Cisco Umbrella Reviews

I use Cisco Umbrella mainly for content filtering. We use it to ensure that my users don't access something they shouldn't be accessing. It's just like pushing and scan prevention.

There are a countless number of attacks that Cisco Umbrella prevented from happening in our organization.

Suppose we see a very silly entry where a bad actor tries to impersonate a good website or service we continuously use. They buy the domain, misspell it somehow, and then inject that in a link. Suppose my email scanning tools did not detect or notice that for one reason or another, and we identified it later. We immediately block impersonating users from accessing services over Cisco Umbrella-controlled devices.

iOS devices and mobiles are huge in my environment right now, and I cannot run them on Cisco Umbrella 24/7. Each user has one desktop but three or four mobile devices on two iPads, and a phone or multiple phones and an iPad, or vice versa. I'd like to turn on my Cisco Umbrella on the network level, at least on my office premise. However, my security team would like to keep all devices on-network and off-network to be connected or managed by Cisco Umbrella all the time. So their use cases are higher and stronger than my mobile ones. Sometimes we try to work around my mobile ones with MDM, but sometimes it would be way more flexible to have both running side-by-side.

Also, in the Apple services or the Apple space, between my Cisco Umbrella and between my Apple updates, something breaks. I'm not sure if it's because of a policy that my company did before I joined them or if it's something that's happening due to a conflict in the configuration somewhere. So we always have to completely get the device or the endpoint out of any filtration to get the policies. We get everything pushed properly from Apple to the device and provision it afterward. Then we add the Cisco Umbrella roaming client to it.

Cisco Umbrella has been running in my environment for about five years, and it was there even a couple of years before I joined my company.

We've never really seen any service outages or downtime with Cisco Umbrella. It is amazing for a product to be running such a long marathon for the amount of time that I have witnessed it.

Cisco Umbrella is very flexible. Before, after, and during the years of the pandemic, my environment went up and down concerning headcount and use cases. Since Cisco Umbrella is pretty flexible, it was able to scale with us.

On the technical side, we always get our questions answered in a reasonable turnover. There was an incident when I had two instances running, and I tried to research it first and run discovery with it. When I couldn't find the answer immediately, we called Cisco, and somebody over the phone was very helpful and told us within ten minutes that it wouldn't work for us.

The initial setup was pretty straightforward. The solution's documentation is great. My environment needed a little bit of customization to match the deployment configuration or documentation, and it worked fine.

We implemented Cisco Umbrella through an in-house team.

We have seen a return on investment with Cisco Umbrella regarding the working hours and the ticketing. The tickets do not have to get escalated to a network engineer or to a network person to look at. They could be worked on by someone on the app on tier one or tier two before needing an escalation if it even needs it.

I was onboarded to an environment where Cisco Umbrella was already running. I'm sure my predecessor evaluated other products during the same time, and then they decided to start and stick with Cisco Umbrella for the past six-plus years for its efficiency.

The security team deployed Cisco Umbrella in our organization. I deployed the solution briefly on my network infrastructure, and then we decided to switch that off because we noticed a conflict when we had it running at two different places.

I cannot really speak so much on the infrastructure because until recently, whenever we installed Cisco clients on a machine that's running a server, the machine broke. The reason for that is something that happens in the trust relationship between the server and the domain controller. We opened a support case with Cisco Umbrella, and they told us the server was not supported. Servers are not meant for browsing, and the environment that they are in should not be open to the entire world.

My network team is not that large. For content filtering, when a request comes in to unblock a website saying that it is misclassified, it's super easy to give enough access or limited access to the support desk agent or analyst that's getting your clients' calls. The turnover time is much quicker and much shorter. We do not have to deal with maintenance windows or change management times because it's easy to go to a portal or website and change it versus changing a configuration on a firewall. It helps a lot with hybrid environments, especially during the unprecedented times we had a couple of years ago when we all decided to work from home. My environment was 90% ready to work from home, and one of the reasons for that was Cisco Umbrella.

In a 2000-user environment, Cisco Umbrella has helped save at least 14 hours weekly.

Cisco Umbrella has changed the way that we have access to a tool. It helps us do content filtering. I do not need DNS servers running anymore on my network because I identify it on the Cisco Umbrella portal, and everybody gets the configuration within 30 seconds to a minute. I do not have to deal with DNS changes, especially for internal tools and websites.

Cisco Umbrella has helped our organization improve its cybersecurity resilience for the end clients by having that on-off network flexibility. I do not necessarily have everybody run on a VPN all the time.

The nearest product to Cisco Umbrella is not even comparable. Cisco Umbrella's feature richness and compatibility are becoming an industry standard. We do not ask if an environment has a DNS server running in it or not. Instead, today we ask whether that is a Cisco Umbrella environment.

Overall, I rate Cisco Umbrella ten out of ten.

We're using that solution to essentially sort DNS attacks. We also use it to add that increased layer of protection at the DNS level for our customers. That's what we're using it for right now. We're trying to cut back on cyberattacks, malware, phishing, man and control callbacks, et cetera.

We had a fairly large DNS attack and that made us realize we needed basic DNS protection in place, however, we wanted something that was a little more advanced. That really pushed us over the edge for that enhanced DNS protection. It's got that ease of installation and billing along with just being a great product that's been tried and tested. That made our decision.

When we had that DNS attack, we saw a huge spike in issues. It's definitely gone down by a fair amount since implementation. We're seeing 800 fewer trouble tickets compared to the previous year. We can see (via the dashboard now) that we have billions of threats coming in every day. We're adding that extra layer of security for our customers. We're breathing a little easier now as it's actively protecting against all these threats that are coming in every day.

