My main use case for Cisco Duo started with the MFA requirement, but nowadays it has evolved to next-level two-factor authentication and the new features of Cisco Duo. We are using and pushing partners for all of the features.

The feature I like the most about Cisco Duo is push notifications.

I find push notifications beneficial because they are easy, quick, and simple.

An example of how this feature benefits my organization is when last year, Cisco released an announcement that all distributors and partners need to use two-factor authentication for logging into CCW. We were setting up two-factor authentication, and we had two options. Cisco was giving us two options: Cisco Duo or Microsoft MFA. We chose Cisco Duo as a distributor. Everyone started to use Cisco Duo when they were logging in to CCW, and they liked it. After a while, Cisco released another announcement to extend the obligation of Cisco Duo usage for logging in, but most of the people did not stop using it. They liked it and they are still using it.

I think Cisco Duo can be improved by following the competition more closely because there are many vendors who claim they also have an MFA solution and phishing attack solutions. I know Cisco well, but I am not an expert on the other vendors. When we try to sell Cisco Duo for any license, sometimes customers approach us and say that Cisco Duo is expensive compared to competitors or that the features are not as good. Closer competition follow-up would be beneficial.

I would appreciate an additional technical feature for Cisco Duo. I think Cisco has more than 15 security solutions. Sometimes they do combinations and integrations among all of them. Cisco Duo might be able to be integrated into more Cisco solutions. For example, Cisco Duo and Umbrella are kind of sister products. That number of integrations could be increased with other solutions.

From my perspective, the pricing and licensing cost for Cisco Duo is worth it, especially if you are using Advantage or Premier. You will see the difference among all. However, from a customer perspective, most cases are just a need for MFA. They do not know the full capabilities or full features of this kind of solution, so they are just using basic MFA features or push notifications. In that case, Cisco Duo pricing is expensive compared to other simple solutions.

I think you can decrease the essential price for basic scenarios and basic cases.

I have been using Cisco Duo for more than five years.

I have not personally used Cisco Identity Intelligence, but my team is managing Cisco Duo. I have not noticed an increase in phishing attacks in my organization recently, but sometimes it happens. People try to do it, like classic spam or something.

I would say this solution is scalable for the growing needs of an organization because if you know how to use the dashboard and how to monitor it, that is definitely scalable.

For us, I have not used customer service for technical issues very often. There were really rare times when we were struggling with a couple of issues for Cisco Duo, and we opened a case with Cisco.

I remember one time the management tool crashed and kind of froze. We opened the case and they said it was a glitch and it would be resolved. It was good after about 10 or 15 minutes. Another time we could not find how to enable a feature in Cisco Duo dashboard. We asked, and they helped us.

I would rate their customer support as five out of five, or 10 out of 10.

I have not used another solution before Cisco Duo for this kind of thing.

Actually, the company has a rule for Microsoft Authenticator, but it is just an authenticator. You type the number and you log in. I cannot say it is like Cisco Duo.

I would describe the experience of deploying Cisco Duo as easy because it does not require too much from the customer's side. You do not have to do many things. You do not have to allow many functions or rules. It is not too hard, and it does not take too long.

We have not implemented Cisco Duo end-to-end phishing resistance with capabilities such as proximity verification for our company, but we did for partner environments. My technical team completed that. After that, we did not get any negative feedback, and as far as I know, they are still using it.

I am not sure about the overall return on investment. When we sell Cisco Duo to a customer, it is a subscription model, so they need to renew it, but they are not exactly measuring how many attacks or how many dangers they recover from for their organization. I cannot say if the exact ROI is good or bad because most people are not measuring it. From my perspective, it is definitely worth it.

Cisco Duo has helped reduce my organization's overall authentication-related cost.

I think it saves you at least 20 or 30 percent of your time after you get used to using it.

Looking back at my initial investment in Cisco Duo versus the total value it has delivered over time, I find that we pushed my company to buy it for internal usage. After that, people apart from the Cisco team—we are the Cisco team in Ingram Micro—but apart from our team, the employees in other teams also liked to use Cisco Duo.

Other teams are not different companies. Inside the company, there are some vendor teams, vendor-dedicated teams. We are in the Cisco team. For example, there is an HP team, a Microsoft team, and another team, and they were also using Cisco Duo because of our NFR license, but they liked it.

From my perspective, the pricing and licensing cost for Cisco Duo is worth it, especially if you are using Advantage or Premier.

