Cisco Umbrella Reviews

It's for the VPN nomad connection. We capture all the DNS requests, log them, and check them in case of troubleshooting for security or malware issues.

Through Cisco Umbrella, we managed to deploy our M365 system and our connection. It was very good for deploying access to those cloud systems. It was a very important requirement to check all the connections from outside when the laptops are remote, and we managed to capture all the DNS requests. It was a security requirement.

It hasn't saved us time, but we managed to deploy the connectivity to the cloud system such as Azure or M365.

We can have a full overview and a quick overview of all the DNS requests. For us, it's quite important.

Cisco Umbrella is a good solution. It meets all of our needs. They can maybe simplify the configuration. For example, sometimes, the proxy part is quite difficult, and that's why we didn't deploy that.

We've been using it for two years.

We have no issues at the moment. It has been two years, and we did not have any issues. So, for us, it's quite good.

We have about 6,000 devices. So, I have no problem with scalability.

Their support is very good. We have a lot of feedback from our partners and our Cisco contacts. They get in touch to be sure that we are using the product correctly and whether we have any questions. I have had no problem with them. It's super good. I'd rate them a ten out of ten.

Positive

We didn't use any other solution previously. It's the first time we are using such a solution.

We were already using Cisco AnyConnect, and for us, it was a simple plugin. We didn't spend much time. We did some tests. We worked with a local French team, and after that, we deployed it. For us, it was very simple to deploy.

We deployed it ourselves with the help of a partner in France. The partner company is called Nomios, and we had a good experience with them. They know a lot of Cisco products, which is very good. They are into security and network architecture.

We haven't yet seen an ROI.

Its price for us is quite expensive because it's a subscription, and we just use it for the DNS log. So, for us, it's quite expensive.

We didn't evaluate any other solution. We went for Cisco Umbrella because we already had Cisco AnyConnect. We just used the plugin, and it was very simple for us to deploy it.

I'd rate Cisco Umbrella an eight out of ten. For me, it's quite a good product. 

I deployed it as an end-user management solution in a large IT practice, and for our end-users to have secure internet access. I've also advised on it as a consultant for companies wanting to use it to deploy SASE-type solutions.

It's really hard to have a firewall everywhere. It's also really hard to have somebody follow a user on the internet and make sure that they're doing things securely. Having a tool that's on an endpoint that you know is always connected and always pushing people to the right locations, avoiding redirects and malicious intent, has been the biggest benefit for us.

We were exposed to ransomware attacks at a very early stage in our company. Cisco Umbrella is one of the ways that we have found to help prevent ransomware attacks. It also helps prevent users from going to places that they shouldn't be going to, beyond just firewalls and email security. It is an extra level of protection that really helps make us feel comfortable at night.

The fact that Cisco Umbrella helps support hybrid work is really the key, having an endpoint protected wherever it is, whether it's on or off your network. That's what everybody on the planet is looking for right now.

It has also, 100 percent, helped us remediate threats more quickly.

The most valuable thing is how easy it is to deploy. We did it with 9,000 users at my last job, and it took a week to get to all the endpoints. Doing that without having to physically touch all those endpoints was very simple. 

The single pane of glass management makes it very easy to manage your rollout. We get a lot of "single panes of glass" and, eventually, you need a pane of panes of glass. But it's always good to have a clear and graphical view, and Umbrella's is nice and easy to read. Definitely, of the panes of glass that we do have, it's one of the easiest to use.

The single pane of glass is good to group users together and separate people out. Some people need different types of security. Some people are more vulnerable. Some have more highly valuable assets, like C-suite people. It's really good to be able to have end-users defined inside of that. You don't have to jump around. You don't have to figure out who's who. It's all done through one pane of glass.

What most people don't realize is that it's running in the background, which is a really nice aspect when it comes to security. Often, when you deploy a security tool, it takes up CPU performance. Everything slows to a grind. But Umbrella is so simple and easy and it doesn't affect the end-user experience. It's the best of all worlds. It's nice when people realize that they're being protected when they go to the wrong site. I think people are happy that they're protected, but it's nice that they rarely notice it.