It helps us lead processes and blocks malicious DNS queries daily, which is very beneficial. We've seen a reduction of about eight hundred trouble tickets compared to the previous year. The customers are having a better overall experience as less bandwidth is being taken up by DNS acres. We're not having to constantly police that part of our network. It's a little bit of a better process and a better experience for our customers. 

We use the Easy Connect product, which works well.

The solution enables you to extend data protection to devices and remote users or distribute the locations. However, most of our use for the product is at the DNS level for our entire network and not really at the device level. We do have another added layer from a different company for the device security component.

The solution is pretty flexible.  

With the reduction of trouble tickets, it would be reasonable to say the solution has saved us money on security operations. 

Umbrella discovers new vulnerabilities every year. That's absolutely important to us. As our technology changes, the way we're attacked changes and will continue to change. It's important for us to be made aware of new threats and protect against them. 

The pricing could be improved.

I've been using it for almost a year, since February 2023.

I did not previously use another solution to this extent. 

We've seen an ROI with our trouble ticket call volumes going down. We've saved an estimated $30,000 so far this year.

Start working with your rep early and budget well in advance. Billing is fairly straightforward, but can be expensive.

We're customers and end-users.

We do not plan to purchase any additional security solutions in our environment in the near future. We have other layers of products in place already. 

For someone who's researching threat detection and prevention solutions, I'd have them consider Cisco Umbrella. You can see the threats that are being blocked, and you can help customers understand that you're doing everything you can to make sure that their online experience is safe and protected. People are working from home. People are doing telemedicine. There's a lot of more sensitive information being shared online. That in and of itself is a good selling point. You want to make sure that your customers are as protected as possible.

I'd rate the solution nine out of ten.

I had an agreement with OpenDNS which was the original owner of the solution, and I was selling it as an MSP. In Spain, I offer it to a company called Ares Capital. At the start, it was designed to filter URLs for sites that management didn't want the people to access, such as adult sites and social media sites that may cause a loss of work time. A few years later, the solution introduced the ability to filter malware sites. We used that not as an accessory characteristic, but as the main characteristic. We moved from filtering unwanted sites to filtering malware and virus-infected sites. We still use some filtering for unwanted sites, but mostly for security reasons.

Cisco Umbrella was designed to allow hybrid work. When the COVID pandemic started, we didn't have to do anything at all because the computers were already set up for remote work. With Cisco, it doesn't matter where the computer is as long as the computer is using the DNS servers that Cisco Umbrella works with. If it's part of a laptop or wherever you are in the world, it works exactly the same as being in the office. 

It is very important the solution provides a single pane of glass management for our organization in order to help manage the complex software and programs that companies use. This saves a lot of time for managers.

The single pane of glass management optimizes the user experience by allowing the user to access restricted sites much faster and easier from a centralized location.

Cisco Umbrella helps us remediate threats quickly. The solution doesn't work with our internal network, it instead works with the DNS servers that are located all around the world. This means Cisco Umbrella doesn't have any effect on our network whatsoever. In fact, Cisco Umbrella is totally different from other solutions that are locally based, which filter on routers or firewalls. The solution acts as an outside firewall. The rules that are set up on the Cisco Umbrella management site affect the connection between the computers everywhere, but it doesn't slow them down.

The employee morale has improved with Cisco Umbrella because they don't need to be as cautious when visiting sites knowing that the solution is taking care of their security for them. The only thing that could happen to an employee is that they may need to access a site that is blocked and they have to report that blocked site. When a site is blocked for an employee, a page appears on their computer and they can report that blocked site from there. The employee can send the administrator a direct message requesting access. A blocked site occurs infrequently and the administrator can unblock the site quickly.  

The most valuable feature is the ability to filter malware sites that could infect clients or allow them to download infected files.

Cisco Umbrella is one of the best solutions in the market because it's very simple to use and very simple to set up. We require some knowledge of filtering rules, but it doesn't take that long to get familiarized with them. We can manage all the working locations, even if they are far away from a single point and the solution is easy to use. The vendor is a pioneer in the central management of security compared to other antivirus companies.

Cisco Umbrella provides a single pane of glass management.

 Cisco Umbrella doesn't slow the network down because it filters outside of the network.

Cisco Umbrella is not a solution that we can rely on for everything, but for the cost, it is a valued layer of defense that we can depend on. Cisco Umbrella's resilience complements any antivirus solution well. The main advantage of Cisco Umbrella is that it stops attacks from happening before they reach the antivirus solution.

Cybersecurity resilience is important to our organization because we provide software-driven services. We need to contact people from all over the world, We need to be able to navigate through many different sites safely. This gives peace of mind to our customers. We visit thousands of websites every year and it is important to have a solution that takes into account that we are not visiting the same websites repeatedly.

The rule-making process for blocking sites or for blocking characteristics can use some simplification. For example, types of malware. This would make it easier to use because it has a learning curve.

There is a possibility of creating users that have explicit permissions to access sites that nobody else should access. This process can be cumbersome and it would be helpful if there was an easier way to create users and assign roles to special users.

Cisco could ease the process of defining the number of licenses and the price considering the number of licenses we require. Currently, we have to get a quote for anything over 100 licenses.

I have been using the solution for ten years. Before the solution was acquired by Cisco it was OpenDNS Enterprise.

The solution is extremely stable. 

Maintaining network connectivity is very easy. We have not had any downtime in over 10 years. Cisco Umbrella doesn't work directly through the network. It works with the DNS servers that are outside of the network. The network itself doesn't affect it at all. Cisco Umbrella doesn't affect the internal workings, hardware, software, switches, or routers. As long as we have set up the DNS correctly in the computers, either locally or through Active Directory, everything works no matter what happens with our network.

The solution is scalable. We started off with around 40 computers and now have over 200.

