Cisco Duo - Advantage Edition

My main use case for Cisco Duo is authentication. Currently, I am only using Cisco Duo for authentication, which is the first piece. I cannot comment on the whole architecture because I don't work on that team. I would say I'm using Cisco Duo as an added security layer.

I can only talk to the human identities because that's the use case I have seen. I don't think we have, or at least I don't know if we have deployed it for the agentic use case.

The feature I like the most about Cisco Duo is the iWatch.

The benefit of using Cisco Duo's features for my organization is better security. We don't have to worry about changing passwords very often and things of that nature. Overall, it improves our security posture.

To improve Cisco Duo, wherever the team can try to reduce the number of clicks an end user needs to go through to authenticate would be good. Otherwise, I think it's pretty flawless.

I have been using Cisco Duo for maybe six years.

In all my years of using Cisco Duo, I've had maybe a couple of issues here and there, but there are so many different options to authenticate using Cisco Duo, so if one is not working, I can always revert to another. Thus, we've been able to work around things, and they come back up pretty soon as well. I think it has performed better than any other cloud platform.

Cisco Duo has scaled well with the growing needs of my organization, and because it's a cloud-based platform, we haven't really had any issues scaling the solution. It's been fairly seamless.

I'm sure Cisco Duo's customer service and technical support are great, but I haven't had to call them, which is a good thing.

On a scale from one to 10, I would rate Cisco Duo's customer service and technical support a 10 just because I haven't had to use them, but I'm sure they are top-notch because they are a Cisco-based company.

Prior to adopting Cisco Duo, I don't think we used anything else beforehand in my company, but I've used other products whenever I've accessed things that other companies are hosting. I've used Okta and Microsoft, which are not very seamless compared to Cisco Duo.

I was not part of the deployment team, so I can't really comment on that, but as an end user, my experience with Cisco Duo was pretty seamless.

Cisco Duo has definitely improved my operational efficiency and reduced costs in areas like authentication and IT support, as evidenced by a reduction in security tickets since we don't see too many password change requests or forgotten password calls anymore. Everything is Cisco Duo authenticated these days, so that has been a very positive change.

If Cisco Duo were removed, I guess we will have to use an inferior product from somebody else. I don't know how that's going to impact the end-user experience, but it's probably going to be worse.

I'm not sure exactly how Cisco Duo has helped our organization become more resilient to phishing attacks, so I'm probably not the right person to ask that question. But I'm guessing because most of our apps are secured behind Cisco Duo for authentication, that helps overall with phishing.

Before implementing Cisco Duo, I was concerned about increasingly sophisticated phishing or credential-based attacks, but because Cisco Duo keeps up with all those threats and things of that nature, we feel fairly secure using Cisco Duo.

As my organization adopts and deploys AI agents, most of the platforms we are deploying are secured behind Cisco Duo authentication. I'm not sure if deploying the agents includes Cisco Duo for those agents or not, but all those platforms we are using are secured behind Cisco Duo for authentication.

Looking back, Cisco Duo has helped me evolve my IAM strategy from simple authentication to a more comprehensive identity security platform, though right now, the only use case I know is more human identification purposes. I'm pretty sure my company is looking into deploying it for agentic AI as well. Cisco Duo has helped me evolve my IAM strategy.

When evaluating my identity strategy, I was not looking for a standalone MFA tool but rather a comprehensive identity security platform. I'm pretty sure we selected Cisco Duo because of its capabilities, not just for authentication, but for the overall solution. I think Cisco Duo represents more of a comprehensive security solution rather than just a standalone MFA tool.

The end-user experience stood out to me in my evaluation process, which is why my company selected Cisco Duo. The key capabilities beyond MFA that led me to choose Cisco Duo as my primary identity security partner include the end-user experience and the MFA piece, as well as the fact that Cisco has many other security solutions and is a very trusted company. That helps the overall story because all the other solutions work seamlessly together, making Cisco Duo a great solution.

We have expanded our usage of Cisco Duo. On a scale from one to 10, I would rate Cisco Duo overall a 10 and advise other organizations to go for Cisco Duo. They've been solid over the years, and they innovate and come up with better security every time. I would give them a 10 out of 10. I would also say don't compromise on such a crucial security posture item by getting something that's free but also far less secure, like Microsoft. My overall review rating for Cisco Duo is 10 out of 10.