An example of how this feature benefits my organization is when last year, Cisco released an announcement that all distributors and partners need to use two-factor authentication for logging into CCW. We were setting up two-factor authentication, and we had two options. Cisco was giving us two options: Cisco Duo or Microsoft MFA. We chose Cisco Duo as a distributor. Everyone started to use Cisco Duo when they were logging in to CCW, and they liked it. After a while, Cisco released another announcement to extend the obligation of Cisco Duo usage for logging in, but most of the people did not stop using it. They liked it and they are still using it.

Cisco Duo has strengthened the ability to defend against both phishing and identity-based attacks. I would rate this product a 10 out of 10.

Cisco Duo is primarily used for MFA purposes, whether for remote server login or dual login. It has not been integrated onto an application yet, but it has been integrated across all remote servers, including Windows, Linux, and heterogeneous environments with dual MFA.

We work with major cloud providers and integrate Cisco Duo wherever there is a critical workload to maintain the balance between cost and security. It is not a blind deployment everywhere.

Cisco Duo is very user-friendly. You do not need to struggle, and you do not need to teach non-technical users or executives how to use it. If you miss a device or change your phone or handheld devices, you can still reactivate on your new device very easily. It is very user-convenient, and there are many methodologies available. You can get SMS alerts, web plug-ins, and push notifications. It is available for both Android and iOS.

As long as we are clearing the audits, that confirms that we are secure enough. We have been able to convince our security auditors that we are compliant with all the laws, at least from an MFA standpoint, regarding the return on investment from using Cisco Duo.

There are some areas for improvement. Cost could be one opportunity, as if the cost is further reduced, we can increase it to the maximum user base. Since DPD is becoming very aggressive and active, especially in countries like India, once the cost is reduced, we can probably scale it to all 6,000 to 7,000 users. Right now, it is only limited to the production environment and could be extended to all applications.

Scalability could also be better if the price were reduced, as scaling is quite expensive. The account manager could reach out for the next level of expansion and offer certain premium support along with a lower cost.

The main areas for improvement regarding Cisco Duo are cost and scalability, which are directly connected.

We have been using Cisco Duo for almost more than seven or eight years.

Cisco Duo is quite stable when using it recently.

Scalability could be better if the price were reduced, as scaling is quite expensive.

Cisco's technical support is good, as in the last couple of years, we have not needed to reach out to them. Since I have not dealt with it a lot, I would rate them a six or seven in terms of support.

We used a couple of products in the past, but the main reason for not adopting them was that the convenience was not comparable. There were no such two or three methodologies through which a user could get alerts, especially push notifications. Google Authenticator is available, but it does not offer push notifications. It offers them only for Google products, but may not work for other third-party applications. Microsoft Authenticator has some capabilities, but it runs quite smoothly on the Microsoft platform but may not work on any third party. Cisco Duo is quite neutral from a product standpoint.

We ran POCs for a couple of months with Cisco Duo. After seeing the usability and user-friendliness, we slowly expanded it to a couple of users. Although it is a costly product, the features themselves enabled us to adopt it.

The deployment of Cisco Duo has been done in-house.

As long as we are clearing the audits, that confirms that we are secure enough. We have been able to convince our security auditors that we are compliant with all the laws, at least from an MFA standpoint, regarding the return on investment from using Cisco Duo.

It has not reduced the cost for authentication-related functions, but the cost remains the same. There have not been many changes in the cost. However, because of the user convenience, we are pretty good with the existing cost.

We have not deployed Duo Directory to manage user identities.

We have not implemented Duo's end-to-end phishing resistance with capabilities like proximity verification.

We are using CrowdStrike and we are not using SentinelOne.

We certainly use Cisco Duo and Cisco switches and pre-switches, but those are the products.

We are a customer of Cisco.

We are not using Cisco Identity Intelligence.

Phishing attacks in our organization have increased, which is very common. It keeps fluctuating both ways, but we have been able to mitigate this quite well.

Cisco Duo is quite easy to deploy, and I do not see much technical challenges. Any technical team can adopt it quite easily. The overall rating for this review is nine out of ten.

My main use case for Cisco Duo is to integrate with Active Directory, and I am using it for two-factor authentication.

Cisco Duo has positively impacted my organization by securing our agents using the VPN.

Cisco Duo has helped secure our agents with the VPN, ensuring they must make approvals through mobile devices to verify the person's identity.

