We primarily use Cisco Duo for MFA purposes to aggregate MFA solutions, so we don't need five different apps for MFA on our phones, which is excellent. We also link it for identity posture with other Cisco solutions.

I don't think we use that part of Cisco Duo, perhaps other teams do, but not on my side.

We do use Cisco Duo to mitigate phishing attacks and make threat defense. We have a lot of attacks; some are clearly identified and discarded before they reach our emails, although some still reach our email. There are a lot of phishing attacks for us internally and for our clients.

The features of Cisco Duo that I have appreciated so far include the seamless integration with many MFA features, so we can correlate everything in one app and don't multiply MFA apps, which is excellent.

Cisco Duo helps our company by allowing us to manage many internal solutions we use efficiently. If every hundred solutions we use each had a different MFA app, we simply couldn't manage that on our phones; it would be too complicated. For security purposes, we want a real posture approach for our MFA to correlate who has access to what, making it easy for our internal security team to give access to those who can access the app.

An improvement for Cisco Duo would be a simplification of the licensing model since it's quite complicated to know what's included or not, especially now as it's part of Cisco Secure User Suite, and there are many modifications happening regarding the licensing.

We see the licensing model for Cisco Duo as favorable for our company since we are on NFR because we are a Cisco partner, so we're not exactly clients. The licensing model is quite good except for small countries like ours, where for less than 100 users, the cost is prohibitive, making it too expensive for small companies.

Since I entered my current company, I have sold Cisco Duo to our clients, and inside our company, we use Cisco Duo as our MFA solution for some solutions we have running in our labs and also production solutions we have internally. It has been four years now.

We don't have any complaints about the stability and reliability of Cisco Duo; it is quite reliable.

I am not in charge of customer service and technical support for Cisco Duo as it is managed by our technical team, but overall for Cisco, we are quite happy. I had a licensing problem last week that was solved in about two hours, so I am always satisfied.

I'm not on the technical part of Cisco Duo's deployment process, so I don't deploy it myself, but I think our engineers are quite happy about it, and I haven't received negative feedback on that.

The biggest return on investment for me when using Cisco Duo is gaining time, as I don't have to look at ten different MFA apps, and I know it will work. On a daily basis, I could say I save around ten minutes not searching for the correct app, and if we multiply that by the number of days I work, it amounts to hours and even maybe days over the years, so that's excellent.

Regarding pricing, setup cost, and licensing for Cisco Duo, I find it's not cheaper or more expensive than other products. We do have to pay sometimes for quality, but it's not an outrageous price, so I think it's at the right spot.

My company considered some other solutions before choosing Cisco Duo, but I am not sure if I can disclose them.

The biggest difference I see between those solutions and Cisco Duo is the integration with the other Cisco features like ICE.

I am not currently using Cisco Identity Intelligence, and I am not sure if it is part of ICE.

In my opinion, the spike in phishing attacks happens because AI simplifies it for hackers and malicious people to create attacks, as it's really easy for them to copy a website or an email that looks like an official Microsoft or other email and they can mass scale their attacks with ease, so it's not manual operations anymore, and they can generate thousands of attacks each day.

I have not implemented Duo's end-to-end phishing resistance with capabilities such as proximity verification internally.

I have not deployed Duo Directory to manage user identities, as I think it's linked to our AD.

Whether Cisco Duo has helped my company reduce its overall authentication-related costs, I don't know, but the ease of operation is definitely there. Cisco Duo makes everything easier.

I haven't heard any real complaints or gossip about the deployment.

I think the questions regarding my experience using Cisco Duo were quite exhaustive.

I would rate this review an eight out of ten.

Cisco Duo's main use case is with Federal, specifically a version for the government, positioned side-by-side with Okta. Originally, it was implemented with the Department of Defense, which ran the traditional Oracle IAM. Someone convinced them that the Oracle IAM was obsolete, so they decided to reverse engineer the entire system. The migration involved reverse engineering the Oracle IAM into Cisco Duo and Okta, transitioning from on-premises to the cloud while maintaining integration with Oracle Cloud due to their heavy investment in Oracle Cloud for EBS, HCM, and enterprise ERP systems.

The best features of Cisco Duo include easy integration. I could do a lot of things with Cisco Duo comprehensively. Multiple types of MFA are available, and the fact that it passed the certification with the Department of Defense gave Cisco Duo an A+.

I use Cisco Duo's Advanced Identity Threat Detection and Response feature, which includes all the necessary counterparts. It has the intelligence to detect threats, performs risk assessment, and then provides a score to determine whether someone is legitimately attempting to sign in.

This feature has been helpful because it validates while maintaining trust. The trust but verify design principle is fundamental. Cisco Duo includes the Zero Trust Architecture, where everything lists a privilege, and from there, Privileged Access Management applies. If you want to elevate someone and give them additional privileges, the system handles that process.