It's generally easy to maintain network connectivity, but with Umbrella, the nice part is that whichever connectivity you're on, you're always secure. With Umbrella, as long as you're online, you're going to be protected.

I'd like to see improvement in its overall integration with all the other platforms. There's some integration between Umbrella and Meraki, but an overall Cisco problem is that there are so many different tools, and finding easy, seamless ways of connecting everything together is always a challenge. Always, with Cisco tools, there is the issue of finding ways to have fewer windows to look at and how to make those tools work together better.

I have been using Cisco Umbrella for over six years.

It's a cloud service. Beyond the actual tool working, the most important thing is its availability.

As long as the internet connectivity is up, I've never had a problem with Umbrella not being there. It's a tool that we have never been concerned will go down while our internet connectivity is up.

Security always has to be there. As long as your security tools are available, that's when you can be the most secure. With Umbrella, especially, we have never had an issue where it was out and we needed protection. It's probably one of the most resilient tools available on the planet. For sure, it's amazing.

I'm sure there are bigger customers than us, but we had 9,000 endpoints secured in a month's time without a blip in the system or in performance. For us, it has been impressive.

Meraki and Umbrella support are great. We have never had an issue with Umbrella, so we haven't had to evaluate support there. But whenever we have had issues with the integration between Meraki and Umbrella, Meraki support has been amazing.

Positive

We did not have a previous solution.

It was pretty straightforward. We loaded the client into Meraki Systems Manager, and then we were able to push it to all devices inside our network that had Systems Manager. It was pretty much three clicks.

We had full Meraki stacks as most of our network deployment. We were 100 percent cloud on our solutions. Umbrella sits in between our on-premises networks or between our users at home and between our cloud applications that we use at our clinic and office locations.

We did it in-house.

The return is that you don't get breached. It's a hard thing to quantify because if you don't get breached, you don't know what the value of that breach would have been. By not being breached and by being able to mitigate ransomware attacks, there is definitely return on investment.

The pricing is great and very competitive with the rest of the market. 

With everything to do with security, you should never worry about price because it's all about risks. The cost of $20 to $30 a license for Umbrella might protect you from $4 to $5 million worth of ransomware. It depends on your risk profile.

We evaluated Zscaler as well. The difference between Zscaler and Umbrella was that Umbrella was a lot simpler to deploy and a lot easier to manage. Zscaler requires way more customization and it has some slightly different use cases than Umbrella. For us, Umbrella was more what we were looking for and generally easier for us to manage.

For C-suites that want more security resilience in their organizations, I would tell them to adopt cloud technologies as much as they can. Try to find things that will help you scale because, when you keep things on-premises, you have to be the cloud provider yourself. Tools that other people have already stretched across, and on whose service you can rely, are generally going to be better than what you can do yourself. Either that or it's going to be very expensive for you to provide that service in-house.

Umbrella is probably one of the best tools out there in all the security landscape. It's very valuable to all people who are looking to deploy secure internet access. Everything has been perfect as far as we have used it.

Cisco Umbrella improves web security posture.

Meraki features and cloud-based functionality are advanced and easy to manage centrally.

Reporting is a separate product. However, other features are embedded within the devices themselves. So, if you have one box, everything is included, which is good.

A more user-friendly interface like Kaspersky and lower costs including licensing, support, and renewals would be beneficial.

My company has been using it since 2005. 

It is a stable product. 

It is a scalable product.

The customer service and support are excellent, exceeding expectations.

Positive

I used Sophos, FortiGate, and Palo Alto firewalls.

Cisco Umbrella is manageable and well-supported by various vendors and partners, including Cisco Direct. It offers diverse technologies and features. However, now Sophos and FortiGate offer better tools and firewalls than Cisco.

Forti excels in SD-WAN services and integrates various functionalities like FortiManager, FortiAnalyzer, and Wi-Fi controller within a single device.

It is easy to implement. It is not straightforward, but it is easy. It is easier than before. 

The licensing cost is very high. We have to pay for support, renewal, and maintenance. FortiNet is cheaper compared to Cisco Umbrella. 

