Cisco Umbrella Reviews

It's for the VPN nomad connection. We capture all the DNS requests, log them, and check them in case of troubleshooting for security or malware issues.

Through Cisco Umbrella, we managed to deploy our M365 system and our connection. It was very good for deploying access to those cloud systems. It was a very important requirement to check all the connections from outside when the laptops are remote, and we managed to capture all the DNS requests. It was a security requirement.

It hasn't saved us time, but we managed to deploy the connectivity to the cloud system such as Azure or M365.

We can have a full overview and a quick overview of all the DNS requests. For us, it's quite important.

Cisco Umbrella is a good solution. It meets all of our needs. They can maybe simplify the configuration. For example, sometimes, the proxy part is quite difficult, and that's why we didn't deploy that.

We've been using it for two years.

We have no issues at the moment. It has been two years, and we did not have any issues. So, for us, it's quite good.

We have about 6,000 devices. So, I have no problem with scalability.

Their support is very good. We have a lot of feedback from our partners and our Cisco contacts. They get in touch to be sure that we are using the product correctly and whether we have any questions. I have had no problem with them. It's super good. I'd rate them a ten out of ten.

We didn't use any other solution previously. It's the first time we are using such a solution.

We were already using Cisco AnyConnect, and for us, it was a simple plugin. We didn't spend much time. We did some tests. We worked with a local French team, and after that, we deployed it. For us, it was very simple to deploy.

We deployed it ourselves with the help of a partner in France. The partner company is called Nomios, and we had a good experience with them. They know a lot of Cisco products, which is very good. They are into security and network architecture.

We haven't yet seen an ROI.

Its price for us is quite expensive because it's a subscription, and we just use it for the DNS log. So, for us, it's quite expensive.

We didn't evaluate any other solution. We went for Cisco Umbrella because we already had Cisco AnyConnect. We just used the plugin, and it was very simple for us to deploy it.

I'd rate Cisco Umbrella an eight out of ten. For me, it's quite a good product. 

We have deployed an on-prem virtual appliance for Active Directory (AD) and user mapping. We have integrated our AD with it as well as all the pre-reqs that come with it.

It is a DNS solution. It stops us at the first layer of Layer 7, stopping at the DNS level. It just removes the burden for opening a connection, then looking at the firewalls and all the parameter devices. It has a single pane of glass that keeps you secure.

It has helped us in terms of the roaming client. That has helped us in terms of security. Whereas, previously the roaming client was bothering us, which got us into this solution. That has helped the end user with laptops and devices for different sites. This keeps us secure at all times wherever they go.

We are not using a DNS solution, but we have been using the firewalls and all the proxy firewalls instead, which has really helped us since we now know that the entire network environment is being secured by Umbrella. It gives us a real pat on the back that we are being backed by the Talos cloud and its security. We are monitoring in real-time. It works by itself to assess all the security features and parameters through Talos, which is really interesting and good for our environment.

The most valuable features are actually the reporting with all the visibility. It gives a hawk-eye view when we map AD with Umbrella. It gives us the visibility of every user, e.g., which sites and content are being used and who is accessing what. That has really been a good new addition for me.

We don't need to access multiple devices in order to give access to our internal resources. We are secured in having everything on a single pane of glass, which keeps us secure as well. We can enter the configuration to reach our destinations based on the main names. Other than that, it also secures us by not looking at only the destination, but also the predefined security parameters that Cisco Umbrella has provided. For example, if I coded command and control centers (CNCs), then most phishing websites, where there are known websites caught by Talos, are being categorized as the bad domain. That is where it gives us a nice, handy lift.

The single-pane-of-glass management is really important. In today's era, administration costs and operational expenses will cost you a lot, and it reduces that as well. You don't need extra resources to manage all your parameter firewalls, looking at every single device to allow resources internal access. By just introducing the single-pane-of-glass management, it has lifted the burden off of management, especially the network management.

It gives us a quick view into what we are looking at. We don't need to go to the different devices and see where our traffic is starving, etc. So, we have better visibility, when using Umbrella, from its single pane of glass.

We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run.

I have been using it for seven or eight months.

We used support when we were deploying the VAs. So, we have opened tickets a couple of times when we were stuck.

The technical support is alright. I would rate it as eight of 10. There was one time when I opened a ticket regarding the VAs, which didn't go quite well. However, it has been a good experience overall.

Positive

We did not previously use another DNS solution. This solution was our first.