I contacted technical support two or three times by email because I had doubts about a rule, but it was pretty straightforward. They responded back within 24 hours. I'm not sure if we can contact them now by phone because I have only used the email method.

Positive

Previously, we were using an antivirus company for antiviral protection. The problem with antivirus is that it's reactive. It does not proactively avoid infection. Cisco Umbrella is proactive because it blocks sites before we may get an infection. We don't react to infections; we proactively avoid infections. Although there are solutions now that do the same, Cisco Umbrella was the first to market.

The initial setup is straightforward and only required one person. Setting up the solution usually takes between 30 minutes to an hour. However, the rules are always changing, so we never truly finish setting it up. We're always changing the configuration of the sites by blocking or allowing or adding new sites to the blacklist or whitelist. 

To change the local DNS settings to use the Cisco Umbrella service, we only need to make a few changes. If the computers are connected to Active Directory, we can deploy the configuration through Active Directory so we don't have to mess with anything else. The solution is based on the cloud, so we get a lot of detail and granularity in what sites the computers can access. However, if we want more detail, we can install a small agent on the computer so they can report to the servers.

The implementation was completed in-house.

We have definitely seen a return on investment given the low cost of the solution.

Cisco has a set price for a single license up to 100, but whenever we get over 100, we have to ask for a quote. Sometimes requesting quotes makes the process a little harder because people's trust waivers when having to ask for quotes. We want to see the prices upfront.

I give the solution a nine out of ten.

The solution is very good, one of the best in the market because it is so easy to use and so easy to manage even from far away distances. The company has four locations, one in Madrid, one in Valencia, another in Alicante, and one in Barcelona. The solution allows me to manage all the sites from one location easily.

Given the rise in attacks and virus infections all over the world recently, it is important to have layers of security. The less intrusive solutions are better for us. I believe that Cisco Umbrella is a solution that everybody should have because the solution is easy to set up and manage. Cisco Umbrella gives us peace of mind, which is why I believe it is a great solution. I had problems in Spain when I tried to set up Cisco Umbrella for other companies but this was because people didn't know about the solution or trust it as much as they should.

Initially, we implemented the solution for the central branch in Madrid, and after that, we implemented it in the regional branches. We then differentiated between departments, and in the end, we were managing departments and offices.

I deployed it as an end-user management solution in a large IT practice, and for our end-users to have secure internet access. I've also advised on it as a consultant for companies wanting to use it to deploy SASE-type solutions.

It's really hard to have a firewall everywhere. It's also really hard to have somebody follow a user on the internet and make sure that they're doing things securely. Having a tool that's on an endpoint that you know is always connected and always pushing people to the right locations, avoiding redirects and malicious intent, has been the biggest benefit for us.

We were exposed to ransomware attacks at a very early stage in our company. Cisco Umbrella is one of the ways that we have found to help prevent ransomware attacks. It also helps prevent users from going to places that they shouldn't be going to, beyond just firewalls and email security. It is an extra level of protection that really helps make us feel comfortable at night.

The fact that Cisco Umbrella helps support hybrid work is really the key, having an endpoint protected wherever it is, whether it's on or off your network. That's what everybody on the planet is looking for right now.

It has also, 100 percent, helped us remediate threats more quickly.

The most valuable thing is how easy it is to deploy. We did it with 9,000 users at my last job, and it took a week to get to all the endpoints. Doing that without having to physically touch all those endpoints was very simple. 

The single pane of glass management makes it very easy to manage your rollout. We get a lot of "single panes of glass" and, eventually, you need a pane of panes of glass. But it's always good to have a clear and graphical view, and Umbrella's is nice and easy to read. Definitely, of the panes of glass that we do have, it's one of the easiest to use.

The single pane of glass is good to group users together and separate people out. Some people need different types of security. Some people are more vulnerable. Some have more highly valuable assets, like C-suite people. It's really good to be able to have end-users defined inside of that. You don't have to jump around. You don't have to figure out who's who. It's all done through one pane of glass.

What most people don't realize is that it's running in the background, which is a really nice aspect when it comes to security. Often, when you deploy a security tool, it takes up CPU performance. Everything slows to a grind. But Umbrella is so simple and easy and it doesn't affect the end-user experience. It's the best of all worlds. It's nice when people realize that they're being protected when they go to the wrong site. I think people are happy that they're protected, but it's nice that they rarely notice it.

It's generally easy to maintain network connectivity, but with Umbrella, the nice part is that whichever connectivity you're on, you're always secure. With Umbrella, as long as you're online, you're going to be protected.

I'd like to see improvement in its overall integration with all the other platforms. There's some integration between Umbrella and Meraki, but an overall Cisco problem is that there are so many different tools, and finding easy, seamless ways of connecting everything together is always a challenge. Always, with Cisco tools, there is the issue of finding ways to have fewer windows to look at and how to make those tools work together better.

I have been using Cisco Umbrella for over six years.

It's a cloud service. Beyond the actual tool working, the most important thing is its availability.

As long as the internet connectivity is up, I've never had a problem with Umbrella not being there. It's a tool that we have never been concerned will go down while our internet connectivity is up.

Security always has to be there. As long as your security tools are available, that's when you can be the most secure. With Umbrella, especially, we have never had an issue where it was out and we needed protection. It's probably one of the most resilient tools available on the planet. For sure, it's amazing.

I'm sure there are bigger customers than us, but we had 9,000 endpoints secured in a month's time without a blip in the system or in performance. For us, it has been impressive.

Meraki and Umbrella support are great. We have never had an issue with Umbrella, so we haven't had to evaluate support there. But whenever we have had issues with the integration between Meraki and Umbrella, Meraki support has been amazing.

Positive

We did not have a previous solution.