Consider your budget. If you can afford it, Cisco Umbrella is a stable and scalable solution.

It's a strong Cisco product.

Overall, I would rate the solution a nine out of ten. 

Our primary use case was to first replace the solution we had since it wasn't able to give us security outside our premises. Also in terms of configuration, we had to have extra configurations in our Active Directory to identify the users and the equipment. Cisco Umbrella gave us a chance to do it in a more clean way, without having extra software working on our domain controllers.

Cisco Umbrella is deployed as a cloud solution with an on-premises server so that it can make the connection through our Active Directory to identify the equipment.

The most value we've seen after using it for a month is the ability to identify more clearly the usage of any device.

With Cisco Umbrella I am able to manage DNS resolutions on our devices both when they are inside and outside our network, supporting a hybrid work environment.

Umbrella has helped my IT staff in two ways. First, our security team was able to get more insights into the users, their devices, and the sites they browse. Second, our system administration team was able to manage DNS resolutions in a way that is more accessible and less intrusive to our domain system.

Soon, our IT staff will be able to save time because we'll be able to automate some security functions. The dashboard is very clean and user-friendly. Thus, at a glance, we will be able to see a lot of information that will help us identify more directly the sources and the root causes of security issues.

It's easier for us to have support features with companies who are Cisco representatives, but sometimes, it's hard for us to get the help we need without having to use our contacts within Cisco.

We've been using Cisco Umbrella for nearly a month.

We have not had any issues with stability, but we've only had the solution for one month.

The few times when we had to contact Cisco's technical support directly, we had perfect interactions with them. Therefore, I would give technical support a rating of ten out of ten.

Positive

We were using another solution for DNS security. It was not as complete and  would only allow us to manage security inside our network. We weren't able to get to the endpoints when staff were not working on-premises. We did a proof of concept with Cisco Umbrella and two other solutions for three months and chose to go with Cisco Umbrella because it gave us the features that were more suited to our organization.

In our environment, it was straightforward and simple to implement Umbrella. We had SCCM for the end devices for mass deployment. Our domain controllers were connected to the server. The initial parameterization only took us three days. Currently, we are in the most difficult part of fine-tuning the solution so we can take full advantage of its features.

Our Cisco partner helped us with the implementation.

Pricing and licensing of Cisco Umbrella is a bit confusing because you have to separate the DNS solution and the full-feature solution. Cisco in Portugal helped us understand which one was the right one for us.

Since Cisco Umbrella has given me better performance and extra features that I didn't have previously, I would give it the maximum rating of ten out of ten.

I'm a principal consultant for one of the energy sector companies, which basically extracts oil and gas and also deals with solar energy. We are dealing with anything related to energy. It's a supply chain as well.

We have been using Cisco Umbrella for more than one year. Basically, after the COVID situation, when the hybrid model came, we needed to give work-from-home options to the employees and look into cybersecurity. We had to get some cloud security. That is why we have introduced Cisco Umbrella.

We chose Cisco Umbrella because it's a better option industry-wide. It can inspect all the web traffic from anywhere. When traffic is generated from any local internet, it might be anything. It doesn't qualify for cyber security for any company. That's why you have to have something to inspect all the traffic. Cisco is a good vendor for us. That's why we chose Cisco Umbrella.

By using Cisco Umbrella, you are sure of inspecting all the traffic. Whenever the user machine is connected to your network, it is inspected. That's the best thing. It means you are sure that nothing is being exported or imported without your choice. That is the best feature.

It generates alerts, and you can integrate it with your ticketing tool. When it's integrated, it can also generate a ticket. That means you know when something is wrong or what's going on. It has helped a lot during this hybrid model, and I don't think that this hybrid model is going anywhere. So, you can simply say that Cisco Umbrella is a good tool for the future as well.

It hasn't freed up our IT staff for other projects because no one thought about this work-from-home model before COVID. There were many alerts after Cisco Umbrella was installed, which means many staff members were invested, but its automation, such as automatically generating alerts and automatically assigning tickets to a queue, has helped a lot. We don't need to do any physical or manual inspection. It's being done automatically, which is a good point, but it hasn't decreased any resource hours.

