I work in an institution with about 6,000 people. I'm a telecommunications engineer. I use Duo Security as my access point when working remotely. Because I'm a telecommunications engineer, I have to have access to my systems remotely, and our VPN client requires that we go through second-level verification, for which we use Duo Security. 

Ours is on-prem. We have on-prem Duo Security. We do not use cloud at this time. 

The benefit of Duo Security, for me, is the very easy remote access. I don't have to go through repeated steps to log in to my platform, and it's the same process every time. It works quickly, and it's just that simple.

When it comes to securing our infrastructure from end to end, I wish I could speak more in-depth about that. I do know that Duo Security does identify me as a user, and the folks that need to track who's using it, when, and why. I know that there are very detailed and well-designed reports to let them do that. I am not on that side of Duo Security. Again, as a user, the best part is the ease of use. 

At the moment, the ease of use is what is the best feature for me. Once it has been set up and the security can hoc to my mobile device, it's very simple to use my single sign-on, get prompted for a Duo Security, push, go to my phone, accept the push, and I'm done. It's a very simple process. 

The only thing I can think of to improve for tech support is to have a dedicated engineer but then I would get an engineer that has priorities in one area or another and maybe not the scope I need.

I like the fact that when I open a ticket, I'm not getting the same caller calling back. I like the variety of support that Cisco offers.

Opening a technical assistant's request is a little challenging at times. I wish that the Cisco website could understand who I am from the chart and just let me in rather than forcing me to pick out my contract number, my address, or something like that. They should make it streamlined, make it simple.

I have been in this current position with Duo Security for two and a half years.

To my knowledge, we are relatively stable. I know there are times when in-house we may have difficulty with servers, connectivity, or databases, but it only happens sporadically. I think in my experience, we've had Duo not work maybe once or twice in the last two and a half years. It usually results in rebooting a server.

When we speak of clients on which Duo Security is deployed, every user in my environment typically has a cell phone and a laptop and we use mobile push. I believe we do use PIN capabilities, as well, but primarily we use mobile push. I suspect that it's on a PC mobile platform.  

On average, Cisco's technical support is very good. There are times that I need to go through escalation processes, but once I escalate it, I know that I'm going to get the service I need. The more challenging part for me is defining the problems so that the technical solution reps can help me solve them. 

My rating for Cisco technical support would vary depending on what they are supporting for me. I would say they've never dropped below, say, a 7.5, but pretty consistently range in a nine out of ten category.

I think Cisco support works very hard to satisfy my needs as a customer rather than frustrating me.

Positive

I believe that they did use a different solution. I actually believe that we did not have multi-level verification on our VPN login when we started out. As a result of COVID, it became necessary to have multi-level verification. That was when Duo Security was introduced. I also understand, this was prior to my employment, that Duo Security was enacted in less than seven days. 

As a case for return on investment, I would stretch my exposure and say that the return has been remarkable because we went from full-time, on-premise workers, to full-time remote for everyone for several months. Subsequently, many of our staff now work a hybrid schedule, and Duo Security makes it entirely possible. 

When it comes to pricing, the only thing I can say is that working in education, when you buy a product, it has to have value. My assumption is that Duo Security has a great deal of value for its cost. 

To advise somebody about Duo Security, I would say it works. It works. 

I have not experienced another security program like Duo Security. I don't have a way of rating it other than to say, I'm happy with how it works, and it makes my job easier. 

I'll give it a 9.25 out of ten. 

We use it for user logins for Windows workstations and Office 365. We have certain requirements for doing two-factor authentication.

Duo Security has improved our cybersecurity resilience with two-factor authentication.

Duo Security secures our infrastructure from end to end, especially in terms of what our end users are using. We get an alert if there's something unusual, which doesn't happen often, but it allows us to look at and remediate any issues. Fortunately, we haven't had any attacks that I know of, so it has been good. 

Duo Security does its job in terms of user authentication and device verification for helping to prevent identity-based attacks.

Duo Security reduces the risk of breaches. I haven't seen anything that I would switch to.