I have not had the chance to rate Cisco Duo's support because I pass my documentation to the group responsible for creating tickets, as being a contractor, I don't have the account permissions to create tickets myself. I document everything with screenshots and pass it along. Based on what I heard regarding their response, Cisco Duo's support is pretty good. They are responsive and accurate in their responses, and they do their homework. This is one thing I now observe as a stark contrast with Oracle, where the support experience is terrible. You need to create a ticket, and then I have to call back and create another ticket just to monitor the first ticket. With no responses on those two, I had to create a third ticket to monitor the second ticket. I created about 33 tickets on this IAM thing because there was an intermediary, Accenture Federal. I created about 33 tickets just to monitor the previous tickets, and no resolution was given. I came up with my own solution.

I am not involved with Cisco Duo's pricing, so I am the person where they said, 'We bought this product, go ahead and do your magic.'

I was introduced to Cisco Duo when I worked for University of Massachusetts in 2012. I have had multiple projects since then because I have encountered clients with all kinds of IAM. One group does not want to give up their IAM because it works well with their application.

Cisco Duo is stable and reliable in my opinion. The fact that it goes into production means it goes through the ATO process, where everybody tests it and different groups conduct their own testing. I have not encountered any issues unless we patch the environment. The only downtime I have encountered is during patching, but that is not due to Cisco Duo. That is part of the maintenance standard operating procedure.

Cisco Duo is pretty scalable.

Based on what I heard regarding their response, Cisco Duo's support is pretty good. They are responsive and accurate in their responses, and they do their homework.

The main differences between Cisco Duo and Okta for IAM solutions are that Okta does not have an exclusive product tagged as Federal. It depends on the person designing it. The way I made Okta comparable with Cisco Duo Federal is by attaching it to CAC, which is used by the military as military ID. That is the only way it becomes federal level because you are using another form of identification. With Cisco Duo, it is embedded within the system. However, somehow, the Department of Defense got sold on the idea that Okta is the way to go. Gradually, Cisco Duo is there because of Cisco. The name Cisco behind it makes it a really powerful product.

I have experience with Cisco Duo across different IGA and IAM security products including Oracle IAM, Okta, SailPoint, Ping, Cisco Duo, Active Directory, and Entra ID, which is Microsoft's offering.

My experience with Cisco Duo's strong security authentication system has been good. It is seamless and easy to integrate. It is flexible.

Cisco Duo's IAM is evolving because it now includes AI. I am not sure if I have fully used OAuth, the authorization component. I think it is there, but I just have not fully played with it. The OAuth, OpenID, and SAML are all present, but this IAM is evolving.

I have not had the chance to use Cisco Duo's conversational AI interface for administration tasks. Everything now is AI-enabled, but the government is very cautious about that. It is a switch that you can turn off and turn on if you want it.

The passwordless environment has been the subject of a huge debate about passwords. I even gave a presentation with the Department of Energy, and they did not like the way I presented it. I made a joke and said, 'With passwords, you need to extract the blood of the person you want to authenticate, aside from the password,' and they did not like that. They said it was too bloody. With passwordless authentication, FIDO 1, 2, and 3 are the direction everything is going. Everything is keys now, anywhere, and tokens. That is why Oracle IAM was dropped from the equation.

Cisco Duo is hybrid. First, they want to see it on-premises, and from there, it evolves because of the way things are deployed. They start with the application, the databases are on-premises, and then the applications are moved to the cloud. That becomes a hybrid situation, and then one by one, the databases are transported to the cloud.

When you work on government projects, everything is there with Cisco Duo. AWS, Azure, GCP, and Oracle FedRAMP are all available. It is multi-cloud.

I would rate this review a 9 overall.

I usually work with clients in the financial sector. Many of those clients need to meet certain security requirements that are mandated by their auditor or recommended by their auditor, which is dual multifactor authentication. That is usually the reason why they first look at Cisco Duo, and then I pitch Cisco Duo to those customers for authentication into most of their financial applications as well as VPN access.

It is very commonly used for VPN access.

I think seamless login, as well as less administrative overhead in terms of managing users and their login credentials and passwords, and tighter security are valuable.

The main thing is it helps the customers meet their security requirements.

Cisco Duo is very easy to deploy. The documentation is very thorough, which makes deployment straightforward.

The only area I could think of is support for more applications. Cisco Duo already covers a wide range of apps, especially the common ones, but there is always room to add more.

I have 27 years of experience in this field. I have been using Cisco Duo for two years.

Cisco Duo has excellent stability, as is usual with Cisco products.

I work for a company that is a Cisco Duo reseller, so scalability has not been an issue.

The customer service has been excellent.

I have never used a previous solution before Cisco Duo.

Since the company I work for is a Cisco Duo reseller, I did not need an external implementation team.

The return on investment is positive and is not a problem.

Compared to other vendors, Cisco Duo is on the pricey end. However, the other vendors do not have the wide range of features that Cisco Duo offers.

There are no alternate solutions that I can think of.