Autonomous Business Monitoring by Anodot

My main use case for Umbrella is OpenDNS. I use Umbrella with OpenDNS in my organization by ensuring that all external URLs are denied by default. When a user requests access, they raise a ticket to us and we analyze it. If it is a valid URL, we allow the request to grant access. I chose to set it up this way for cybersecurity protection, which addresses a particular challenge we face.

The best features Umbrella offers in my experience include OpenDNS and the ability to block URLs. Umbrella positively impacts my organization by protecting us from cybersecurity threats and malware. I think Umbrella can be improved regarding AI capabilities.

I think Umbrella can be improved regarding AI capabilities. I believe some tasks need to be automated, especially the repetitive tasks.

I have been using Umbrella since 2023, so it has been three years.

I don't have anything else to add about my main use case with Umbrella. So far, I don't have a specific example of how the advanced URL blocking feature has helped my team or made things easier from the support perspective. I don't wish to add anything else about the features.

I don't have specific outcomes to share, but it has been helpful so far without seeing fewer incidents or noticeable changes in security metrics since using Umbrella. Regarding Umbrella's AI capabilities, I think its governance and security are good. I find the accuracy and reliability of Umbrella's AI output to be good, with an accuracy and reliability rating of eight overall. The accuracy and reliability of Umbrella's AI output is good, and it is fine without any improvements needed. My overall review rating for Umbrella is 9.

I use Umbrella for ERP resources, like enterprise resource planning for our company on a day-to-day basis.

Umbrella helps us assist with our data analysis, such as profiling the database solutions to what our customers need.

I rate Umbrella an eight out of ten because of its diverse features. I think it has been helpful. The software itself is very helpful for companies that are into enterprise systems. It helps give you a very good modeling of what your request and your mission and vision is for your company. It helps to make the process seamless and more effective.

I wish Umbrella could make the whole process more user-friendly. It should be more user-friendly for people to be able to use because it is a bit sophisticated.

I have been using Umbrella for the past five months.

My advice to others looking into using Umbrella is to tailor it to actually know what their request is and tailor it in the same process because Umbrella is a very wide model with specifications where you could just look at what your objectives are, what your goals are, and probably tailor it to serve the purpose or the main objective of the organization. I definitely recommend Umbrella and would rate this product an eight out of ten.

Umbrella serves as my main DNS layer security and visibility tool, which is essential to the first line of defense for any outbound traffic day to day. Every DNS request is checked against Umbrella's threat intelligence before it resolves, meaning that malware, phishing, and command and control callbacks are blocked at an earlier stage. It typically fits into daily operations through web filtering and policy enforcement, enforcing acceptable use policies across the user and site, for example by blocking categories such as gambling or adult content while allowing business-critical domains. Threat protection automatically stops the connection to malicious domains, IPs, and URLs, reducing the number of incidents that reach firewall points, allowing the firewall SOC team to spend less time chasing alerts. Regarding visibility, Umbrella provides insight into traffic from laptops and mobile devices outside the corporate network, which is especially useful for distributed teams. My daily use includes reviewing Umbrella's dashboard for blocked requests, top destinations, and policy hits, with this report data often exported for compliance frameworks such as NIST or ISO. Umbrella integrates seamlessly with existing systems such as firewalls by Palo Alto, FortiGate, and Cisco ASA, not replacing them but acting as a complementary layer that reduces risks before traffic reaches those devices.

Umbrella has really helped my team specifically during a phishing campaign targeting remote users. A few employees received emails with links looking like a legitimate Microsoft 365 login page, which were crafted to bypass basic email filters. However, when users clicked them, Umbrella intercepted the DNS request and blocked the domain before the page could even load. Instead of relying on users to recognize the fake login, Umbrella's threat intelligence stopped the connection outright, preventing credential theft and saving the SOC team from having to run a full incident response cycle. This day-to-day difference shows the value of Umbrella's silent protection, which reduces downstream alerts in the firewall and SIEM team, providing confidence that even if something slips past email security, Umbrella will catch it at the DNS layer.