It is very easy to maintain network connectivity. For medium- and large- enterprises, it is not going to take more than a week or so to deploy the solution. Or, you can deploy it with fewer complexities in a couple of hours. Therefore, it is not that hard to gel it into your existing network. So, it works like a charm for us.

In our environment, all traffic was going to the data center. It didn't take us much time, or the complexity of the network wasn't much, so it didn't bother us to pre-plan its migration. We just had to change all our DNSs on the perimeter firewalls and point them towards Umbrella, and that was it.

It has helped us to remediate threats more quickly.

It is pretty much handy in terms of what it offers. Actually, it is all about how it caters to your security. Every solution has their pros and cons, but Cisco Umbrella catches all the vulnerabilities and things that could hit any organization.

Previously, we were not tracking roaming clients, which were changing networks every time. I was wondering if something was hitting the endpoints, because we wouldn't know. When Cisco Umbrella joined our network, it explored all our networks. This was really interesting and a key part of why we chose it.

The end user isn't tech-savvy and doesn't care what is being done. As far as the system admin and network admins are concerned, their work has been reduced in terms of management and managing the entire network.

I would rate the solution as nine out of 10.

In my previous company, there was a gap in being able to put controls on users when they were away from the network. We thought, "Okay, Umbrella can do this for us," and it was at a reasonable cost for our security budget.

With Umbrella, it didn't matter if the users were in the office or they were going to go out. When I trained them I said, "If you go to Target, Starbucks, or anywhere else you can get on a hotspot, you're going to be covered with our rules, so we can make sure you're protected and that our company device is protected."

It gave our users, from all of our sites, something like a first line of defense, including monitoring all the exit points of our offices. We also used Cisco AnyConnect on everybody's laptop so that any time they were out, we were making sure to secure their machine and keep an eye on it.

Having a single pane of glass allowed us to quickly monitor and find out what was happening at that moment. We could see active connections going to a public address on the internet. At one point there were so many of them, thousands and thousands to one public address, which was more than normal. I had to contact Cisco support, and say, "This is what I'm seeing. Something's not right," and they said, "You're right." In the main screen, we switched over to investigation and we found that it was a bad actor. The bad actor was checking for domains that are flying around, and he found a few of ours that weren't paid for. He bought them and then he started controlling where they were going by redirecting them. That raised a big red flag for our company. They never had any idea that that had been going on for a very long time.

There were other bad actors who had some of our domain names as well. I had to work with legal and we actually purchased back a few domain names from people. As a result, we taught our guys internally, "When you do a domain and you're going to do tests in the lab, make sure that we put purchase orders in. It's so cheap, let's buy them so that we have control of them, and not allow this again." That was a big awakening.

Another benefit of Cisco Umbrella was related to our wireless. If we had a vendor come to our company, I'd have to get permission for him to use our wireless. I'd have to put in a ticket with his machine name, the IP he would have, and ask for a two-hour window. But I could tell that vendor, "In the same way that you are helping us with the product we purchased from your company, we're going to help protect you at no charge. When you get on our wireless, we're going to have it set up so that everything you do is monitored, just like everybody else here in the company. Even though you don't work for our company, you'll be protected and that will help protect us." They would stare at me, and I'd say, "I know a lot of companies don't do that, but we're doing that because we want to make sure you have a good experience and that we have a good experience by staying safe."

I was able to make use of Cisco Umbrella because it acts like a proxy. The company also had content security, which I used on-prem with Blue Coat products. Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do.

The single pane of glass management was one of the really good features. From that single pane, not only could you look at what was happening security-wise, such as what was being blocked by domains and IPs, but you could check for your roaming users. With a deployment of AnyConnect, or just the Umbrella agent, on 5,000 machines, you could watch the main glass and see how many roaming users were out there that had it on their machines. And even if they were in the office, it was always active, talking to Cisco's cloud.

You could see numbers. I was able to watch, as we were deploying, how many people were getting the agent. I could see activity such as how many blocks we were getting, what types of blocks they were, and whether they were in categories. I would ask why those users were going to those categories that they shouldn't be going to. Maybe we needed to just refresh them with an email saying, "Hey, remember, we don't do this kind of thing."

Cisco's Umbrella client product is superb. It worked so well for us and was easy to deploy.

The design of the screens could be improved. Sometimes you're trying to look for information, for what you think is critical that should be on that first screen of the dashboard so that you can quickly take screenshots to have people help out, but you have to hop between screens to find little pieces of evidence.