Duo Security seems to work for establishing trust for every access request, no matter where it comes from. That's something that we ask of such solutions. I don't want to have to interact with it very much.

It's pretty easy for users to figure it out. We've largely non-technical people where I am. At first, there was a little bit of a speed bump trying to get everybody to understand why we were using it, but it wasn't too bad. Everybody pretty much embraced it. Its adoption happened over a course of a couple of weeks. It was fairly smooth.

We also use Cisco Secure Email and Cisco Umbrella. It integrates pretty well with them. We haven't had any issues.

From an administrative standpoint, I'd love to see it be a little better at remembering a device and location so that I don't have to continually authenticate. That's pretty much it.

We've been using it in our company for two years.

Its stability is good. We haven't had any outages.

Its scalability is also good. We haven't had any issues expanding it to everything. 

When I've had to engage with them, which is occasionally, their support has been good for me. I know our network engineer has run into an issue here and there, but I don't specifically know why. Personally, I haven't had any problems. I'd rate them a ten out of ten. They have solved everything so far.

Positive

I was not involved in its implementation, but I know it was smooth. I didn't hear of any issues, so it was pretty simple for us.

We have a hybrid deployment.

I'm pretty sure we do most of the things through Zones. They are good. I'd recommend them.

We've seen an ROI. We had to have it. It meets our needs.

We evaluated Microsoft's two-factor authentication. Other than that, we pretty much went straight for Duo just because we were in that ecosystem already. We didn't want to embrace Microsoft stuff. This was a better fit for what we needed. We were already in the Cisco ecosystem.

The Microsoft solution was also a bit limited. We were less likely to wire other devices. It was for Microsoft products at that time, but I don't know if it's changed.

Duo Security considers all resources to be external. That was a part of the reason we adopted it. That was the main difference between the Microsoft solution and this one. We've integrated it with single sign-on. It's good.

It's a good product. We've been pleased with it. There are no complaints.

I'd rate it a ten out of ten because I don't know what's better than this.

We utilize Duo Security to mitigate phishing and other similar attack vectors in general.

Our phishing attacks have significantly decreased. The number of compromises is almost nonexistent due to the implementation of Duo Security.

Duo Security's self-service portal has definitely helped us save a couple of hours per month. 

Duo Security's ability for establishing trust is great.

The anti-phishing feature is the most valuable.

Previously, we encountered an issue with utilizing the passcode as part of the second factor; however, that has now been transformed into a feature.

I would appreciate it if Duo Security could improve its integrations with Windows Hello.

I have been using Duo Security for five years.

Duo Security is stable.

After Cisco purchased Duo Security, I was uncertain about its scalability. However, it appears that Cisco has granted them the freedom to pursue their own initiatives and has provided the necessary resources for them to achieve their goals.

The technical support is excellent.

Positive

The initial deployment took place five years ago, but during that time, we experienced some growing pains before reaching a satisfactory point.

I was not involved in the implementation, but we did seek external assistance, which proved beneficial.

We have observed a return on investment with Duo Security in terms of anti-phishing and breach prevention.

I rate Duo Security a ten out of ten.

We do not use Duo Security for end-to-end detection and remediation of threats.

Duo Security may not be the only solution available, but it is a fantastic choice.

We use Duo Security for multi-factor authentication for our VPN.

We didn't have any MFA previously. Adding that extra layer of security helps.

Duo Security has been pretty good for securing our infrastructure from end to end so that you can detect and remediate threats. We've seen several of our employees leave the country, and we see their connections trying to go through and so forth. We can either add them to allow them access or keep denying that access, and we get alerted to that. 

It is pretty good in terms of user authentication and device verification for helping to prevent identity-based attacks. Your device is preauthorized. If somebody steals your device, they still need to know your password. That works out pretty well.

Duo Security helps reduce the risk of breaches. If I had known about it sooner, I'd have got it sooner. 

The Self-Service Portal has helped free up our IT staff. Our guys spend a little time, and they can go in and look at how to do things and how to set things up. It makes things a little easier. 

Duo Security establishes trust for every access request, no matter where it comes from. We really limit where we cannot be accessed from. It helps to make sure whoever we're letting in is who they're supposed to be.