Umbrella fits into the workflow as a quiet backbone for security operations, providing baseline protection, reducing noise, covering the remote workforce, and enabling reporting compliance. These are key factors, as Umbrella is not something the team constantly interacts with but is woven into the workflow as a preventive visibility and driving layer, making everything downstream more effective.

The best features of Umbrella are its DNS layer security, cloud delivery, simplicity, and integrated threat intelligence, which together provide fast, reliable protection against malware, phishing, and ransomware. These features are valued most for blocking threats before connections are established, ensuring consistent security for both on-network and remote users. Key features include DNS layer security, cloud delivery protection, threat intelligence, visibility, Secure Web Gateway, Cloud Access Security Broker, Firewall as a Service, Data Loss Prevention, and Remote Browser Isolation.

Regarding how I use the Secure Web Gateway and Cloud Access Security Broker features, they extend Umbrella beyond just DNS filtering and are valuable because they give the team deeper control and visibility. Secure Web Gateway stops threats that hide behind legitimate domains or encrypted traffic, reducing reliance on decryption by catching malware at the gateway and giving confidence that even if the DNS layer allows a domain, the SWG layer will still inspect and block malicious payloads. Cloud Access Security Broker is useful for monitoring SaaS app usage, such as Office 365, Google Workspace, and Dropbox, helping identify shadow IT with employees using unsanctioned cloud apps, and enforcing policies such as blocking the upload of sensitive data to personal cloud storage. It prevents data leaks while providing visibility into cloud adoption threats across the workforce, balancing productivity with risk management. Together, SWG and CASB make Umbrella more than just a DNS filter, giving layered control over both traffic and application usage, critical in a hybrid workforce where employees continuously access SaaS platforms from different locations. In practice, SWG protects against external threats while CASB addresses internal risks such as data leaks, making them valuable to the team.

From a features point of view, I want to highlight core items that make Umbrella feel concerning a complete security platform rather than just a DNS filtering solution. Features such as Firewall as a Service, Data Loss Prevention, Remote Browser Isolation, reporting, and analytics work together with SWG and CASB to provide a layered defense model. DNS security stops threats at an early stage, while SWG inspects and filters web traffic, CASB controls SaaS usage, and prevents shadow IT, with Firewall as a Service, DLP, and RBI extending protection to border traffic and data leakage. This consolidation of multiple security functions into one cloud delivery platform reduces complexity while improving coverage, which is invaluable to the team.

Umbrella has positively impacted my organization primarily in two areas: risk reduction and operational efficiency, representing the overall positive impact. It essentially becomes a silent backbone, preventing incidents before they happen and reducing noise downstream in the firewall and SIEM. Umbrella provides measurable proof to stakeholders of improved security posture, allowing the team to spend less time firefighting and more time on proactive projects while leadership receives clear metrics showing ROI.

I see Umbrella's positive impact reflected in areas such as phishing incidents, SOC efficiency, and remote workforce coverage. For compliance and audit proof, during a phishing campaign, Umbrella blocked access to malicious domains at the DNS layer before users reached fake login pages, stopping requests instantly. This prevented credential theft and saved the SOC team from a full incident response cycle, clearly demonstrating both risk reduction and time savings. In summary, Umbrella has led to fewer incidents, faster audits, and more efficient SOC operations, with metrics that leadership can refer to as proof of ROI.

While Umbrella is strong, there are areas where it could improve based on daily use. Some aspects that my team often wishes were better include reporting depth, policy granularity, false positive whitelisting, integration with other tools, and cost considerations. Overall, Umbrella effectively blocks threats early and provides visibility, but if Cisco enhances reporting and policy flexibility and integration, it would make the platform even more powerful and reduce the need for workarounds. Improvements in reporting depth, such as enabling the team to find the root cause easily, would be beneficial, as would making reports more visually appealing with graphs and color combinations, similar to other platforms concerning Forti Manager and Palo Alto.

