It is good for whole network protection, and individual PCs with the client. Provide good reporting on where your network is going on the net. One thing I would like is a longer history with the logs 14 and 30 days are too short some times.
If you are looking for something relatively inexpensive to lock down specific computers, it would be a useful tool. If the computers themselves aren't too locked down, implementation and management shouldn't be too difficult.
Managing the overall security policies is quite seamless in Cisco Umbrella. it is quite easy to set up and implement web filtering rules and other necessary configurations without any hassle.
The reporting features like 'activity search' provides greater visibility of our user's internet activity within our organization. We can identify security related risks quickly and take decisions to mitigate them.
The deployment and integration of Cisco Umbrella with other vendors product is quite appreciable. We other non cisco security devices which Cisco Umbrella was integrated with without any major issues.
We can easily track down any user that goes to the internet through the activity search feature.
There's always room for improvement in all products for sure. On the umbrella part, I would say that the room for improvement is on the data loss prevention part. So it sits on the PCs, it sees a lot of the traffic that goes on, it knows what files are on the PCs, but it's actually not stopping some of the intellectual property or personal identifiable information from going out. So we are able to block users from accessing applications and websites or even IP addresses, but we're not able to go a bit more granular, more on the data loss side. So that's a gap that I have in the product.
Our primary policy is a restricted list, so that does as advertised. We had one location that had blocks based on categories (adult, illegal, etc). We continually had issues with sites getting completely blocked due to unrelated content. For example, Yahoo had a beer ad on the page, alcohol was blocked, so Yahoo became blocked for the period of time that ad was displayed. We had this happen multiple times and eventually switched to a different solution at that location.
I've had issues with their cloud portal not working. I don't have to edit our configuration often, but on numerous occasions, i was unable to get the configuration page to load after login, sometimes for days. The platform just wasn't stable when I needed it to be.
We run many of our remote rooms as frozen (after logoff they reset to the image). This works fine most times, but when content protect needs a configuration change pushed down, someone needs to go 'thaw' the computers, download the updated configuration, and re-'freeze' the computer. It would be nice if that information was just dynamic from the cloud and didn't need to be pulled down.
The categorization used for policies is very limited and not flexible or easily customizable.
First off I never give anything a "10" unless it's perfect. LOL - I grade on the curve. I think OpenDNS/Umbrella is a very good product. I think that fact that Cisco absorbed them is one of the proofs of that. I have used the product back when it was free for companies our size. I have not always appreciated the cost - but in the post pandemic cyber chaos, I believe the cost benefit ratio is still very high. I have honestly not looked at other products because Umbrella continues to work to my satisfaction. I consider Umbrella to be one of the key layers in my cyber security strategy.
The product was easy to install and get running. To maintain the product is also a simple matter of maintaining lists of wanted and unwanted domains or URLs. The basic and advanced security features all do what they are intended to do with no known erroneous outcomes
Cisco umbrella services in the cloud are always available. However, the weakness is the VM installed in the data center that are the first resolvers. If the VMs become unavailable for any reason or the vSphere goes down, then all DNS is affected
our experience with cisco products has always been awesome and same is the case with cisco umbrella .Under umbrella cisco provides flexible and scalable software solution to use across different dept and sites . These softwares are very user friendly ,pages load quickly as these applications are designed for minimum latency and reports are also provided quickely
Whilst the support is good once you get through to them, it's email only and the response is slow. This is a issue, because its a core system that needs to work. We have had issues in the past where several of our companies have gone down due to Umbrella and support is nowhere to be seen. It is very difficult to know whether Umbrella is having service issues, since they do not regularly update customers on the status of their services, such as is seen by providers such as Microsoft (status.umbrella.com just seems to show up all of the time, I'm not sure it's even updated)
Quite easy to understand training modules prepared by knowledgeable trainers. Training modules have included all the desired features of these softwares and the content delivery is very good from the respective module trainers and it explains in details the features and apart from that further training material support is also provided if needed.
At the time we were forced to move from Cloud Web Security to Cisco Umbrella, Cisco Umbrella was far from being a direct replacement. It was frustrating and difficult to migrate due to the lack of functionality. This has since been addressed, however we now have legacy rulesets that were built as bandaids that cannot be removed. Hopefully the migration to Secure Access will address this.
Different products in different spaces. The Z3 was more of a VPN endpoint so that users didn't have to worry about a client. If they are at home, they are on their corporate network and able to access resources. Cisco Umbrella can be used then to serve corporate DNS across the VPN tunnel to the Z3 device and extend the capabilities of Cisco Umbrella.
At the time ContentProtect was selected, Forcepoint (Websense at the time) didn't have an inexpensive or cloud type product. The same can be said with Cisco, at that time. Recently, we have reevaluated and are going to be transitioning to Forcepoint's mobile client and removing ContentProtect from our environment. The cost is actually now less and we will be able to get both more dynamic control and also give us more detailed reporting on the traffic from clients.
Cisco umbrella provides fleaxible and scalable software solutions which are easy deploy across multiple departments and sites wherever needed and this softwares are very easy to use and provides the best interface along with cisco support for other devices apart from cisco infrastructure but still there is scope for improvement on the inclusion of latest features
It's too early for us to say now. We started with Cisco Umbrella with the migration and during the migration we choose all the specific access. Now we are going to Cisco Secure Access in our simulations there will be much of cost savings because we don't need the on-premise data center anymore for the ASARs and for the local firewalls and the people, they are managing that on-premise. So we estimate there will be a lot of cost savings, but currently it's not on the paper yet. So we have to wait what the experience is with it, but we are optimistic.
It was a relatively inexpensive and simple solution when we needed one relatively quickly, which is a positive. The inexpensive price has kept it in the environment.
The lack of reliable reporting has lead to the need for an alternate monitoring solution in a few cases. Network level reporting was used, which is a separate expense, configuration.
Time has been lost waiting on the portal and then troubleshooting support tickets when sites that shouldn't have been blocked have been blocked. It has resulted in changes for locations that needed dynamic category filtering as opposed to a finite list.
The blocking of sites based on add traffic or sub-sites (rather than just blocking that content like other solutions) has resulted in downtime during classes when those sites were listed in the lesson plan and had previously worked.