They should work with their customers to find out, when they're troubleshooting, if they're going through multiple screens just to get little pieces of information. Maybe they could design an overall security screen for an event and pull that stuff in so that it's on one screen, rather than having to go search for it. Right now, you're always going back and looking on the left-hand side, going down the column, and trying to remember where something you need is. You have to click all over the place to go find what you're looking for.

I used it at my previous company for about four years.

It was always up. We never had any problems. It was always there.

Scaling was very simple. Since we were using a VPN, we had Cisco AnyConnect on all the user machines, with Umbrella built into it, and that deployment was just blasted out and it was seamless.

The Cisco Umbrella support group was wonderful; very strong. I loved it. I never had one issue with them. They were willing to be there with us, and walk us through things every bit of the way.

Positive

We didn't have a whole lot going on in terms of security and when I got a new manager, he asked, "How do we protect the people when they're out in a store?" That's when we saw that's where the flaw was. We were protecting everything on-prem but the gap we found was that when users were traveling around, we were not seeing where they were going. We were holding them to a standard internally, but when they were outside they were doing whatever they wanted.

What a simple product. It's a fast deployment. Then, you can start designing how you want to do your policies and what you're going to block. But once we told them what public addressing they were going to see, within a few hours we would see them go green. We said, "It's already seeing the data. Let's start applying policies, and we can start controlling all this."

We looked at metrics. As I mentioned, one of the benefits we received was finding the bad actors who had collected our domains that weren't paid for. That helped us to put the magnifying glass to use and say, "Hey, we have something going on." 

I also worked with an outside company that Cisco purchased. I sent them our data from Umbrella and they actually mapped out our data and found bots on our network. There weren't many, but there were a few. The guy shared that with me on the screen and said, "If you buy the service to have us be part of your Cisco deployment, we'll take your data, continually analyze it, and give you reports." 

There was one bot in particular that was just sitting there. The guy at the other company said, "That bot that you're seeing, it's asleep. Look again in a few hours," and it popped up. He said, "It just woke up at that point to try to do a command call." He said, "But we're blocking them, so you're not getting any threats." We didn't know that we had bots in there, and that was a big benefit.

I also had to run numbers for reports. One of them looked at our category-blocking on Umbrella, such as blocks of alcohol sites, social media, weapons, government. I would provide monthly reports to show how many blocks we had from our users trying to go to these types of categories, and it really woke up management: "Wow. That thing is blocking." 

Our investment in this worked, and we were showing it by numbers. It wasn't only that we found bots and bad actors, but we were also controlling things  by blocking phishing and categories. It was protecting us and no one was able to get past those blocks.

The pricing was marvelous. We only had to pay for licenses and they worked a very nice deal with us. It was a much better way to go because it was within budget. It was an easy cost for us to handle.

We did not evaluate any other options. We invited Cisco to come in and do a demonstration, and it was so strong. I also come from a Cisco background of many years. In addition, the industry reviews rated them very well and we took that as our lead.

When they came in and showed us what they could do and how easy it was to monitor every one of our sites within a day, after we put in our external public addresses, it was a no-brainer. It was up and live by the next day, after just a few hours. It was easy to use and set up and we could use it like our internal proxies. We could manage the content and know what was going on and investigate things. We knew what sites people were going to. It was wonderful. Everything we needed was there. We didn't have to go any further, and we knew Cisco would have our back.

All the users understood why we were putting the security control in place, to show that not only were they going to be protected at work on company-owned devices, but whenever they would go outside, we were also going to help. We had to mitigate the chances that they would get something on their machines and make sure that we stopped anything that shouldn't come in and affect our network or expose us to anything.

With Cisco Umbrella, employee morale was very high. We hardly had any complaints at all. One of the reasons is that, when doing regular security troubleshooting, we would go to Umbrella as our first line investigation. We might find a domain or IP that was being blocked by Cisco, something they consider a risk. We would check it out and if it didn't look to be bad we could bypass the block and allow that AD group or set of users to go to that site, because they had to do business as usual. With that ability, we had very few problems, if at all. Overall, it was smooth, with everybody happy, including management. They were happy that we had our first line of defense and that it worked out very well.

I introduce Umbrella to any company that I'm involved with. Cisco is already taking the correct steps right now, as a CASB for any cloud activity as well as DLP. Once they circled around to help companies with protection when they move to the cloud, that was the right direction. I'm not using Umbrella every day anymore, but I'm a proponent of it as a first defense for your company at a reasonable cost. And you don't have hardware to manage. You just rely on Cisco, get your support contract, and work with them to have them help fix things.