The best features Cisco Duo offers are device discovery, which identifies whether a device is iOS or Android.

The device discovery feature helps me in my day-to-day work by assisting with our monthly check since the Android and iOS discovery capabilities identify devices without updates for specific versions. When I export the users, I can see those device versions.

Cisco Duo can be improved because people have their own personal mobile devices.

I chose a rating of nine out of ten for Cisco Duo because we missed the Duo Desktop integration, as it is not working as well as the Duo Desktop agent.

I have been using Cisco Duo for more than five years.

My advice to others looking into using Cisco Duo is that it is a great product, and I recommend it for everyone, specifically for those using Cisco Secure Client.

I am currently using Cisco Identity Intelligence, and it has helped improve my visibility into identity risk and strengthen my defenses against identity-based threats.

Cisco Duo serves as the primary multi-factor authentication solution for our company.

The simplicity and the number of integrations available in Cisco Duo are the two aspects I appreciate the most.

Cisco Duo is remarkably easy to use. You log in, receive a push notification on the Cisco Duo app, and simply confirm it to gain access. The number of integrations available is exceptional as well. I believe no other MFA service has as many integrations available, and for those who prefer not to use the app, an SMS fallback remains available.

The benefits of such simplicity in Cisco Duo are significant. Employees spend considerably less time logging in and approving logins. They do not grow tired of the multi-factor push notifications because it is easy, fast, and not repetitive, so we do not experience much attrition from it.

Cisco Duo has provided substantial value, primarily in saved time, but also in low cost because administrators do not have a significant workload with Cisco Duo. It simply works, and I believe it has been a great investment for our company.

I genuinely appreciate Cisco Duo as it is, and I value the fact that the company has been improving on identity management as well. My advice for the developers is to continue doing what you are doing because you are performing excellently. Perhaps focus even more on identity management because it can become a strong alternative to either Entra ID, Okta, or any other identity access management provider.

We have not yet deployed Cisco Duo Directory for managing user identities.

I have been using Cisco Duo for approximately five to six years, essentially as long as I have been with the company.

I have not received any negative reviews about the stability of Cisco Duo, and I do not believe we have experienced any downtime with Cisco Duo. The stability has been excellent.

Cisco Duo scales exceptionally well. Adding another user is straightforward and simple. We are a fairly small company by global standards but a fairly large one for our country, so scalability has not been an issue for us. Even if we grow twofold, it will not present a problem for management. You would not need any more engineers to manage Cisco Duo even if we scale up to 500 employees because it is so simple to manage.

The customer experience for me through using Cisco Duo has been excellent, but I cannot speak about technical support because that is handled by our engineers, and I do not have any information on that.

We also have a Microsoft group in our company and they mostly use Microsoft products, of course. So for us, as an integrator, it mostly comes down to the vendor you are working with. But my clients and most organizations in our market also often consider Microsoft products, and perhaps FortiToken or YubiKey, which is a hardware multi-factor authenticator, helpful in FIDO-related use cases.

The biggest return on investment when using Cisco Duo is time, primarily because it is so simple to use that many employees save considerable time signing in to applications and can focus on other more important tasks.

The time saved with Cisco Duo is at least a couple of minutes per day per employee. If you multiply that by over 300 employees, you can see how much time is saved and how much more time people can spend on actual projects instead of signing on.

The reason clients choose Cisco Duo is the same as mine: the number of integrations that Cisco Duo has over other solutions such as Microsoft Authenticator, and also the simplicity of management.

Being a partner of Cisco, we have many benefits price-wise, but with our customers, I believe Cisco Duo is very competitively priced, and it should remain that way because it is easier to position. Many customers are accustomed to having Microsoft products in their environment because of how Microsoft licensing operates, so having competitive pricing for Cisco Duo makes it easier to implement Cisco with customers.

My clients mostly consider Microsoft products because the Microsoft licensing system is designed in such a way as to encourage customers to consume as much of Microsoft services as possible.

There has been a considerable increase in phishing attacks recently, not just at my customers but also at our company. We attempt to mitigate that by running phishing campaigns for our customers to prepare them to react, as part of our cybersecurity portfolio.

But that is more a question for our cyber intelligence group. They have, however, been discussing mostly the use of AI in attacks and how much more sophisticated the attacks have become. Using AI also means that the attack is easier to perform, which subsequently also means there are more of them.