My main use case for Cisco Duo is authentication.

The feature I like the most about Cisco Duo is App Push.

Cisco Duo's App Push feature allows me to authenticate from my Apple Watch.

Cisco Duo has improved my operational efficiency and reduced costs in areas such as authentication, IT support, and security operations, as the ability to use App Push eliminated the need for text messages and additional costs for messaging, also lowering IT support costs because of the simplicity for the end-user experience.

I cannot think of any improvements or additional features that should be included in the next release of Cisco Duo.

However, I would say that Microsoft is somehow making it harder for Cisco Duo to do its job seamlessly with some of the hooks that Microsoft has in the OAuth connection.

I have been using Cisco Duo for 15 years.

I have not experienced any downtime, crashes, or performance issues with Cisco Duo.

Cisco Duo scales well with the growing needs of my organization, as the fact that Cisco is continuing to invest in Duo and bring things such as agentic authentication to the table allows us to continue using Cisco Duo.

I am not aware of any expanded usage of Cisco Duo yet.

Prior to adopting Cisco Duo, I was not using another solution to address similar needs, as Cisco Duo was the first two-factor authentication that I am aware of us using.

As my organization adopts and deploys AI agents, we have a team tackling the issue of agentic IAM to ensure that these non-human identities are secure, and Cisco Duo is a key part of the authentication strategy.

Cisco Duo has improved my operational efficiency and reduced costs in areas such as authentication, IT support, and security operations, as the ability to use App Push eliminated the need for text messages and additional costs for messaging, also lowering IT support costs because of the simplicity for the end-user experience.

I do not recall what other solutions we were considering before selecting Cisco Duo, but I think we made a good choice with Cisco Duo.

Microsoft was not one of those we considered; my search predates Microsoft's offerings in identity.

If Cisco Duo were removed, the impact on my ability to manage and secure access across my entire identity ecosystem would be that I would have to use something else.

I have no idea what steps my organization has taken to become more resistant to phishing attacks, and I am unsure how Cisco Duo's broader security approach has contributed to that effort.

I have no idea what types of phishing or credential-based attacks I was concerned about before implementing Cisco Duo, and I do not know how those threats have evolved.

Thus far, to my knowledge, we are using Cisco Duo primarily for human users, and I do not know that we have started for agentic users.

Cisco Duo has helped me evolve my IAM strategy from simple authentication to a more comprehensive identity security platform, as the more capable platform offers us more capable features.

When evaluating my identity strategy, I was initially looking for a point product, but as Cisco Duo has evolved from a point product into more of a platform, it has become more useful.

I rate this review a 10.

Cisco Duo's main use case for us is dual authentication.

The security side of Cisco Duo is what I appreciate the most. Cisco Duo's authentication means people cannot get into our network without the second step.

Cisco Duo's visibility into identity-based risks improves our ability to manage the security of both human users and non-human entities, though distinguishing between them would be the hard part because from our point of view, everything appears human. However, you can often tell by the usernames that are attempted that it is not really a human.

Cisco Duo scales well with the growing needs of our organization, and we have expanded usage. Since we combined three different data centers into one, we purchased licenses for each side of it so we can log into each data center from one spot. Cisco Duo gave us that ability to do that, transitioning from one footprint to three.

Integration was probably the toughest part for us with Cisco Duo, as with any new product. We are looking at AI to integrate Cisco Duo with AI to make the integration more streamlined and user-friendly. As a network person, I am used to switching and routing. When it comes to Cisco Duo, it is more of a server setup instead of network configuration, so that was the hardest hurdle for us.

Since 1998, we have been using Cisco Duo. I believe we deployed it roughly in 2017.

I very rarely have experienced downtime with Cisco Duo. The only time that there is a holdup is when the internet connection to the phone delays the push notification, and that has really been the only issue.

My experience with Cisco Duo's customer support and technical support has been great. Anytime we have run into a hurdle where we cannot figure it out, technical support is right there and very quick. I rarely rate things at ten, so I give it a nine because I always see there is room for improvement.