It was pretty straightforward. We loaded the client into Meraki Systems Manager, and then we were able to push it to all devices inside our network that had Systems Manager. It was pretty much three clicks.

We had full Meraki stacks as most of our network deployment. We were 100 percent cloud on our solutions. Umbrella sits in between our on-premises networks or between our users at home and between our cloud applications that we use at our clinic and office locations.

We did it in-house.

The return is that you don't get breached. It's a hard thing to quantify because if you don't get breached, you don't know what the value of that breach would have been. By not being breached and by being able to mitigate ransomware attacks, there is definitely return on investment.

The pricing is great and very competitive with the rest of the market. 

With everything to do with security, you should never worry about price because it's all about risks. The cost of $20 to $30 a license for Umbrella might protect you from $4 to $5 million worth of ransomware. It depends on your risk profile.

We evaluated Zscaler as well. The difference between Zscaler and Umbrella was that Umbrella was a lot simpler to deploy and a lot easier to manage. Zscaler requires way more customization and it has some slightly different use cases than Umbrella. For us, Umbrella was more what we were looking for and generally easier for us to manage.

For C-suites that want more security resilience in their organizations, I would tell them to adopt cloud technologies as much as they can. Try to find things that will help you scale because, when you keep things on-premises, you have to be the cloud provider yourself. Tools that other people have already stretched across, and on whose service you can rely, are generally going to be better than what you can do yourself. Either that or it's going to be very expensive for you to provide that service in-house.

Umbrella is probably one of the best tools out there in all the security landscape. It's very valuable to all people who are looking to deploy secure internet access. Everything has been perfect as far as we have used it.

We're using Cisco Firepower to replace the ASAs as perimeter firewalls to the university's network. We're predominantly using Cisco Umbrella for web filtering of staff and student web traffic that is generated from the university campuses.

Cisco solutions are simple, efficient, and effective. We're definitely seeing that our users are protected by using these solutions. We're using Cisco Umbrella to protect around 1,500 staff and about 15,000 to 16,000 students. At any one time, on our campus, we could have 3,000 student endpoints protected and about 1,500 members of staff with laptops who are working hybrid since COVID. So, they're protected when they're on campus and when they're off campus. As a university in Edinburgh with three main campuses, we have two internet connections where firewalls protect us from bad stuff on the internet.

Cisco solutions have invariably saved us time. Without them, we would've had ransomware attacks and cyber attacks. So, they have helped protect us as much as they can. I don't have the metrics, but it's a university, so we're probably quite often under attack.

Our operating expenditures (OpEx) haven't really reduced. With moving to subscription-based, our OpEx has probably gone up rather than our CapEx coming down. 

The insight into what our users are doing via Cisco Umbrella is valuable. Knowing that we're protecting our users as they leave our network is also valuable now because we've got more hybrid working. With Cisco Umbrella and Cisco Secure clients on all our hybrid working laptops, we know that our staff is secure even when they're working from home.

They should provide more integrations and bring things together so that there is a more standard feel to their platform. We also use Cisco ISE, and it has a very different feel from Cisco Umbrella. We also have some Meraki products which feel very different from others. It's like you have to learn something new with every product you buy.

We've had Cisco ASAs, but we're just in the process of replacing them with Firepower, so Firepower is quite new. We've been using Cisco Umbrella since 2020.

We have a good Cisco partner called Ping Network Solutions in Scotland, so anytime we need to reach out for a bit of advice, we can ask them. We had good pre-sale support with Cisco as well to ensure that we get the right products that match our requirements. I'd rate their customer service a nine out of ten.

Positive

Instead of Cisco Umbrella, we used Zscaler for web filtering, but we've always had Cisco firewalls.

When we switched in 2020, Zscaler didn't seem to be developing their product as well. It didn't match our requirements anymore.

I was involved in its deployment although I had a technical team working underneath me. It was easier than Zscaler because Zscaler made us have two instances, one for staff and one for students. It was very complicated, and we had to route traffic in different ways. Being able to do it by DNS with Cisco Umbrella was just easy.

I managed the team that was deploying it. My role involved making decisions about what traffic and which groups of users we put through first, some early field tests, and things like that.

We did it all by ourselves.

We have seen an ROI. With Zscaler, we had more operational issues than we've had with Cisco Umbrella.

You get what you pay for.

We use Cisco Firepower, and we use Cisco Umbrella. Currently, these two products are not very integrated. We don't have the complete suite of Cisco solutions. We just have two that aren't joined. We also work with other technology partners, such as Microsoft, but in terms of the perimeter of our network, it has always been a solid product like the Cisco firewall.

I'd rate Cisco Umbrella a nine out of ten.

We use Cisco Umbrella as a security layer for all our employees. We deployed it two years ago as a security solution in order to cover our roaming workforce. Our employees are scattered throughout more than 20 locations, including homes and hotspots, and we had to cover the security gap. We needed to be sure that regardless of the location our employees would be covered by the security features.

To provide connectivity to our members, we use Cisco Meraki. When our employees are within the co-working space, we use the integration with Cisco Umbrella security and the Meraki network.

The reports and notifications are the most useful part of the platform. As soon as you deploy the security layers, the reporting is very comprehensive. It helps you to have, at a glance, a clear view of what's going on.

The integration between Cisco Secure solutions is pretty good. We have been able to deliver the solution in a few days. The integration of Umbrella and Meraki is literally one click away from the customer.

One of the reasons why we chose Umbrella was its capability to perform end-to-end detection of malware and web traffic. In the last two years, we have been covered, detection has been faster, and we have been able to contain some potential threats along the way. We use the Umbrella stack from DNS protection to web and content protection. Our workforce is made up of 150 Macs; thus, we use Mac as a client. We have some PCs and integration with the network in our co-working spaces.