Companies that are considering Cisco Duo should not hesitate any longer. Simply implement it because it is a great product, and I believe it surpasses other multi-factor authentication solutions, and you will not regret it. I would rate this review 9.5 out of 10.

We primarily use Cisco Duo for MFA purposes to aggregate MFA solutions, so we don't need five different apps for MFA on our phones, which is excellent. We also link it for identity posture with other Cisco solutions.

I don't think we use that part of Cisco Duo, perhaps other teams do, but not on my side.

We do use Cisco Duo to mitigate phishing attacks and make threat defense. We have a lot of attacks; some are clearly identified and discarded before they reach our emails, although some still reach our email. There are a lot of phishing attacks for us internally and for our clients.

The features of Cisco Duo that I have appreciated so far include the seamless integration with many MFA features, so we can correlate everything in one app and don't multiply MFA apps, which is excellent.

Cisco Duo helps our company by allowing us to manage many internal solutions we use efficiently. If every hundred solutions we use each had a different MFA app, we simply couldn't manage that on our phones; it would be too complicated. For security purposes, we want a real posture approach for our MFA to correlate who has access to what, making it easy for our internal security team to give access to those who can access the app.

An improvement for Cisco Duo would be a simplification of the licensing model since it's quite complicated to know what's included or not, especially now as it's part of Cisco Secure User Suite, and there are many modifications happening regarding the licensing.

We see the licensing model for Cisco Duo as favorable for our company since we are on NFR because we are a Cisco partner, so we're not exactly clients. The licensing model is quite good except for small countries like ours, where for less than 100 users, the cost is prohibitive, making it too expensive for small companies.

Since I entered my current company, I have sold Cisco Duo to our clients, and inside our company, we use Cisco Duo as our MFA solution for some solutions we have running in our labs and also production solutions we have internally. It has been four years now.

We don't have any complaints about the stability and reliability of Cisco Duo; it is quite reliable.

I am not in charge of customer service and technical support for Cisco Duo as it is managed by our technical team, but overall for Cisco, we are quite happy. I had a licensing problem last week that was solved in about two hours, so I am always satisfied.

I'm not on the technical part of Cisco Duo's deployment process, so I don't deploy it myself, but I think our engineers are quite happy about it, and I haven't received negative feedback on that.

The biggest return on investment for me when using Cisco Duo is gaining time, as I don't have to look at ten different MFA apps, and I know it will work. On a daily basis, I could say I save around ten minutes not searching for the correct app, and if we multiply that by the number of days I work, it amounts to hours and even maybe days over the years, so that's excellent.

Regarding pricing, setup cost, and licensing for Cisco Duo, I find it's not cheaper or more expensive than other products. We do have to pay sometimes for quality, but it's not an outrageous price, so I think it's at the right spot.

My company considered some other solutions before choosing Cisco Duo, but I am not sure if I can disclose them.

The biggest difference I see between those solutions and Cisco Duo is the integration with the other Cisco features like ICE.

I am not currently using Cisco Identity Intelligence, and I am not sure if it is part of ICE.

In my opinion, the spike in phishing attacks happens because AI simplifies it for hackers and malicious people to create attacks, as it's really easy for them to copy a website or an email that looks like an official Microsoft or other email and they can mass scale their attacks with ease, so it's not manual operations anymore, and they can generate thousands of attacks each day.

I have not implemented Duo's end-to-end phishing resistance with capabilities such as proximity verification internally.

I have not deployed Duo Directory to manage user identities, as I think it's linked to our AD.

Whether Cisco Duo has helped my company reduce its overall authentication-related costs, I don't know, but the ease of operation is definitely there. Cisco Duo makes everything easier.

I haven't heard any real complaints or gossip about the deployment.

I think the questions regarding my experience using Cisco Duo were quite exhaustive.

I would rate this review an eight out of ten.

I have primarily used Cisco Duo for Identity and Access Management, especially when clients have extensive identity footprints scattered across different business units or locations, with each location maintaining its own Identity and Access Management system. Centralizing all of that into one single pane of glass as a centralized IAM solution has been the primary motivation. During the COVID period in 2020 and 2021, remote access VPN usage increased significantly because everyone was working from home. The ability of remote access VPNs to integrate with identity was a major challenge we were struggling with at that time. Moving to a single centralized pane of glass to create entitlements, role-based access controls, and then hooking those into the VPN or VPN access solution was the primary motivator for most of my clients. For a couple of clients, I ran assessments to identify gaps, improvements, and the policies that needed to be configured and tightened.