It's the best tool to inspect everything. We can inspect all the user traffic generated from anything.

If you wish to inspect all the traffic and it's integrated with Cisco AnyConnect, all the traffic basically goes through Cisco AnyConnect, which is not a good idea. That means you need to have more internet capacity as a data sampler, so in the case of a split tunnel, we cannot inspect the traffic that is being migrated through the local internet. I'm not sure whether there is a possibility wherein Cisco Umbrella can also inspect the traffic that is outside the AnyConnect tunnel.

We have been using Cisco Umbrella for more than one year.

I am a Solutions Architect in a mining company, and the size of the company is around five to 10,000 employees.

We wanted to replace an existing solution and give a better experience to our users, and we wanted to have a superior solution that could give us insights into how secure our users are and what their browsing behaviors are to track down and narrow down issues. Of course, the first and foremost use case is protecting our users. Cisco Umbrella gave us all those things in one and having it integrated into our environment was a very seamless process, and we're very happy using it right now.

It gives you a single pane of glass to see what's going on with your environment and your DNS queries. It has consolidated a lot of previous efforts into the visibility of what's going on.

It saves time. You're protecting your users in a manner that you don't need to do anything after. If, for example, somebody tries to open a malicious website or tries to download something, it just won't allow that. That's it. Previously, there were loopholes and ways for users to get around the proxy, which gives you more work. In that sense, we're saving the support team's time. When you're investigating a problem, it quickly gives you insights into what you're looking for as simple as possible. You can see when a user was accessing a website, was it blocked or was it allowed? Of course, you could test connectivity for specific users and computers. That saves time in troubleshooting. It saves hours per week in comparison to the previous solution. 

The agent that gets installed on the endpoints or on people's laptops and devices is a Cisco AnyConnect Umbrella module. It's one of the most impressive things because you are able to protect your users anywhere they are.

Its reliability and the response time of the support team can be better. 

In terms of features, I know Cisco Umbrella has a lot of potential, and I'm not sure if we're using it to its full potential. I'm not aware of all the functionality, and for the functionality for which we're using it, it has been great. There probably is one place for improvement. We'll love to see any new features, new functionalities, and maybe better integration with other cloud platforms, but for us, it's good as it's now.

We've been using Cisco Umbrella for around four and a half years.

In terms of availability, we've seen it down a couple of times. It has become very stable recently, but we've seen it down. Maybe that's one area that they can improve on. It was not for a long time, but it caused a little panic among our users.

Scalability is happening with ease with Cisco Umbrella because you're either deploying another appliance in your branch office or another office, or you're pointing the endpoints to the existing appliances in your head office or any other place, and you're good to go. It's very scalable and easy to use, and you can have a new office ready in a day or less.

It's great. We've had some cases and issues, but they were resolved quickly and in a timely manner, and we're happy with it. I'd rate them an eight out of ten. They could be a little quicker, but technically, they're great.

Positive

The previous solution was a proxy solution. I'd not state the name of the solution, but it was a proxy solution. It was heavy. It was slow, and there was no easy way for tracking old things. And of course, you can't protect your users outside of the company environment.

I found it easy to implement. Cisco Umbrella has great documentation and great support teams, and implementing it was very easy for us. We just deployed the appliances, and we got through the initial basic policies. We were prepared to do it, so for us, it was very easy.

We did it ourselves. The documentation was good. We're experienced architects and network-oriented guys, so for us, it was just a great experience doing it.

The return on investment is in terms of time savings. It saves time and helps focus on other important things instead of digging into problems with users.

Because we're mostly Cisco-oriented, the solution was obvious. It was already integrated with all of our equipment. We already had Cisco AnyConnect, so it was just a matter of adding the module to it. We're Cisco-oriented, and that was just an obvious choice.

Do your math and check the competitors, but in the end, you won't find a much better solution that's already integrated with your Cisco environment. If you are a Cisco company, that's the way to go.

I'd rate Cisco Umbrella an eight out of ten. 

Our primary use case for Cisco Umbrella is DNS filtering. We also have virtual appliances installed at almost all of our sites. 