I'm a firm believer in Cisco Umbrella and I would definitely use it everywhere I go. I'm speaking to companies in the health industry and telling them, "Guys, you can't just have four people working on security and think you're going to do everything in the world to protect your hospital. You're going to end up on the news." I try to introduce them to this type of solution, to at least have something there to mitigate and help out.

As a Cisco partner, try to test things on our own before we position the product to our customers or educate partners on it. So, the primary use case was to test things out and to be our own first customer. We started using it internally for our own purposes to secure our access to the internet with Umbrella.

We use Cisco Umbrella to secure internet connectivity and especially to focus on the threats introduced through web browsing. This is because most of the applications the workers use are browser-based.

The traffic, by default, is typically encrypted with HPS, and we use Cisco Umbrella to get more insight into that traffic. The classical security appliances have very low visibility into them. This is where we see Cisco Umbrella have the most traction.

In general, it increases the security level. It helps us prevent threats from being accessed. Also, the visibility into internet bounce traffic is increased. So, in general, it increases the overall internet security of the organization.

One valuable feature is definitely its simplicity in terms of deployment. It is very easy to integrate it into the environment without any heavy lifting. Users didn't notice that we implemented it. You can start with a very low monitoring mode and start observing what Cisco Umbrella sees.

In terms of helping workers feel safe, secure, supported, and included, the solution is pretty transparent to the end user in most cases. They don't necessarily get any confidence from it, but it's supposed to be that way. It's supposed to be as transparent as possible. However, when the end-user accesses a site that is blacklisted or treated as potentially suspicious, he or she will see a warning displayed. This gives them additional confidence that somebody else is taking care of the details and that they can confidently browse around. If they come across a suspicious site, they know that they will get a warning or advice on how to proceed.

Cisco Umbrella supporting hybrid work environments is important. Within our organization, even before COVID, a lot of us worked remotely from time to time. For companies that we work with, it has become a reality with COVID. Before, everybody was working on site, and now, that's no longer the case. It is important to have flexibility and know that even if we work from home or from another place we're still secure.

For all Umbrella-related things, it does provide single-pane-of-glass management, but it's one component. If I look at the typical employee, he is only one piece of the puzzle. Other solutions, like, for example, AnyConnect for remote access, are managed separately. For Umbrella-specific items, it's a single interface for management. For monitoring, policies, and troubleshooting a specific case, everything is in one place. I don't need to go through the logs to know where to look.

My organization is not very large, and I'd say my colleagues are pretty proficient. So, it's not a high priority to have single-pane-of-glass management, but it's always good if solutions are capable of integrating together. If by enabling single-pane-of-glass management the workflow is simplified and the day-to-day operations are a little easier, then that's something we definitely want to benefit from.

The administrator user experience is definitely optimized by single-pane-of-glass management, especially if the personnel are busy. Then, it helps if all the relevant details are in one place.

In terms of maintaining network connectivity, Umbrella on its own is pretty user-friendly. It is easy to set up and maintain. It's one of its strong suits.

For the branch and campus, it's very simple to apply and maintain network connectivity. For the home environments, there are options to integrate it into the employee's PC as well. Cisco Umbrella supports different methods for different environments so that you can achieve the level of implementation that you need. It's where it should be.

It's very efficient in securing the infrastructure from end to end so that we can detect and remediate threats. You can simply adopt it right into the environment, and you don't need to build the rule sets on your own. It utilizes best practices, and it's very easy to set up policies such as potential malicious categories on the internet, what you want to block, what you want to filter out, etc. It's very easy to implement those.

When you go through the reports, you can see what kind of threats were blocked. Luckily, we haven't had an incident where something got through and caused a security incident.

In terms of metrics on how Cisco Umbrella has been able to remediate threats, the numbers look pretty impressive. However, it's hard to assess how serious that potential threat really was. It's hard to put actual weight on the numbers to determine how meaningful those numbers are.

The value that resilience helps offer in cyber security is pretty high. Cyber security resilience is a high priority in our organization. It's important to our customers that we handle what we do for them in a secure manner.

I'd like to see this solution more closely integrate with other products Cisco has in its portfolio.

I would also like to be able to manage the identities, for example. If you define them in ISE, it would be good to be able to use the same identities also within Umbrella. It would simplify the use of multiple products within the organization from the same vendor.

I've been using it for about three years now.