I worked in the past with Cisco XDR, but not lately. We are primarily relying on Microsoft Defender for our EDR, and for a couple of other subsidiaries, we have Palo Alto XDR, not Cisco. I understand how that solution works, but we did not deploy it extensively because market adoption is lean. Cisco Secure Access is definitely something we use as SSC, Secure Service Edge, for internet bound connectivity, integrated with Cisco Umbrella.

Cisco Duo is not doing anything that competitors are not doing. I have worked on Okta as well, and Microsoft Entra ID has really improved. The primary benefit of Cisco Duo is if you already have an extensive footprint of Cisco products, such as Cisco Secure Access, Cisco Secure Firewalls or Firepowers, or Cisco Umbrella deployments, then it becomes very easy to integrate these products together so they work hand-in-hand with deep integration.

Cisco Duo offers phishing resistant IAM and multifactor authentication (MFA), which relies on Cisco Talos Threat Intelligence sharing to enrich Cisco Duo with all threat feeds. This provides pinpoint accuracy to determine what is malware or malicious and what is safe.

Identity intelligence is analogous to what Okta or Entra ID does with conditional access. It gives you a complete view of whether a particular user who seems legitimate is actually supposed to get access to applications or not. You can control access and curtail access depending upon the behavior of a user.

MFA is mandatory, and there are multiple ways you can implement it. Phishing resistance is critical because even if a user's account has been compromised, the tool regularly tracks how that particular user accesses applications and where they do it from, creating a baseline. If there is a deviation, which would definitely be the case if the user or user identity is compromised, it asks for step-up authentication or curtails access to the application. This end-to-end phishing resistance feature definitely has an impact on the company's security posture.

The primary issue is adoption. When I used to work for Deloitte, I did consulting and advisory for at least 95 of the 100 Fortune 100 companies. The number of enterprises using Cisco Duo was considerably lower and definitely not at the median. There are other tools that integrate better or whose integrations are not dependent upon SaaS vendors and SaaS applications. This could be related to how the product is positioned or how other companies are doing better with their sales. If a product is not being adopted by a very large footprint of enterprises, you need to start asking questions. Cisco Duo is definitely not doing things that others are not doing, so there is no unique selling proposition. It is definitely doing all the things that others are doing, but the adoption for other vendors is definitely better. I would compare Cisco Duo to Okta and to some extent Azure Entra ID, because Azure Entra ID has picked up very well with conditional access policies and Identity and Access Governance. Azure Entra ID also has integrations with SailPoint, which Cisco Duo does in full transparency. The issue is that Cisco Duo is not being adopted by a very large set of enterprises.

I worked on Cisco Duo from 2019 through 2020 and on and off until around three and a half to four years total.

Cisco Duo is fairly stable. They send out scheduled downtime windows for backend maintenance, but it is very well planned. The UI will not be available during this time, so any configuration or operational work needs to be scheduled around these windows. This approach is in line with what other vendors are doing. No significant issues exist. There used to be bugs in the initial days, but they have been taken care of. Every single product has some instability in the initial days, but towards the end of last year, it was not a big deal.

It is Cisco's responsibility to take care of scalability. We have an account manager whom we have always used, and we would inform them that we were going to add 50,000 identities and ask them to ensure that their backend was capable of handling it. We would also inform them about a few hundred thousand login requests over a certain duration, and they would take care of it. We have never faced any challenges where resources were not available.

I would rate Cisco Duo's customer service around seven. Level one support appears to be outsourced. There are different Cisco badges, and they outsource level one support to other people before taking it over from level two. For one of our bank clients with a very premium contract and smart licensing, they provided better support. The level of support you receive depends on whether you are okay with partner-enabled support or if you want premium customer support. It is fair because it is very rare that your service will not be available. I rate them as seven because sometimes level one engagements take time to get those people to the right part of the issue, as they ask basic questions like tenant ID and continue with W-H questions, which takes longer.

The setup is very straightforward. You get assigned a tenant and log into it, then integrate it with your existing Identity and Access Management solutions. For a brownfield deployment, this adds complexity, whereas for a greenfield deployment, the process is simpler. For a greenfield setup, you just start creating identities and send out auto-enrollment emails to the users who need to be onboarded. You need to do some domain verification in the beginning. It is up and running in a matter of two to three hours. The way you integrate and migrate it definitely depends upon the complexity of the environment and enterprise. If you have 100 different identity stores in different regulatory regions and countries with different regulatory requirements, this definitely adds complexity. However, this is not unique to Cisco Duo but applies to any vendor. For my deployment, we were able to get it up and running in a matter of a few hours on day zero and then keep expanding it over the following days.