Utilizing Cisco Secure has helped us save time. Being a nimble organization, we don't have IT staff who are fully dedicated to security. The maintenance is also not very time-consuming. In terms of the amount of time saved, it would be half an FTE a year, given the fact that we are informed and notified when threats arise.

In terms of operating expenditures, we have been able to negotiate a better cyber insurance rate with our insurance company due to the fact that we are covered by Umbrella.

Another benefit of using Cisco Umbrella is application scanning. We have been able to understand how many other applications we were consuming in the cloud, address them, and save money. Without Cisco Umbrella, we would not have realized that we had so many cloud applications in the company.

We have been able to close at least four or five applications that were duplicates of others that we were already using in the company. We have realized approximately 10,000 to 12,000 euros a year of immediate savings in an organization of 150 people, which is quite significant.

Client delivery and client updates should be improved. Client delivery was not as easy as expected. Another area for improvement is the integration of escalation procedures for security issues.

In the next release, I would like to see the addition of notification flows like SMS and popups.

Cisco Umbrella is stable. We have had some issues, for example, when deploying from home or from slow networks, but 99% might be covered by a backup deployment of the client.

The moment Cisco Umbrella is installed, it scales. It's a matter of deploying policies. You can scale from one to thousands or tens of thousands of clients very quickly.

We are mainly supported by our partner. We escalate to Cisco's technical support when needed, and they are always outstanding. I would rate them at ten out of ten.

Positive

In my environment, the initial deployment was not as easy as we expected it to be. The delivery of the client in a Mac environment was not that easy, and the fact that we do not have a directory made things a bit more complicated. On the other hand, as soon as we were able to deliver the client, everything went well. We were able to deploy the solution in one week.

We were supported by our partner both on the network side and the security side. Being a solution focused on the client, we involved the partner for support on the endpoints, which are the critical part of the delivery.

Our experience working with our partner was good because they know our organization and our needs. When you increase security, you may see a higher number of false positives. Our partner played a key role resolving any issues that arose for the customer during deployment.

Cisco Umbrella is not a cheap product. However, it's not a matter of the cost; it's more a matter of the value of security. It is easy to measure this value when you have a security incident. I think the price is a good trade-off for a product that can help you avoid security threats.

You can try to partner as much as you can with insurance and other companies. It can help you reduce acquisition costs.

We had several reasons for choosing Cisco Umbrella, including the rise in attacks, the need to be careful with our customers' information, and our desire to have an extra layer of information security.

The main reason for going with Cisco Umbrella versus other competing solutions was its capability to integrate with our network. The first deployment we did was pure DNS and was a client deployment. Then, we were sure that we wanted to have a deeper integration. The fact that we are 100% running on Meraki infrastructure helped us to have this blended architecture, which is very efficient from the point of view of the client, service, and security.

If you're considering Cisco Umbrella, my advice would be to take your time and have 10% to 20% of your company pilot the solution. It's a solution that is easy to pilot in a specific environment, even with very deep integration with the network. I would advise you to go with a good use case, pilot the solution, and then move forward with a broader deployment.

On a scale from one to ten, I would rate Cisco Umbrella at nine.

I had implemented Cisco Umbrella at a previous company. I'm now working at another company where I'm not using this solution. We've got another solution here.

The policy of the company was to make sure all outgoing traffic was sent through a filtering service, and OpenDNS, and then Cisco Umbrella, was chosen for that purpose. Once it was taken over by Cisco Umbrella, it had far more capacity and far more functionality written into it. 

In terms of the deployment model, I just used Cisco services. It would be through Cisco's private cloud. My site wasn't big enough. So, I didn't deploy the Cisco service on-premises. 

It was really valuable to me in protecting the outgoing data of the company. It was good for reporting. Every computer had the Cisco Umbrella program installed. So, I had good reporting on any issues related to outgoing data, such as whether there were any phishing or dodgy sites connected. It protected that part of the business.

A combination of Cisco ASA, Cisco Umbrella, and Cisco AMP connecting to the SecureX portal gave me all-around security for the site because they all reported into a central reporting server. If there were any issues, I could have got full details, even if a crypto locker attempt was made. I never had any security incidents that I'm aware of. So, it was a very effective tool.

It kept itself updated. So, I didn't have to worry about continuing to push out new installs of the program.

I felt safe, supported, and secure, and so did the owner of the company. It worked silently in the background, and no one else really knew it was working on their computers. When we went into lockdown with COVID, I was happy knowing that all the computers that left the business had the app installed and were going to be functioning securely. We got no viruses and no issues on any computer on the network, which is quite unusual. A lot of other people or a lot of other companies I spoke to reported that they had quite a few issues.

It worked 100% in terms of applying and maintaining network connectivity consistently across all workplaces. We never had any issues. The only issues we had were when sites might have been blocked because they were suspected of being within a filtering group. It would report back to the user and say, "This site is currently blocked by your administrator. Please click this button. An email will be sent to your administrator, and they can resolve the issue." I would then get the email, and I'd look at the site, and then I'd release it through whitelisting. It was very user-friendly in that regard.

It certainly helped to remediate threats more quickly because I was able to stay free of any virus outbreaks. It definitely locks out that part of the transmission where the virus will go out and attempt to download a package.

It worked silently and didn't use too many computer resources. It was really silent in its operation on the network. It had a really good impact on me. I'd love to put it in my new company, but we've gone down a different pathway. That's being resolved through Office 365 now, and I'm not proposing to change that technology.

I wanted to ensure that all outgoing traffic went through Cisco AMP servers. So, if we did get a crypto locking incident or any malicious sites that wanted to direct traffic to particular websites, they would be unable to do that because they would be blocked by the Cisco Umbrella DNS servers.