For MFA, Cisco Duo was really the only thing that we had, and it was our first, so we did not have anything before it.

Our higher-ups looked at every possible avenue when selecting Cisco Duo, but it was the best fit for our topology, which is why we went with it.

My experience with Cisco Duo's deployment was minimal. I had input on it, but the team that actually did it was still part of the network team, and they do more of that kind of work. Since I am known on the switching and routing side, I had input on it, but I did not actually do it.

From my point of view, I do not see the pricing or setup cost side of it because purchasing deals with all of that. I am assuming that since they purchased it, Cisco Duo was one of the cheaper options. It also was the best fit for our network since we are mostly Cisco.

Before we got Cisco Duo, we were encountering everything from phishing to credential-based attacks. We would get global attempts where everybody would try to get into it, and it significantly reduced the volume by doing it that way. Using Active Directory accounts and then the second step with Cisco Duo made it so that they just could not get in.

If Cisco Duo were removed, it would be the old days where we just directly connected, and we do not want to do that anymore, even though it was faster and I liked it.

We use more than just Cisco Duo for phishing attacks, and we have multiple layers of different products that we use. Splunk is even one of them that we used in the past, so Cisco Duo helps with minimizing the amount of people trying to get into our network via VPN primarily.

We are not exploring AI at the moment, however, we are considering it. At the data center, we have not implemented anything with AI yet.

When evaluating our identity strategy, it came down to cost. We are cost recovery, so we have to do everything the cheapest way possible, which is why we still run seventeen-year-old products.

Cisco Duo has improved our operational efficiency, and the security side of it was really the biggest thing.

I rate Cisco Duo a nine because there is always room for improvement, no matter what.

For MFA, our main use case of Cisco Duo  is to ensure secure access.

We use Cisco Duo  for authenticating prior to connecting to VPN, integrating with our GlobalProtect , Palo Alto, and it really helps our organization.

Cisco Duo acts as a central point that integrates with our security products and tools, including our firewall.

The feature I like the most about Cisco Duo is the generated pin passcode.

If Cisco Duo were removed, it would be an issue with CJIS compliance for MFA issues, affecting our ability to manage and secure access across the entire identity of the ecosystem.

The upgrades and the updates we have with Cisco Duo, along with fixing our appliances that have the applications, have contributed to our efforts to become more resistant to phishing attacks.

The visibility of Cisco Duo into identity-based risk has improved my ability to manage the security of both human users and non-human users' identities across my environment; it is accurate, and it is a really good tool.

Looking back, Cisco Duo has helped me evolve our IAM  strategy from simple authentication to a more comprehensive identity security platform, as it is easy to manage and integrates well with our current platforms and application programs.

Cisco Duo meets both federal and state compliance as well as the CJIS compliance, which is criminal justice compliance.

For the next release, Cisco Duo could be improved by adding touchless authentication and biometric features.

I have experienced some bugs with Cisco Duo, but the patches were able to fix them; when Duo releases those patches, we can patch Cisco Duo security on the server side.

Cisco Duo really scales well with the growing needs of our organization; it has been great and excellent.

When we expanded, the process with Cisco Duo was pretty much easy; everything was done within a day, and their tech support was easier to communicate with.

With Cisco Duo, I would say their customer service and technical support is a 10; they are really good.

Overall, I would rate their customer service and technical support a 10, as they are very easy to contact when I do tickets, getting a response within an hour, and their technical support is really friendly and professional with solutions to our issues.

Prior to adopting Cisco Duo, I was not using another solution to address similar needs.

I did not consider any other solutions before selecting Cisco Duo.

As our organization adopts and deploys AI agents, we are not there yet in our sector, in the public sector, but pretty soon we will catch up, and I am pretty much sure we are going to be still using Cisco Duo.

Cisco Duo fits as an added security layer in our broader security environment.

The key capabilities beyond the MFA that led me to choose Cisco Duo as our primary identity security partner was its easy integration into our current IT infrastructure.

Cisco Duo has improved our operational efficiency and reduced costs in areas such as authentication, IT support, and security operations by enhancing our security workflows; pretty much everyone is using MFA at work, making it easy for us to see who is actually accessing our network and computers.