For one of my clients, the ROI was somewhere between 25 to 27 percent in year one. We had a lot of things planned for the next year, but that was taken over by D2 operations teams. Year one definitely yielded around 26 to 27 percent in savings. The cost of benefits from a better risk posture or no compromises is definitely very difficult to estimate because that is more about understanding probability, so I would not say those theoretical numbers are close to reality.

For a couple of clients, they were able to get good deals because they were already a Cisco shop in the past. Cisco Duo came in more as an additional feature, which was counted as a new feature purchase, and this brought down the cost that the client had to invest. Cisco is smart with bundling, as you get multiple tools from Cisco that come in as add-ons and you get very good pricing. For clients using on-premises Active Directory as a source of truth, we were able to move all of those to Cisco Duo, which is SaaS and cloud managed. You do not need to maintain virtual machines, expensive servers, or redundancies, which definitely brings cost savings. You are able to remove all of that additional expense, and you also do not need to manage those anymore, so all of that goes away. Ease of management and lowering cost with regards to maintaining infrastructure are definite wins, though these are not unique to Cisco Duo but typical of SaaS-based Identity and Access Management solutions. All of these factors weigh in to give you a decent ROI. With regards to security, you are getting better security than traditional solutions, which is a win-win.

My overall experience with Cisco Duo comes from working on the product from 2019 through 2020 and on and off for around three and a half to four years total. I am a service provider for Cisco as an MSP. My role was a partner as part of a couple of our SGOs in Deloitte. We had an alliance partnership where we offered services, advised, implemented, and operated for clients. We also worked with Cisco to package different solutions and position them to clients after running assessments to improve their security posture.

Cisco Duo can be used for centralizing identity and access management across different business units and locations, integrating remote access VPN with identity systems, creating role-based access controls, implementing MFA and phishing resistant authentication, and conducting security assessments to identify gaps and improve security posture.

Some positive features about Cisco Duo include deep integration with other Cisco products, phishing resistant MFA with Talos Threat Intelligence enrichment, identity intelligence for behavioral analysis and access control, cloud-based SaaS delivery eliminating on-premises infrastructure costs, and stable performance with well-planned maintenance windows.

Cisco Duo has not been adopted by a very large set of enterprises compared to competitors like Okta and Azure Entra ID, which represents a significant area for improvement. The overall review rating I would give for Cisco Duo is seven.

Cisco Duo's main use case is with Federal, specifically a version for the government, positioned side-by-side with Okta. Originally, it was implemented with the Department of Defense, which ran the traditional Oracle IAM. Someone convinced them that the Oracle IAM was obsolete, so they decided to reverse engineer the entire system. The migration involved reverse engineering the Oracle IAM into Cisco Duo and Okta, transitioning from on-premises to the cloud while maintaining integration with Oracle Cloud due to their heavy investment in Oracle Cloud for EBS, HCM, and enterprise ERP systems.

The best features of Cisco Duo include easy integration. I could do a lot of things with Cisco Duo comprehensively. Multiple types of MFA are available, and the fact that it passed the certification with the Department of Defense gave Cisco Duo an A+.

I use Cisco Duo's Advanced Identity Threat Detection and Response feature, which includes all the necessary counterparts. It has the intelligence to detect threats, performs risk assessment, and then provides a score to determine whether someone is legitimately attempting to sign in.

This feature has been helpful because it validates while maintaining trust. The trust but verify design principle is fundamental. Cisco Duo includes the Zero Trust Architecture, where everything lists a privilege, and from there, Privileged Access Management applies. If you want to elevate someone and give them additional privileges, the system handles that process.

I have not had the chance to rate Cisco Duo's support because I pass my documentation to the group responsible for creating tickets, as being a contractor, I don't have the account permissions to create tickets myself. I document everything with screenshots and pass it along. Based on what I heard regarding their response, Cisco Duo's support is pretty good. They are responsive and accurate in their responses, and they do their homework. This is one thing I now observe as a stark contrast with Oracle, where the support experience is terrible. You need to create a ticket, and then I have to call back and create another ticket just to monitor the first ticket. With no responses on those two, I had to create a third ticket to monitor the second ticket. I created about 33 tickets on this IAM thing because there was an intermediary, Accenture Federal. I created about 33 tickets just to monitor the previous tickets, and no resolution was given. I came up with my own solution.