It also did website filtering for preventing access to porn sites and gambling sites. It had all other standard features. It had a good section where you could whitelist and blacklist websites.

I was able to implement it myself. It was really easy to install. You could install it on a server locally if you want to. If you have the biggest site, you would do that, but for my site, it was just directing all the traffic out through the Cisco Umbrella DNS. It was really handy. When the owners of the company went overseas, I knew that they would be secure because even if they were not on the company network, they would still go through the Cisco Umbrella servers. It was a complete solution for protecting the company with outgoing data.

The other useful feature was that if we were to get a malicious actor onto a server or service running somewhere, it would still have to go out through the Umbrella servers. So, it would more likely be blocked through there. It had multiple features that were super handy.

It had the ability to do a lot of app control. So, every single app that went through that portal was registered, but there is a general issue with the whole app control. As soon as you add a mobile phone to your network, all of the apps get registered through the system, and you can approve, reject, or just let them go through. When I looked at it, it was impossible to manage app control. There was just so much data. I didn't apply that service because I just didn't have the time to manage it. It would be good if there was a way to categorize applications. However, that's dangerous too because you can be turning off an app in a group because you don't know what it is doing. It could be a vital company app. So, App control is the main area in which they need to keep working.

Originally, Cisco Umbrella was called OpenDNS. I have used OpenDNS and Cisco Umbrella for about six years.

It is very stable. I never had any issue with it.

It is highly scalable. You don't even have to install it on your computers. You just change your DNS, and it'll start to work internally immediately. I never had any issues with performance or anything like that. I'm sure it would suit larger companies as well, but larger companies would install their own Umbrella service on their own systems and deal with the capacity that way. So, it is very scalable.

Their support is good. They always got back to me and answered issues. They showed me how to do my own debugging. They were always very professional and helpful. I would rate them a 10 out of 10.

Positive

We previously used proxy servers, but I wanted a more modern interface, and that's why I chose Umbrella.

It was super easy. I'm a general IT person, and I was able to deploy it. I read the documentation, changed some settings, changed the DNS on my servers, and then rolled it out to the team. It was a pain-free implementation.

I deployed it. It was pretty intuitive. I didn't have a consultant help me. I was able to implement the solution myself and manage it myself. That's a really good rating for an application. There are different systems you get to manage these days, and you can't have training on all of them. Because I rolled it out, I knew I rolled it out properly, and the system was working effectively. It was good. I liked using it.

The return on investment was that we kept the company secure. Nothing happened, which is the ultimate return on investment.

It was a little bit expensive on a per seat basis, but the company I was running was only a midsize Australian company, and it was a reasonable budget per computer for that system.

It started off being a free product, and then Cisco bought it, and it went to a reasonable price. I was using Cisco AMP as well. So, my per computer cost was reasonably high, but for a small company, it was within an acceptable level.

Not having reviewed other systems, I can't tell how they compare, but I know that when you do special security licensing with Microsoft, it is on par. So, it is probably standard within the industry.

At the time, we were using OpenDNS, and then OpenDNS went to Cisco Umbrella. Because we'd had such success with OpenDNS, we just stayed on with the product. So, I didn't evaluate any other products at that time.

It is just another layer that you need to wrap around your company to keep it safe unless you could just shut off that possible attack vector from external parties.

To leaders who want to build more resilience within their organization, I would say that they've got to keep doing it, and they've got to keep working on it. I'm constantly looking for better ways to secure the company. Cisco Umbrella would be a very useful addition to their set of tools. 

A part of my plan in the long term was to implement the full suite. I never got around to that, but it was really good to know that I could go right down to app-level control. It was a very successful product, and I'd certainly recommend it to any business looking to just add another layer of security around their company.

In terms of providing a single pane of glass management, security does involve multiple systems, and I could log them all into the Cisco SecureX system. From there, I could get my single point where I could resolve issues with viruses, et cetera. So, in itself, it was a single pane of glass for DNS protection. It was fine, but I don't think there is ever going to be a single pane of glass anywhere. You're always going to have many different systems that you're using, but overall, it had a lot of features. It did the job it needed to do.

I would rate it a 9 out of 10. It is just app control that I want them to develop more.

We use Umbrella to front-end all of our DNS requests and that way they protect any of our end-users from going to any kind of malicious site. It doesn't matter if they're in-house in one of our locations, or if they're remote and working from home. That was the biggest part was the fact that we could protect our end-users, even when they're not in the office.

We were actually trying to solve other challenges, which included just to protect the onsite, but once COVID hit, it pretty much made it a very easy transition for us. At one point, when COVID was at its highest peak, we had everyone working remotely. We didn't have to worry about how we were going to restrict our access on the internet, because Umbrella was already handling that for us.

It made us more secure, which is a very important thing for a financial institution.

The support for hybrid work was the biggest thing. It protects our users, whether they're in the office or they're out of the office. We get the same policy in both locations. We can assign policies based on individual group memberships and it travels with them no matter where they go. It helps no matter where they are.

Since it's based on user DNS requests, it's right from the endpoint all the way through the network to be able to identify those locations and restrict access if necessary. It's not just the malware sites, which is very important, but it's also just content in general. There are business reasons for restricting access to certain content.

Since we implemented Umbrella, we are seeing a fairly significant amount of threats being blocked. A good 20 percent of all the activity, on average, that we see is actually being blocked by Umbrella, because it's either violating policy or it's some kind of malware.

Both monitoring the activity, so that we can investigate anything that may pop up, and the ability to restrict the access, or filter out what content end-users can view or go to [are valuable features of Umbrella]. Also, the fact that it blocks them from any known malicious locations.