The best advice I can give to another organization considering Cisco Duo is that it is user-friendly and easier to integrate into an IT infrastructure.

I would rate this review a 10.

My main use cases for Cisco Duo  are providing access control, ensuring that the people who need to access resources are the appropriate people accessing them. For 2FA, I ensure bad actors are not pretending to be someone's identity with stolen credentials. It serves as a secondary enforcement for that identity check.

The features I like the most with Cisco Duo  are the push features, the SAML features, and the SSO  capabilities that allow integration with anything in my environment for SSO  and authentication.

When considering examples of how the features I have mentioned benefit my company, the biggest benefit I have seen has been with my clients. One client I had, we were able to turn the tide on a security attack that happened to them by using Cisco Duo. They were infiltrated and suffering a cybersecurity attack, what we would call a Golden Ticket attack. The Golden Ticket attack essentially means they have access to their identity and identity system and can generate new users with high permission levels. They did not have Cisco Duo before we were involved, which meant these accounts could just create a password, login, without any secondary check to confirm whether this is really the person who is supposed to be accessing these systems. We spent close to a week fighting with the bad actors. Getting Cisco Duo enabled allowed us to turn the tide in that fight. Once we were able to get Cisco Duo integrated with their Active Directory, these accounts they were trying to create were then required to authenticate with Cisco Duo, which we were the only people with access to. They did not have access to Cisco Duo, so they were not able to get into the system as deep as they were. We were able to start locking down the network piece by piece and secure our client.

If Cisco Duo were removed from my company, the biggest thing I would see is that if any credentials have been phished or leaked, without this secondary authentication method, I am opening myself up to the same kind of attack I just described. I am opening myself up to the ability for someone who has my credentials, maybe even sitting on them for a while. If I do not have a policy to make me change my password, I probably have the same password or an enumerated version of it for a while. It is very easy for someone to access my systems. Without a secondary method, 2FA is probably one of the most impactful ways, specifically with Cisco Duo, for me to be able to secure my enterprise and make sure people are not stealing my credentials and trying to access my systems maliciously.

The steps we have taken to become more resistant to phishing attacks and how Cisco Duo's broader security approach has contributed to that effort involve securing the accounts that we need to secure appropriately and being able to make it simple for our users to use. That has been the biggest win for us—allowing our users to log into their desktop. That is how we use it internally in our own company. Logging into your desktop and that one push that you authenticate takes care of everything for any other systems that we have to access. Cisco Duo integrates and carries my identity. For instance, if I am going from ConnectWise for our CRM  or if I am going into Cisco's own tools, I will use Cisco Duo just once when I am logging into my Windows PC, and it allows me to access all of these other systems because it is already integrated. It is seamless and makes it that simple because we want our employees to work more easily and get more value for us. That is absolutely possible when they are able to just get in and do their job without having to fiddle with authentication.

Before implementing Cisco Duo, I was concerned about various types of phishing or credential-based attacks, and with the rise of AI, it makes it a bit more concerning. There are also data leaks that are happening constantly. You just hear about the incidents. For instance, there was a cruise line that had around six million credentials and identities leaked. Knowing those leaks are out there allows me to lock down my credentials and ensure that even if someone does steal them, only the right person can utilize them to access the system. Additionally, it works in tandem with the ability to stop phishing attacks using a Cisco firewall. Being able to integrate it into a full platform experience for security is crucial.

I would love to see improvements around Identity and Access Management  with Cisco Duo, specifically how we can use that as a central source of truth for all of our IAM  tools, including Active Directory. I would definitely like to see more integration from that for sure.

I really want to get more hands-on with IAM  for more features within Cisco Duo. I would like to see Cisco Duo fully develop what it would look like as an IAM  service. I would love to get involved in that.

I have been using Cisco Duo for about five years.

I would assess the stability and reliability of Cisco Duo as being very high. I rate it a ten out of ten on that front. I have not seen any issues with it. I have been using it for years, and I have not experienced any downtime. I have not heard from clients complaining about it; it is rock solid.