I am not involved with Cisco Duo's pricing, so I am the person where they said, 'We bought this product, go ahead and do your magic.'

I was introduced to Cisco Duo when I worked for University of Massachusetts in 2012. I have had multiple projects since then because I have encountered clients with all kinds of IAM. One group does not want to give up their IAM because it works well with their application.

Cisco Duo is stable and reliable in my opinion. The fact that it goes into production means it goes through the ATO process, where everybody tests it and different groups conduct their own testing. I have not encountered any issues unless we patch the environment. The only downtime I have encountered is during patching, but that is not due to Cisco Duo. That is part of the maintenance standard operating procedure.

Cisco Duo is pretty scalable.

Based on what I heard regarding their response, Cisco Duo's support is pretty good. They are responsive and accurate in their responses, and they do their homework.

The main differences between Cisco Duo and Okta for IAM solutions are that Okta does not have an exclusive product tagged as Federal. It depends on the person designing it. The way I made Okta comparable with Cisco Duo Federal is by attaching it to CAC, which is used by the military as military ID. That is the only way it becomes federal level because you are using another form of identification. With Cisco Duo, it is embedded within the system. However, somehow, the Department of Defense got sold on the idea that Okta is the way to go. Gradually, Cisco Duo is there because of Cisco. The name Cisco behind it makes it a really powerful product.

I have experience with Cisco Duo across different IGA and IAM security products including Oracle IAM, Okta, SailPoint, Ping, Cisco Duo, Active Directory, and Entra ID, which is Microsoft's offering.

My experience with Cisco Duo's strong security authentication system has been good. It is seamless and easy to integrate. It is flexible.

Cisco Duo's IAM is evolving because it now includes AI. I am not sure if I have fully used OAuth, the authorization component. I think it is there, but I just have not fully played with it. The OAuth, OpenID, and SAML are all present, but this IAM is evolving.

I have not had the chance to use Cisco Duo's conversational AI interface for administration tasks. Everything now is AI-enabled, but the government is very cautious about that. It is a switch that you can turn off and turn on if you want it.

The passwordless environment has been the subject of a huge debate about passwords. I even gave a presentation with the Department of Energy, and they did not like the way I presented it. I made a joke and said, 'With passwords, you need to extract the blood of the person you want to authenticate, aside from the password,' and they did not like that. They said it was too bloody. With passwordless authentication, FIDO 1, 2, and 3 are the direction everything is going. Everything is keys now, anywhere, and tokens. That is why Oracle IAM was dropped from the equation.

Cisco Duo is hybrid. First, they want to see it on-premises, and from there, it evolves because of the way things are deployed. They start with the application, the databases are on-premises, and then the applications are moved to the cloud. That becomes a hybrid situation, and then one by one, the databases are transported to the cloud.

When you work on government projects, everything is there with Cisco Duo. AWS, Azure, GCP, and Oracle FedRAMP are all available. It is multi-cloud.

I would rate this review a 9 overall.

I usually work with clients in the financial sector. Many of those clients need to meet certain security requirements that are mandated by their auditor or recommended by their auditor, which is dual multifactor authentication. That is usually the reason why they first look at Cisco Duo, and then I pitch Cisco Duo to those customers for authentication into most of their financial applications as well as VPN access.

It is very commonly used for VPN access.

I think seamless login, as well as less administrative overhead in terms of managing users and their login credentials and passwords, and tighter security are valuable.

The main thing is it helps the customers meet their security requirements.

Cisco Duo is very easy to deploy. The documentation is very thorough, which makes deployment straightforward.

The only area I could think of is support for more applications. Cisco Duo already covers a wide range of apps, especially the common ones, but there is always room to add more.

I have 27 years of experience in this field. I have been using Cisco Duo for two years.

Cisco Duo has excellent stability, as is usual with Cisco products.

I work for a company that is a Cisco Duo reseller, so scalability has not been an issue.

The customer service has been excellent.

I have never used a previous solution before Cisco Duo.

Since the company I work for is a Cisco Duo reseller, I did not need an external implementation team.

The return on investment is positive and is not a problem.

Compared to other vendors, Cisco Duo is on the pricey end. However, the other vendors do not have the wide range of features that Cisco Duo offers.

There are no alternate solutions that I can think of.