Duo Security considers all resources to be external. If you treat everything as a threat, you're safer that way.

It has helped our organization improve its cybersecurity resilience. 

It's a lot easier for our end users to connect to our network. You don't have to type in a code. You get push notifications, that's probably the best thing about it. The fewer clicks they have to do to be online, the better it is. They can easily get into the network and do remote work. 

I'd like to see it integrated into other applications. I know there are some integrations, but I haven't been able to explore that any further. 

I've been using Duo Security for about the last 18 months.

It has been awesome. It's been a ten out of ten.

I haven't had a deal with that.

That's pretty good, but we didn't have to use them for this product. In general, Cisco support has been excellent. I'd rate them a nine out of ten.

Positive

We didn't have MFA. This was our first one. We were using open-source VPN software and decided that we needed to add MFA. We didn't want to patch a bunch of different things together. Cisco AnyConnect and MFA together worked out very well. We also had a Cisco Firepower firewall, and we decided that one vendor for all of it would make it much easier. Its price was also very reasonable. It made it easy for us to make that decision.

It was straightforward. For most things that I've dealt with from Cisco, I've had to do a lot of research to find things, but with Duo Security, everything was right there for us.

We did it in-house. It was easy.

Less time is spent trying to figure things out with a bunch of different software. By having one vendor, there's not a lot of extra work that our guys have to do to keep maintaining that.

Pricing was very reasonable.

To someone researching this solution who wants to improve cybersecurity in their organization, I'd say that definitely give it a look. It's easy to set up. It was very easy for us to set up. We even had our Cisco team call us and make sure we had everything going. It was almost no effort, so it's worth a try. 

I'd rate Duo Security a ten out of ten.

We use Duo Security for multi-factor authentication.

Duo Security helps with multi-factor authentication. It gives another level of security for authentication and logging devices. It's just more secure.

It does a very good job of securing our infrastructure. It enables us to be more secure and provides another level for our users and admins.

It definitely increases security in our work environment. I've also used it at school for logging into my system there. It's good for both scenarios. It's very user-friendly.

It's very good for user authentication and device verification for helping to prevent identity-based attacks. The only thing would be if you lose your phone or something like that, then it breaks the whole setup, so it has been very successful in that.

Now that it has been implemented, it has freed up our IT staff's time. It has mostly been set up and go. We then forget about it till we have to update it.

It's very good for establishing trust for every access request, no matter where it comes from.

Duo Security considers all resources to be external which is an important aspect because of the way our network is set up. We've remote sites, and everyone at those sites also has the requirement to use Duo Security.

It's another level of the security level mechanism that we have. At this point, the way cybersecurity is going, adding more options that are not very heavy lifting for a user is very important.

The flexibility is the most valuable feature. We use it for the app on the phone. When we're at different locations, the phone is usually there, so we can use that. It has just been a very flexible option.

For upgrades, there should be a better notification of when they're coming out. We always have a testing phase, so we need to be ahead of it. It takes us longer before we can upgrade to the newest version.

I've known Duo Security for four years.

Their support is great. We use them a lot. It depends on what issues we're having, but we always get any service, so I'd rate them a ten out of ten. They're very responsive and very knowledgeable. They're more eager at points to get things figured out than we're ready to, which is good, but we have to step back.

Positive

We didn't use any other solution before. Its integration with the rest of our products probably made us go for it.

Its deployment is easy, but getting users bought in and starting to use it could be a bit difficult. That comes with any big change.

Our organization has definitely got a good return on investment on it.

I haven't seen it in a while, but it's at par with everything else licensing-wise.

Overall, I'd rate Duo Security a ten out of ten.

We use it for multi-factor authentication. That's the only use case we have now. We're not using it to its maximum capabilities but we'll use it for more functions moving forward.

Duo Security has improved our cybersecurity resilience. Multi-factor authentication gives us another layer of protection. Having another layer of security is very important for us.

Duo Security establishes trust for every access request, no matter where it comes from. This is something that's absolutely needed.

It's easy to deploy. It's easy to manage. It's easy to integrate with other applications. 

