale from one to ten, I would rate Cisco Umbrella at nine.

My company's biggest use case for Cisco Umbrella is for DNS security protection for five years. A year and a half ago, we were able to upgrade and upsell a project to Umbrella's SIG. So, now we're working on a new upgrade to new packages, including Citrix ZTNA.

In my opinion, DNS protection is basic for most customers. But the simplest way to protect web traffic is with its functionality, like SWG. 

L7 and the firewall in the cloud are good features. We always hear good feedback from our customers.

I'm hoping for the conversion of Cisco ZTNA's features from Duo to Umbrella. This feature was announced at Cisco Live. I think Cisco is now on the right way to being the most competitive against some vendors like Netskope and Zscaler. 

I have been using Cisco Umbrella since somewhere between 2014 and 2015.

Stability-wise, I rate the solution a nine out of ten. I only saw an impact once on its stability, and that was when I was working five years ago in the support in Johnson & Johnson environment, and Johnson uses SIP security for everything. So, one of the things was that in the bank that uses it, it was miscategorized in Cisco Umbrella. After I did investigations, I found that the problem was not in Cisco Umbrella. The problem was with the bank because they needed to split the data centers in Umbrella, and Umbrella could not recognize the object.

Compared to the past, in my opinion, Cisco's support is better nowadays. The policies have decreased a little, in my opinion, but it still offers the best support in IT. This is common feedback from customers, including the ones that complain about Cisco's partners, but at the same time, they say its support is better than all different competitors. I rate the support an eight out of ten.

Positive

In my company, we are partnered with one of the competitors of Cisco Umbrella.

We sell Cisco since we are one of the biggest partners of Cisco in our region, Latin America. Also, I think that Umbrella is a good solution. But Cisco should have considered improving it in the last few years. For example, if you compare Cisco Umbrella against McAfee, Zscaler, or Netskope, three years ago, Umbrella had a lot of the main features for the market drive, SSE, DLP, l7 firewall, and ZTNA. So, now I think Cisco Umbrella has everything to show and be the next leader partner.

I wasn't involved in the solution's setup phase. I do the sales in my company, and the ones responsible for deployment in my company are from another sales team. In the past, during the initial years of Cisco, I was involved in deployment.

Regarding the ease of deployment, I am 100 percent sure that it is the easiest solution. Also, I have already worked before, even in Cisco Portfolio.

My customers have seen an ROI using the solution, mainly considering the time it shows the attacks and what the threats are. Personally, I saw a presentation to suppliers with the title stating SaaS is the newest SOC's best friend, and this is a reality. I have a customer, the biggest bank in Brazil, and they adopted Cisco Umbrella's DNS Security Advantage as one of the main features in the SOC, which is integrated into the bank, which is one of the most valuable for the customer.

Cisco Umbrella now has a good price in the basic packages. When it comes to Cisco Umbrella SIG Essentials package and Cisco Umbrella Secure Internet Gateway (SIG) Advantage package, it depends on whether the project has a good price or not. For example, we are not able to choose the SWG feature without l3 and l4 firewalls. Some vendors have that possibility. So, we know this has a price, and this has value for the customer. But most of my customers that are using Umbrella SIG Essentials don't have l3 and l4 firewalls. So, this is a problem. 

With the new features that are being introduced in Cisco Umbrella, I think we will have a new price list, and maybe things could change. Considering Umbrella for the SIG Advantage package and full feature competition against ZScaler or Netskope, they need to add all their packages. Usually, the SIG Advantage package has a markup price.

When it comes to securing my customer's infrastructure from end to end so that they can detect and remediate threats, I would say that, in general, I have had a good experience. Sometimes, just enabling Cisco Umbrella POV and the fact that DNS trust is going through Cisco Umbrella is the easiest way to show and close a lot of bad traffic nowadays. Also, 80 percent of campaigns use any kind of malicious DNS infrastructure. So now, it's very, very easy to detect such traffic.

Cisco Umbrella has helped customers consolidate any tools and applications. I say this because, with Umbrella, it is very easy to see what the users are using through the internet, especially with the basic packages.

Speaking about what effect Cisco Umbrella's ability to consolidate tools or applications has, I would say that, in general, it is easy to see what Umbrella is blocking. In some cases, for example, customers who have used traditional endpoint security solutions sometimes think that they are safe because they didn't have any alerts using that. But when these customers implement Cisco Umbrella, they realize the real scenario. It has a positive impact because today, it is able to see the real traffic and the really bad things that are inside their networks.

Regarding whether Cisco Umbrella helped to improve cybersecurity, I would say that with Cisco Umbrella, it is easier to handle the incidents because they have more information that should handle the problems and improve security in general. The base, or the first layer, I think, is the way you improve resilience.

I rate the overall solution a nine out of ten. After Cisco Channel Partner program's release, I may probably rate it a ten out of ten.