Stability-wise, Cisco Umbrella is pretty robust. The uptime statistics are very high. There are, generally, no issues with stability.

Our organization isn't very large, but it's pretty scalable for larger organizations. At the moment, it's not a limiting factor.

Technical support is one of Cisco's strong suits. In my experience, the Umbrella team has been very quick to turn around requests. It's even been above average by Cisco's standard compared to the turnaround time for other Cisco solutions and products.

I would give Cisco's support a rating of nine on a scale from one to ten.

Positive

We deployed it by configuring local devices to redirect the DNS request to the SAS service Umbrella provides.

The solution is cloud-based. You just send your DNS request or your traffic to it. You can start with a monitoring-only mode. So for example, you can redirect the DNS request and start observing what Umbrella recognizes. Later, you can start defining the policies, setting up the enforcements, etc. You can very quickly get to the first results.

Actual ROI numbers are really hard to measure and determine. Generally, we see that customers who implement Cisco Umbrella and start using it tend to renew their licenses. They adopt the product, and they recognize the value it brings. I think this shows that there was a return of investment for them and that it achieved the desired level.

Licensing with Cisco can be a little complex, but I think it's comparable with that of other similar products. It's always hard to put a price on security, but the price is fair for the value it provides.

We're a Cisco partner, and we work with a lot of Cisco solutions. So, it was pretty easy for us to decide what we wanted to try and test. We didn't really do competitive selection and assessment, and it was pretty straightforward for us to go with Umbrella.

I would rate Cisco Umbrella at nine on a scale from one to ten.

The solution is for filtering web content. We can control user access to applications as well as have visibility into Internet usage.

We are using it on approximately 300 servers. The solution is deployed across three departments. There are about 8,000 users.

Umbrella gives us control and visibility of our network using administration tools. This is helpful for us. 

The solution is very good for helping workers feel safe, secured, supported, and included.

Employees have accepted the solution. The solution is very good for them and their morale.

It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security.

The most valuable feature is its web content filtering.

It is very important for our organization that the solution offers single-pane-of-glass management.

It is very easy to maintain network connectivity. 

The customer experience has been very good.

I feel that the application needs other characteristics that are available with other applications in the market.

I have been using it for three years.

It works very well across platforms with other providers.

It is very easy to scale.

I have never needed to use their technical support.

We have just used this solution.

Our initial setup was very easy.

We used an internal consultant.

Our leaders say that cybersecurity and resilience for our services is very important. They say technology is necessary for developing business with our clients. 

I would rate the solution as nine out of 10. The solution is very good, easy to implement, and manage. The visibility is very user-friendly. 

We use it to protect our users from getting to any known bad domains.

It does what it's supposed to do, protecting us from getting to somewhere that we shouldn't.

The solution also helps us remediate threats more quickly. Examples are when an email campaign comes in with malicious links, or if they're on a website like Facebook which is full of junk that doesn't need to come through.

Domain blocking is among the most valuable features. It keeps people from accidentally clicking on something they shouldn't. Also, if I see an email that comes through, I can pick out bad domains that we want to block and make custom policies to block them.

In addition, when it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well.

The single pane of glass management is also pretty helpful because we don't have to hunt for what we're trying to work on.

Getting to some of the reporting features is something that could be improved. When I am tracking someone that has done something, my first hint is usually an email, because I've got those scheduled to come in every so often. But then I've got to log in, dig into that user, find the time period, and then export it. There's a lot of waiting involved through all of those steps.

It would be helpful if there were an embedded link in the email so that when it says it blocked something in particular, I wouldn't have to click through five or six different things to get what was blocked in that email. With a link like that, I could just click from within the notification email and it would take me straight to that page.

I've been using Cisco Umbrella for five years.

I haven't had any issues when using it.

Scaling it is pretty easy. Every time we need to put it on a machine, it's just part of the deployment process.

There are a lot of features that I haven't used. They've been doing a lot of work on it recently and I was talking to one of our Cisco reps who talked about some things we can do with it that we're not doing yet.

I haven't had to use technical support.

It's continuously deployed because, if we wipe out a computer, we've got to put the agent back on it. If we have to put it on a Windows machine, it's easy. If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all. Getting it to the point where you could deploy a Cisco product with a Cisco product would be beneficial.

Umbrella is pretty invisible to our employees. Most of them don't know we're using it. There isn't a lot of user training involved, as long as your security people can get in there and do what they need to do.

It's a great tool because you can effectively block a lot of things that can infect your machines. People don't realize they're getting something that's malicious.