We also use it for single sign-on with Meraki and VPN access for non-Cisco firewalls, but we're now migrating to Cisco firewalls. It's easy to deploy, and it works.

I'm not using it as much as I could. So far, it has everything I need. I don't have any requirements or improvements. Everything is working smoothly, and we're happy with it.

We have been using Duo Security for about two years.

Its stability is great.

We have 1,500 users that use Duo Security. We're planning to use Duo Security for more applications, but the number of users won't increase anymore, so in terms of scalability, I don't think we'll have any issues.

We have opened some cases with Cisco for questions and things at all, and they were very helpful. They're very good. They answer questions quickly, and the people who work there are knowledgeable, so I can't complain. I'd rate them a ten out of ten because I got prompt responses and knowledgeable people.

Positive

We were using Microsoft Authenticator before, but we had a lot of problems with that, so we had to move away from that. Initially, we didn't have any multi-factor authentication, so having a multi-factor authentication for multiple applications and services that we provide helps us in making our network more secure.

You synchronize your AD with Duo Security and create all the groups for access.  You send the emails to do the deployment, and you load the cell phone numbers. That's for the end-user side, and for the firewall, we have the proxies. We're using a proxy for one of the products. Our firewall sends RADIUS requests to the proxy, and the proxy communicates to Duo Cloud. The virtual machine deployment for the process was very easy. The configuration takes a few steps, but it's easy.

We've both on-premise and cloud deployments. We're using the tool on the cloud, but we don't have any infrastructure on the cloud.

We did the deployment ourselves.

We have seen an ROI. The cost of not having it means you're vulnerable to hacking and other things. Nowadays, multi-factor authentication is required for insurance. It's a must now.

It's very simple. Its price is fair. We use the hardware tokens as well. You get what you pay for.

In terms of licensing, Cisco has very complicated products, but Duo Security was surprisingly easy. The licensing model is easy. The license is based on the intent. You can see how many licenses you have. It's one of the easiest solutions I have deployed, so I'm very happy about it. Every other Cisco product—such as switches, APs, wireless, and controllers—has a very complicated license model. The new smart license model doesn't always work. It's very complicated. The vendors will put your license somewhere else. You need to talk to vendors. It's complicated, but Duo Security licensing is simple.

We evaluated RSA, Microsoft, and Duo Security. We evaluated these three, and we realized that Duo Security had better reviews, and it was easier to deploy and cost-effective, so it made sense to use it.

Overall, I'd rate Duo Security a ten out of ten.

We use it for two-factor authentication (2FA) for accessing our portal.

From a security standpoint, 2FA is very crucial, and having a multitude of ways for consumers in your property to utilize 2FA is helpful.

Duo Security has its place in securing our infrastructure. It's great for that, but not for securing our infrastructure end to end because there's no such thing as an end-to-end cure for all the security.

It is great for reducing the risk of breaches. Having 2FA and making it simple for users, it reduces the risk of getting phished or scammed.

Duo Security considers all resources to be external, which is a good idea because everything is done in a completely untrusted model. It's absolutely important for us.

Our cybersecurity resilience has improved in one way. We were successfully able to deploy it to a base system. It's uniform across the whole property, and everyone is using it.

It's simple. It's reliable. I haven't had any issues with it.

It's fairly simple. Our end users don't have many issues with it other than getting locked out for administrative purposes, but it's not something to do with Duo Security. There might be a little slowness, but that could be my connection.

We have been using this solution in our company for about two years. I have been with the company since we started using it.

I haven't had any problems. In a worst-case scenario, there might be a little slowness, but that could be my connection. They're pretty proactive when they do have issues. I get alerts right away saying that Duo Security is having problems, and they are being looked into.

Their support is okay. They always respond. Sometimes you get really good engineers, and sometimes you don't, but at least they're there. I'd rate them a seven out of them.

Neutral

We had a few other systems. It was piecemeal. We were trying Okta at one point. We were doing demos of the products trying to find the right one. I've limited experience with them, but our security team did a full evaluation. A few times, I've seen demos, which was a while ago, they all seem to be pretty close. It's pretty tough out there. We might have been roped into Duo Security with some other deal that we did with Cisco.