It works really well and the best part about it is the fact that it's transparent to the users until they try to go somewhere that's either restricted because of content or restricted because of the fact that it's malicious. Then they simply get a popup and that's all there is to it. So from their perspective, it's very easy. They don't have to do anything in order for it to work.

There is a single portal that we go to that handles being able to set up policy, look at activity, or even manually add sites that we think that we want to restrict, even if it's not considered a particular category or a particular malware. The single-pane-of-glass management is very important. We have a very small team. We can't spend a lot of time going from product to product to product to either investigate or set up policy. We need to have one place that we can go to and set everything up.

It's really easy. It's an easy portal to go to, it's cloud-based, so we can get to it from anywhere. The ability to set up the policy is pretty straightforward. There are a lot of tie-ins with other products, like SecureX and other things, that make it just as easy.

It's cloud-based, so as long as you can get to the cloud, you're golden.

The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical.

I have been using Cisco Umbrella for about four years now.

It's been extremely stable. In the last four years, I do not recall a single outage. There has been nothing that I can think of that actually affected the performance of the system at all in the last four years.

We've never had an issue with scale. We've scaled it up to every user that we have in-house. When we deployed the gateways, we deployed two for HA purposes, but from a scale perspective, it's DNS queries. It doesn't take much. Our whole organization is on it.

Support for Umbrella is very good. There's a way to contact them directly from within the portal and we use that periodically.

I give them about a nine out of 10. There are issues with Cisco's tech support, like all the rest of them.

Positive

Umbrella was actually the first [solution we used in this area]. Once we discovered that that was a big hole we had—we didn't have anything that was controlling content for our internal end-users—we could run into problems with regulation, problems with compliance. It could run into issues with HR, as well as security issues associated with malware. We knew it was a hole, that we were missing. Umbrella filled that hole for us.

There were two pieces of the deployment. One was the cloud deployment, which got us set up in the cloud to begin with. We also had gateways that were installed on-prem, in-house.

We were able to get the gateways up and running in about an hour. The cloud deployment was all done by the Umbrella organization on the back-end side. To deploy to the end users, all we needed to do is set up a policy that said, "This is what you use for DNS." Once that was set up, we were done. Deploying that was done in a group policy and that group policy was pushed in a matter of minutes. The entire solution was probably deployed in just a few hours.

We did it all ourselves. Cisco handled the back-end side with the portal itself, but the rest of it, we did ourselves.

I think we got our return on investment within the first month of its use, because of the increased security that we had in the organization; the ability to have a product that is protecting our end-users. We do educate our end users today, but Umbrella doesn't require us to go through as in-depth an education process to say, "Okay, you're going to have to do the research. You're going to have to figure out what sites are bad. You're going to have to figure out where not to go." We don't have to do any of that. That's all handled by Umbrella. We just need to let them know that we're protecting them on the back-end side.

Its value exceeds its pricing.

We looked around to see what was available. There were a lot of content filtering solutions available, but one of the things that Umbrella brings, in addition to content filtering, is that awareness of known threat sites. Their tie-in with Talos, Talos being that organization that does all that research and feeds that into Umbrella, means that we not only have known malware sites from six months ago, but we're getting feeds from Talos within hours.

The impact on our employees' morale has been good. Anytime the employees understand that we're doing something from a technology standpoint to secure the organization more, that makes them happy. It's something that they don't have to concern themselves with as much and it improves morale quite a bit.

Resilience in cyber security is extremely important. We're a financial institution, so cyber security is very high on our organizational goals, all the time. Making sure that cyber security is resilient against any of the latest attacks that are coming out is extremely important. It's a constant thing. Cyber attacks are increasing every single year. The methods that are being used are increasing every single year. If something were to happen, not only would we have a financial impact, but we have a reputational impact. For a financial institution, a reputational impact could be just as devastating as a financial one.

Umbrella helps us with that overall security. It gives one less attack vector for the bad guys to get into. We're protecting those end-user devices and we're protecting those end-users from going to places that could be malicious. The fact that it's doing that for those end-users increases our overall security without us having to rely specifically on end-user education in that particular attack vector.

For leaders who are looking to increase resilience within their organizations, I would say that what is necessary is to do as much security, in-depth, as you can. That includes using Umbrella to protect your users and using lots of other security products and being able to secure every aspect of your organization.

I would rate Umbrella absolutely a 10 out of 10. It's literally a lifesaver when it comes to being able to protect our endpoints.

One of our purposes for acquiring Umbrella was to block phishing links that we get in emails and to manage risky websites. We're using it for our internal network and the roaming client for external users.

Blocking malicious websites and preventing users from going into them, as well as the phishing attacks that usually come with malicious links, were the challenges. With Umbrella we can block them.

We use it in our Active Directory domain and for about 175 users. We use it on desktop computers and on laptops for external users. It's all on-premises, protecting servers and workstations.

It has improved our company a lot because we now see where the users are going and prevent them from going to malicious websites. It has reduced, by a lot, the chances of hackers getting into our organization.

With Umbrella, it's our IT staff who we feel secure. Sometimes the end-users, our clients, don't fully understand the purpose of the tools when we install them, such as the roaming client. And sometimes they get false positives and they don't fully understand why. But for us, as IT admins, we feel a lot more comfortable with the tool in place, because we know that it's unlikely our users will go to a malicious website. Umbrella is protecting us.

Umbrella has also helped us remediate threats more quickly. It's really good for securing our infrastructure from end to end. Umbrella's footprint is really small. If you want to secure infrastructure, such as servers, you don't have to install an agent. You just have to use DNS forwarders and point them to the umbrella servers. That's easier. It helps us protect our infrastructure for sure.

The Global Block List is one of the most valuable features because it's really easy to block domain names as well as URLs. Sometimes you don't want to block the whole site, you just want to block one URL. The Global Block and Allow Lists are the best features for us.