Overall, it has been pretty helpful for what we're using it for.

We were looking to solve multiple challenges, from DLP all the way through to regular content filtering offsite for our hybrid and remote employees.

Using Cisco Umbrella has brought us into compliance with our customers on a number of points.

Also, it's very important that the solution helps support hybrid work. That was one of the main reasons we got it. About 45 to 50 percent of our employees are either fully remote or hybrid. We needed a solution that would follow them home.

In addition, it's very helpful for securing infrastructure from end to end and detecting threats. It's blocking a lot of stuff, so we don't even have to remediate. It's blocking things before they get to us.

Resilience in cyber security is very helpful and this product has increased our security posture quite a bit.

The most valuable features for us include

• Tenant lock
• Content filtering 
• DLP solutions, looking for PII and information being exfiltrated.

Also, the policies are applied wherever you go, and that's good.

There are a couple of different pieces that have different portals. I know they're working on getting them all into one portal, but that's probably the biggest thing that needs improvement right now. It's not a single pane of glass yet.

I've been using Cisco Umbrella for about a year.

We haven't had any issues with the stability of the product.

The scalability is very good and that's another one of the reasons that we chose this product. You can slowly ramp up the policies. You don't have to build it all at once. We started small and have been deploying more and more of the features of the full SIG Essentials package that we have. We can add more users when need be. It scales on a policy and a user and a deployment basis.

We have about 400 end-users and five sites. We use the AnyConnect module on the local workstations.

The solution's technical support has been very good. I haven't had to call them very much, but the technical support has been good when I have needed it.

Neutral

Previously, our users were only in-house and we had internal firewalls that were doing a lot of this work. But now that they're hybrid, we had to come up with a new solution.

We evaluated Prisma because we have Palo Alto firewalls, but it was more expensive and more difficult to set up.

I don't think our workers like it all that much. It has actually made employee morale worse because we block a lot of stuff. But that's not really the product's fault. It's our policy. It makes things a little bit more cumbersome for them, but it definitely makes us feel safer.

I would tell leaders who want to build more resilience within their workplaces to do it. It's important because one hack and your business is done. Your reputation is everything in this day and age. Being resilient and being able to recover from that type of stuff before you're actually exfiltrated is a big deal.

Overall, Cisco Umbrella is pretty easy to use, pretty easy to deploy, and it does what we want it to do.

We use it for DNS filtration across all data centers, offices, and remote users.

The blocking of all the non-malicious traffic from DNS request queries has been huge. DNS is very important from a security perspective. Securing this layer, specifically for the remote users and the remote workforce that we're seeing today, is definitely a big gap that needed to be filled.

The DNS Umbrella agent is already installed on the core machine. So from day one, when our CEO sent all employees to work remotely, all we had to do was flip a switch to have a DNS filter on all core machines.

The visibility that Umbrella gives us into what a user is doing, versus what we want to block, is huge. It's not that we're policing things. It's just a matter of watching and having visibility. We're definitely not going to block every domain, but having visibility is very big.

It enables us to go granular in the customization of blocking some categories on the DNS. 

Also managing all the DNS aspects from one portal is definitely great from a security perspective. Sometimes we get a malicious URL in a phishing campaign on the email side. Blocking a domain across the whole company in one minute is definitely great. To block a DNS request very quickly you just add the domain to the Global Block List and in one second it's blocked.

Another feature that is good in Umbrella is applying and maintaining network connectivity consistently across all workplaces. You can go through the categories and do templates based on the sites, such as a data center or a branch and apply policies based on that.

Having ready-to-go templates with best practices is definitely something that would be an improvement. Deployment, from day one, is something that definitely needs to be improved for Cisco customers.

I have been using Cisco Umbrella for four years.

The stability is a 10 out of 10.

The scalability is also a 10 out of 10. We use it across all the company's offices and data centers. We have 1,500 users.

The Umbrella service itself is great. Sometimes, with technical support, we go through "tag" problems, but otherwise, it's pretty smooth.

Neutral

We did not have a previous solution. We used to use CWS, which was Umbrella before it was named Umbrella.

The ROI is visible in the portal through the executive reports. They show how many times we block malicious sites. Management definitely gets a view of the fact that we're blocking a lot of malicious domains with Umbrella.

We have a security Enterprise Agreement with Cisco, so the pricing is good. We take many security products in one agreement, so we have no complaints about the price.

From a DNS perspective, Cisco Umbrella is the number-one technology now.