We refer our end users to the local VAs and also to the public Umbrella DNS. We mostly use it for the guest network. For internal users, we have dedicated virtual appliances installed at every site. We have a number of offices globally and each major site will have one VA.

Thanks to Cisco Umbrella, we are better able to respond to malicious attacks and block those domains right away. 

The most valuable features in my opinion are DNS filtering, filtering details, and the ability to block certain web pages. However, we mostly use DNS filtering. I also think that the dashboard view is really helpful. Whenever sites get blocked, we get the details and the users who are connecting to them.

There is room for improvement in the dashboard. It could stand to be a bit more detailed. I would also like to be able to customize the dashboard to focus more on what is important for my company. This would be particularly important for the customized dashboard we create for the leadership team. This would help us get information to them quickly.

I have been using Cisco Umbrella for the last three to four years. 

Cisco Umbrella is stable. 

We use Cisco Umbrella across multiple offices so it is scalable. For the smallest offices, we use data center VAs and even in that configuration, it is scalable. 

Cisco's tech support is OK. I have had only good experiences with them. 

They could work on getting on the calls more quickly because it can be difficult to reach them sometimes. This is particularly true during P1 outages. 

On the other hand, they do really well with giving us helpful suggestions and additional information when we need it. The documentation is particularly good. 

Positive

We did not previously use a different solution. We were blocking things through the Cisco firewall. 

Migrating from our previous firewall configuration to Cisco Umbrella was not so difficult. We did not additionally configure the normal firewall policies. All we did with this solution was add an additional layer of security.

The initial setup is not simple. It is quite difficult and cannot be implemented by everyone. You need to have some basic understanding of the product to deploy it. You need to understand DNS filtering and domain blocking and have a working knowledge of DNS and how it works. You should also have experience with virtual machines and VM detecting because Cisco Umbrella is on a VM. 

We have seen a return on investment from Cisco Umbrella. We have seen many benefits. 

We are Cisco partners so we get a discount on the licensing. With the discount, I would say the pricing is OK. 

We did not evaluate other options. Ultimately, we landed on Cisco because it is more user-friendly than its competitors. 

End-to-end detection is mostly used for end users. We make use of it and it works well for us. It helps us find malicious attacks and identify other breaches. Cisco Umbrella is helpful when it comes to remediation as well. Whenever there is a new attack, we receive a notification and we block the domains through the solution. 

Cisco Umbrella frees up time for our IT staff, particularly the network operations team. They use this product to find attacks and users who access non-allowed pages. However, I cannot say exactly how much time is saved because it all depends on the day. We have offices across the globe and each is impacted individually by the solution.

Cisco Umbrella has not caused our organization to consolidate tools.

We use Cisco Umbrella to secure our gateway. All of the DNS forwarding coming out of the company from any site or all the DNS requests are forwarded through Cisco Umbrella, and then they determine if that is a safe address and if the content coming back is safe. They will either reject the addressing out of hand, or they'll look at the Layer 7 content and reject that from making it back to us.

We are using the Secure Internet Gateway (SIG) Advantage package. In terms of deployment, effectively, it's deployed from our private cloud. It's in our data closet on our servers.

It enables us to finally allow laptops to be used as workstations and allow data to leave the building. In the past, laptops were only used for VPN access, but they would connect back to their data inside the company. This has allowed us to have a level of confidence that they're protected as if they were behind our firewall. So, now, we've got work-from-home people who literally have their workstations with them.

We have six sites with 60 to 70 users. The baseline configuration allows for additional protection for any DNS requests as they leave those sites, and then the secondary policy is for the mobile devices as they leave the premises. When they're connected to public WiFi, they have an additional policy that kicks in for that time that they're not connected back to the company. So, when they're on public WiFi without a VPN, the tool will actually put that second policy in place that's more aggressive and offers a higher level of protection when it's not sitting behind the firewall. All that is automated. It's all built into the agent.

We don't allow WiFi inside of our network for connection to our actual business network. As soon as a device is docked, it disables WiFi on that mobile device.