I was not involved in its deployment. Our security team does most of the deployment factor on that. I do remember the provisioning process, and it seemed pretty painless. We have about 5,000 employees, and I'm sure getting the education to the users about what we're doing would have been an effort, but overall, it was pretty easy.

In terms of deployment, it's on the cloud. It's probably a hybrid cloud, but I'm not sure.

There's definitely a return on investment because one compromise can cost billions of dollars.

I'd rate Duo Security a nine out of ten. I haven't had any problems. It's great.

We actually partner with Duo Security. We use the API to send a step-up on your phone for granting access to normal doors. You can tap your physical fob card or any other device at the door, and then receive a push notification. Depending on the success or failure of the authentication, we can either grant or reject access at the door. So it provides two-factor authentication. We use Duo for that purpose, as well as for an API and our internal VPN.

However, with our product, we use Duo Security end-to-end. Duo Security has a blind spot when it comes to physical security. It doesn't cover scenarios where someone gains physical access to our network room, which involves different technologies outside of its scope. 

From my perspective, it can't be considered truly end-to-end in that regard. Nonetheless, Duo Security offers significant value for network security and VPN access. If we combine our product with Duo Security, then we can achieve comprehensive end-to-end security.

We work for businesses, B2B. So we work in the data center space. A lot of our work focuses on providing the best authentication at your access points, be it a door or a data center cabinet. 

We can integrate our device without requiring you to replace your card, so we can put our device in. You can keep your card. You don't have to replace it. You can simply tap your card, even if it's in your wallet or for home use. The process remains the same. I tap my card, receive a push notification on my phone, and then press enter to gain access. It's great because it ensures that it's actually me and not someone who found my card.

The product has helped our organization by providing easy-to-set-up security. Additionally, through our partnership, we can offer a use case that adds value to our customers. They don't have to deal with the hassle of replacing their existing systems; instead, they can extend their investment in Duo Security and apply it to their access points. This makes it easier for us to deliver value to our customers.

Having that second-factor validation with Duo, or any multifactor authentication solution, is highly important. There are numerous options available in the market. Whether it's Duo or others, the key is to have that additional layer of security. In our organization, we utilize Duo Security across various use cases, which makes perfect sense. 

With Duo Security, it is easy to get that validation you need to make sure that you have security. It's very easy to set it up. It's simple, but it's secure. For me, that's the best part.

Integration for a partner is very useful because you can work with the API or admin API, whatever it is, and get a lot of logging details and pass them to your SIM. It's very useful for that.

Duo Security provides a high level of certainty regarding the identity of the individual performing an action. Whether it's logging into a system, using VPN, or utilizing Autopay, establishing that trust is crucial. I can't imagine any security company, organization, or IT team that wouldn't prioritize having multifactor authentication enabled when accessing critical systems.

Duo's user authentication and device verification are indeed effective in preventing identity-based attacks. The second factor authentication and clarification it provides are valuable. While there are certain situations where we might desire additional data from the API, I consider that to be a minor aspect.

I have a few suggestions for improving Duo Security. One major aspect would be the ability to gather contextual data. This means being able to determine the location where someone is authenticating from and whether it aligns with their regular location patterns. While two-factor authentication with mobile devices provides a high level of security, it's still not foolproof, as someone could potentially steal your phone. It would be beneficial to have information about the authentication location. 

If a partner could obtain that data, we could implement it, or if we had our own application, we could incorporate this feature. Additionally, having the ability to customize aspects of the API or the app's appearance would be useful. For example, if you're using Duo for both VPN access and authentication, you might want a different user interface for each scenario. This way, you can easily identify if someone is impersonating you at the door or accessing your computer. These are some suggestions to enhance the functionality of Duo Security.

I have been using Duo Security for a few years. We've used Duo Security for all two-factor authentication.

Duo Security is a stable solution. 

It is a scalable solution. From what we've seen, it's pretty scalable. It's really good. In terms of when you get an API response, I don't have to keep pulling that endpoint; I just get a response back, which is better than some of the other ones that exist.