Cisco Umbrella also provides a single pane of glass for management. It's really helpful and it's important for us because we have multiple locations. Without a single pane of glass, if you want to block websites you have to go to every location, in each firewall, one by one. But when you have a single management portal, it's a lot easier.

The user experience is good because, as IT and admins, it's easy to use. But that's not only for admins, it's also true for the clients because they know the reason a website is blocked. The user experience is pretty smooth because they can report a false positive or a malicious website that has not been blocked in Umbrella. We are happy with the user experience.

And when it comes to applying and maintaining network connectivity consistently across all workplaces, Umbrella is excellent. We can track, among the different locations that we have, where the users are trying to get to. That means the risk of disruption is reduced by using Umbrella. And in that way, Umbrella contributes to maintaining network connectivity.

The user interface is pretty nice. Once you know how to do tasks, it's easy.

There are some situations where we would like to block things for specific user groups. I know that Umbrella does that, but it's not that easy. When you go to the Global Allow and Block Lists, that's the easy part. But when you want a specific task for specific rules and policies for user groups, you have to go three levels down in the menu, and it's hard to find where you do that task.

Also, the policies are not that easy to manage.

I have been using Cisco Umbrella for around a year and a half.

The stability is really good. They have about 99.99 percent uptime. I can't think of a significant disruption in the service.

We are a small organization, but from what I have seen, it is very scalable.

We have never requested support.

The initial deployment was straightforward.

The solution is on-premises but the management is cloud-based.

We did it all by ourselves.

We have seen return on investment by reducing the risk we had in the past. That has saved us from having to invest a lot of time in support, which is something we had to do when a user didn't know what they were doing and got infected. We now spend less time on end-user support.

The pricing is pretty fair. It's good.

In my former company, we used Area 1 for DNS protection, not Umbrella. I knew OpenDNS before it became Umbrella. In fact, I used OpenDNS for my personal accounts. In my current company we evaluated Area 1, but in the end, we loved Cisco's support and that is one of the reasons we went with Umbrella. But, obviously, the features in Umbrella are pretty good.

Once our end-users understood why we use Umbrella, that it was for improving our organization's security, it improved their morale. Nowadays, they are aware of cyber threats and they know that Umbrella is one of the tools that we use to prevent a breach. They feel more secure now.

Resilience helps a lot in cyber security. One of the things that makes Umbrella great is that you don't have to detect threats by yourself. Wherever in the world a new threat is detected, it's in the Global Block List of Umbrella and we don't have to manage those threats one by one.

That kind of resilience is more and more important for our organization every day. Fortunately, our C-level now understands the risks and what the organization could lose. They understand the impact. With the support of management, cyber security is really important for our organization.

I would tell the leaders of other organizations who want to build more resilience that cyber security is more important now because we are serving our internal and external customers. The problem with a cyber security risk, a threat or a disruption in IT services, is that it will probably cause us to stop producing what we produce. Our customers will have a bad experience, and that means it is not only a financial issue but one of reputation. I would tell such leaders to always keep cyber security in mind because it's not just about your IT guys, it's for the whole organization.

It's an excellent product. It has worked really well. The only reason I don't give it a 10 out of 10 is, as I mentioned, that there are some tasks that could be done more easily.

In general, we use it for the security of our network.

We wanted to get an idea of what's happening outside of our network and what's coming to our network. We had no way to know before and we were just sitting there waiting for something to happen. At least now we can be proactive.

It has helped us to be more secure. Cisco Umbrella allows us to see threats in real time. We can also see if there are any bad actors inside of our network who are trying to do malicious things. It gives us a quick glance at the situation, at where we are and how vulnerable we are.

Another definite benefit is that it has helped us to remediate threats more quickly.

It's very important that the solution helps support hybrid work. In the past, we might have had one or two people who were working from home because of illness or pregnancy. Now, with 60 percent of our people working from home, Cisco Umbrella has really helped us out with threats that they might not even know exist on their side. We can monitor them and be proactive about them.

Also, if it didn't have a single pane of glass, we would not be using it. The single pane of glass gives you a one-stop shop. It's like going to Home Depot. You find all your stuff there. You can see all your threats and your endpoints. It's a very important feature and makes things very simple.

Another point is that it's very easy to maintain network connectivity.

I have been using Cisco Umbrella for about eight years.

The stability of Cisco Umbrella is very good.

I haven't had to scale it, but I would assume the scalability would be good.

We haven't contacted them from the time we were up and running.

We did not have a previous solution.

The deployment was straightforward.

I used an integrator, Harness LLC, and the experience with them was all good.

Our ROI is due to the level of threats that we don't have to deal with, threats that are being blocked by Cisco Umbrella.

There is room for improvement when it comes to the cost.

We looked at Trend Micro, but that was several years ago.

Look for programs that have a track record and that are proven. No matter what any individual might say, that person can't do it by themselves. They have to have support, and Cisco Umbrella is a good support.

Resilience in cyber security is like raising kids. You really can't stop. You have to be resilient continually. Every day is a different challenge. Just because you're good on Tuesday doesn't mean you're going to be good on Wednesday.
Cyber security resilience has been key for us, with people going home to work or to other places to do their jobs. That resilience keeps them working and keeps our network safe.

I love it. It's almost like trying to look at WiFi. You can't see the WiFi signal with your naked eye. It's the same with threats. You can't see them by just walking around the building. With a tool like Cisco Umbrella, you can see what you have and how to fix it.

For our employees, it means that their systems are working. They have no idea what we're doing behind the scenes to keep their systems working, unfortunately. I wish I could say, "Hey, guys, today Cisco Umbrella stopped 84 threats."