When we have laptops that leave the building, they could connect to public WiFi before they establish a VPN connection back into the company. For that duration or that period of time when they're not docked in the network or on a VPN, they effectively don't have that full layer of security that I provide inside the building. This tool stands in during that period of time, and we extend the security settings through their basic firewall or their cloud-based firewall at that time. So, we do content filtering and control access, but they also are looking at new domains, IP addresses, and bad requests. They're blocking them on my behalf when a laptop is not sitting behind our security appliances.

There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad. I can't geofence out. I can plot top-level domains, but .com and .net go global. I can certainly block a China (CN) or a Russia (RU) domain, but that doesn't give me the same level of granularity. 

Apparently, Cisco Umbrella has got that as a feature request to allow an administrator to say, "I specifically only want traffic to and from these countries. Everything else should be dumped." That way, when they're sitting behind my network or they go out in the wild, they have that same level of traffic being blocked.

I have been using it for 14 to 15 years.

We've had no issues. It has done exactly what it's supposed to do.

It is cloud-based. So, scalability should not be an issue. 

Any increase in its usage is all relative to the growth of our staff. Currently, we deploy the laptops for people who need to work from home or are traveling between the banks. That's roughly about 20% of our total staff. Some people aren't going to be working from home, and some of their jobs can't be done from home. They have no need for mobile devices. If there is a need to work from home, its usage will increase. It is there if we need it to scale, but at this point, it is not scheduled to change.

Once I became a paying customer, it was much better. The preliminary training is there, but when you get into the nuances and the details of some of its capabilities, you need to talk to tech support. Once you're a paid customer, you get direct access, and then it's good. When I'm able to get a hold of them, their technical support is a 10 out of 10.

Positive

I didn't use any similar solution previously. 

I was a hundred percent involved in its deployment. We had a couple of issues. The proof of concept was done without a lot of planning. So, there were some mistakes made along the way. If I was doing it again the second time, I wouldn't make the same mistakes. 

The default configurations have your baselines. Those are never supposed to get changed, and I changed and tweaked those for our proof of concept. After a couple of weeks, I had some additional guidance from the Cisco Umbrella team. You leave the baseline configuration, and then you clone and create a new configuration that sits in front of it. So, everyone gets the baseline, and you don't change that. If you want to change it, you make a new policy and then make the changes to that. If you change the baseline default policy and you make a mistake in it, you've to back that all out. If you make it in the new policy, in the worst case, you just delete it, and automatically everyone goes back to baseline. So, there's still a policy in effect. That was a training issue that should have been resolved. Now that I've done it, if somebody asks me, I would say that this is the way you've got to do it.

It was just me taking care of its deployment. In terms of maintenance, once it's configured, unless you're retweaking and adding or removing something that was blocked, it pretty much runs itself.

I have less maintenance to resolve, fix, and reconfigure VPN clients personally, and the feedback from the end-users is that they're more productive.

We were using the free version, and we implemented the paid version about two months ago.

I'm paying a fair price, but everything is negotiable with Cisco. One of the benefits that I got by having Cisco Umbrella is the licensing of the Cisco AnyConnect VPN client. There has always been an issue for years and years with Cisco Meraki in terms of VPN clients and using the native built-in Windows client. It keeps reconfiguring itself. By using Cisco AnyConnect as the VPN client, it's not affected by Windows patching or people typing in passwords by mistake. It's more resilient and doesn't change. With just Meraki solution, there was an extra expense for the Cisco AnyConnect VPN client. By having Cisco Umbrella, that licensing is now included.

There were a couple of other options, and I discussed them with another consultant. As a regulated industry, we have to do vendor management, and vendors have to be vetted. So, Cisco was already a vetted vendor. There are other companies that do the same thing, but Cisco didn't require me to do any more vetting. They were already a vendor.

When it's configured the way it's supposed to work, it turns itself on and off based on the status of the VPN or the dock condition. Once it's configured, it does exactly what it's supposed to do. 

If you're doing a proof of concept on it, fully understand how the policies are configured and what the flow is. You should understand the hierarchical status of the policies to configure it right the first time. You don't really want to guess it.

I would rate it a 10 out of 10.