We actually have our own application that we can utilize as well. However, Duo is the prevalent one we use. As a security company, we've conducted tests on various options like Okta Verify and Duo, alongside our own solution. In the end, we opted for Duo. The decision was based on its ease of use.

Implementing Duo Security was actually quite easy. Depending on other factors involved, it could potentially be even easier. The integration process mainly requires three values: the client ID, the secret, and the integration key. It is enough to do. 

However, for layman customers, it might be easier to set it up in a different way, such as a one-click setup, to further simplify the process. This is something we can discuss and collaborate on as partners. Overall, though, the setup of Duo Security is easy to set up. 

Duo Security's add-in value lies in its access security for establishing trust for every access request, no matter where it comes from.

However, when I say "no matter where it comes from," it's not just about computer logins or VPNs; physical access requests are equally important. It covers both cybersecurity and physical security aspects. While Duo Security adds value to both areas, it's worth noting that it doesn't fully cover the physical security aspect, which is the focus of our integration. However, in terms of digital security, it is indeed effective.

Now, if someone is considering getting Duo Security, my recommendation would depend on their specific needs and reasons for wanting it. However, if their goal is to implement multifactor authentication, then absolutely, they should go for it.

Overall, I would rate the solution a nine out of ten. 

We use Duo Security for 2FA during logins.

We needed 2FA for compliance. We already used Cisco across the board, so it made sense to use the product. We benefit from using the solution. We were unaware that some users were sharing logins and doing some things that went against policies. Once we had Duo Security in place, we realized that codes were not going where they needed to, and we could sort that out. The solution is easy to use.

We have some users that don't prefer to use the app. The product could be more intuitive on the app. We have users that are a little dated in their technology adoption. Telling some of our non-intuitive users to use the app was a little struggle.

We implemented the solution about a year ago.

We haven't had any issues with the solution’s stability at all. We've had no issues with it not being compatible anywhere.

We're a pretty small shop. We have less than 100 employees, so scalability is not a huge concern because there's not a lot of growth right now. However, bundling and provisioning the tool with any device is pretty easy.

Support is good. We've had a couple of issues with the tool, and anytime we needed anything answered, we've got it resolved. Everything's been quick and reasonable. We generally expect to get answers the same day we have the problem, although it is not possible.

Positive

To my knowledge, we didn't have any issues in the rollout. We tried to phase it out over the course of a few weeks. Once we got a few of them tested, we went to the next phase. Then, we decided to go 100% with it because we saw no problems doing a stack of implementation. It was pretty good.

My organization sees an ROI on the product. If there's any attempt at a breach, then we're confident that it will be stopped.

The solution is deployed on the cloud. We're pretty sure it's on our end with the telephone system. We have set up automated phone calls to the desk phones, and sometimes they don't go through or are delayed. However, we've been looking through it and are pretty sure it’s on our telephone system.

I rate the product a seven out of ten in securing our infrastructure from end to end. It's pretty straightforward for people that have done 2FA before, but we have a lot of users that haven't. We have to do a little convincing to get them to do the additional step.

We have saved time by using the tool so that we can dedicate our time to other valuable projects. The tool’s Self-Service Portal helped us with uptime. The solution is good at establishing trust for every access request, no matter where it comes from.

We have policies for our machines and for our phones. The solution really opened our eyes to what people needed to do on their phones and what they were actually bringing to the building.

Duo Security absolutely helped our organization improve its cybersecurity resilience. Our employee and guest network are separated. However, people were bringing their personal devices and doing work-related things on them that we weren't aware of. The solution allowed us to see a little bit more of what was going on at the user level.

Duo Security was the first implementation in our organization. We did not use similar solutions before. Choosing the solution was a pretty quick process. Duo Security was the first one that we demoed. We didn't have any issues, so we went right with it. We chose it because of its ease of use and implementation. We were able to roll it out fairly quickly, so there was no reason to look elsewhere.

We had some partner companies and sister companies that were starting to have breaches. They told us that if we had 2FA, it wouldn't have been a problem.

Overall, I rate the solution a ten out of ten.