Cisco Duo scales very easily with the growing needs of my company because I can buy as few as just a handful of licenses to get started. For example, I can pilot with privileged users and start locking them down to prevent abuse by bad actors. If I want to move into less privileged but still trusted users such as HR, it provides a roadmap if I have concerns around cost. It makes controlling the rollout process much easier.

I would describe the customer service and technical support of Cisco Duo as being very high quality. I have never been disappointed in my experience with their support. On a scale of one to ten, I would rate their customer support service as a ten because of their quick response times, the knowledge they possess, and the ease with which they resolve any issues I have encountered.

Prior to adopting Cisco Duo, I was not using another solution to address similar needs.

My experience with deploying Cisco Duo is that it is a straightforward process. It has become almost second nature for us. We can plug it in and explicitly describe to our clients how long it is going to take and the type of VM we need to install, making it a seamless and painless process.

Cisco Duo has improved my operational efficiency and reduced costs in areas such as authentication, IT support, and security operations significantly. The simplicity of having SSO enabled means I have a one-time login that follows me throughout my session. I can determine how long that session lasts, but when I log into my computer, I can access my CRM  or marketing tools or HR policies without issues. Many of these disparate SaaS tools have SAML and SSO capabilities integrated, allowing seamless access after authenticating just once. Cisco Duo is managing the authentication brokering between these different tools for us, simplifying the process and reducing the mental load on our employees.

My experience with the pricing, the setup cost, and the licensing of Cisco Duo is that it is really inexpensive in the first place, but the value that I get in return is hard to beat, especially when I consider breaches. Being able to prevent unauthorized access is invaluable. I do not know if we would have been able to stop the breach we encountered without something such as Cisco Duo to provide that secondary identity check.

I did not consider other solutions before choosing Cisco Duo as it was the option we went with. We heard about Cisco Duo, and we trust Cisco, so that is what we went with.

Cisco Duo fits into my broader security environment as part of a defense-in-depth strategy. What I appreciate about Cisco Duo is that it adds that extra layer of authentication, confirming who I am. Not only does it verify who I am, but also what I have, which would be that code or the push notification that I am approving. Cisco Duo provides another layer in the cake of securing my enterprise and serves as a natural plugin to facilitate access across whatever integrated applications I may need to access.

Cisco Duo has given me the ability to ensure that only specific people who need to access certain data are the people accessing it. They receive the push notification, and if they are not allowed to access that, they are not going to receive the push notification. It has helped us lock down access more granularly.

Cisco Duo has helped me evolve my IAM strategy from simple authentication to a more comprehensive identity security platform by ensuring that the person is who they really are. It makes sure that not only is it Sam from accounting accessing this tool, but they also have Sam from accounting's phone. It is not someone just pretending to be Sam or someone that Sam gave the credentials to. It ensures that only the right people are accessing the right resources at the right times.

When evaluating my identity strategy, I was looking for something that is simple and easy to plug in. Since we were already a Cisco partner and client, it was a natural choice and evolution for us to adopt Cisco Duo. In the experiences we have had with clients, such as the one who had the breach, it became a natural piece to ensure a simple, easy way to lock my network down and keep the bad actors out.

The key capabilities beyond MFA that led me to choose Cisco Duo as my primary identity security partner are its robust MFA functionalities. If I had to highlight something exciting that is new, I do appreciate the ability to integrate IAM as part of that. However, the key functionality remains MFA, particularly the ability to manage risky logins. It is about making sure not only does this person geographically live in the location where they are trying to access, but are they in the place they are supposed to be. For example, are they trying to access it from China, potentially compromising their Cisco Duo credentials? I would see that and receive a secondary layer of protection because Cisco Duo detects the unusual access attempt and prompts for further authentication from the administrator.

My advice to other companies considering Cisco Duo is that they should have had it in yesterday. It is essential to get all of the rich feature benefits out of it. If they are only using it as an MFA tool, they should look for ways to start integrating it into SSO to facilitate seamless authentication across SaaS or on-premises applications with that capability in Duo. Additionally, I recommend exploring features such as risky logins and ensuring they are accessing the full breadth of what they are paying for. I would rate this solution overall as a ten out of ten.