Regarding the needed improvements, I have noticed some key areas, particularly around integration and policy management, which tend to be pain points in daily use. Challenges include integration with third-party SIEMs, endpoint tools, SD-WAN, and managing multi-vendor firewall policies, as well as the regularity of whitelisting workflows. Although Umbrella excels at blocking threats early, if Cisco can enhance integration breadth and policy flexibility, it would alleviate frustrations for teams managing a hybrid multi-vendor environment, making Umbrella not just a strong security layer but also a smooth operational fit.

I have been using Umbrella for the last three years, which has provided me more confidence in using it, and it is a very nice product.

From my perspective, Umbrella's AI capabilities are designed with governance and security in mind, which is one reason it is trusted in enterprise environments. Governance ensures policy enforcement, shadow IT control, and compliance alignment, while the security aspect features threat intelligence at scale and adaptive blocking that reduces human error. For my team, Umbrella's AI means more than just blocking threats; it supports governed cloud usage and secures traffic intelligently. The governance side ensures compliance and visibility, while the security side guarantees resilience against evolving threats.

In summary, Umbrella's AI capabilities make it both a security shield and a governance tool, helping organizations stay compliant while reducing risk.

Regarding Umbrella's AI capabilities and the accuracy and reliability of its output, I find them generally very accurate and reliable, which is why they are trusted as the first line of defense. My overall rating for this review is nine out of ten.

My main use case for Umbrella is its effective DNS layer security against malware, phishing and ransomware threats, which helped me to centralize cloud-based management with minimal infrastructure requirement. It is easy to deploy and manage across multiple locations.

In my day-to-day work, I use Umbrella for creating DNS layers and allowing VPN, proxy, and permitting access to sites and websites.

Occasionally, Umbrella blocks main business websites, requiring recurring manual review and whitelisting. Policy changes may take some time to propagate across all the endpoints.

Umbrella has positively impacted my organization by significantly improving web security and reducing exposure.

I have noticed fewer incidents, and its security detail threats have been provisioned to be a reliable security platform that continues to provide valuable proactive threat prevention and centralized policy and performance.

The best features that Umbrella offers are for centralizing, which is easy for centralized cloud management with minimum infrastructure requirement.

The centralized cloud management from Umbrella has helped me and my team significantly, as it is easy for deployment and management across multiple locations.

Umbrella demonstrates strong governance and security capabilities, utilizing its AI-driven threat detection and web security features. The platform effectively leverages threat intelligence and automated analysis to identify and block malicious domains, phishing attempts, and emergency cyber threats. The strong security tools with AI-assisted threat detection and prevention, centralized policy management and governance across users, devices, and locations, with detailed visibility into web activity and security events are significant strengths. Integration with Cisco's broader security ecosystem enhances overall threat intelligence.

Regarding improvements for Umbrella, faster policy synchronization would improve responsiveness when business-critical sites need immediate access. Enhancement improvements such as a more customizable dashboard and reporting options would help administrators better analyze web traffic and security events. Additionally, advanced filtering and scheduled reporting would be beneficial, and improved troubleshooting tools that provide more detailed information on why a website was blocked would help IT teams resolve access issues faster. A more user-friendly diagnosis could reduce support tickets.

Regarding Umbrella's AI capabilities, its strong DNS layer security helps block malware, phishing, ransomware, and malicious domains through centralized policy management and regular control for specific user groups and business units. Enhanced reporting and audit capability for compliance review, improved website categorized accuracy to reduce false positives, and faster policy projections with real-time policy updates would be valuable enhancements.

I have been using Umbrella for three years.

Umbrella is stable.

Umbrella is highly scalable and well-suited for organizations. Its cloud-native architecture allows for easy expansion without requiring additional on-premises infrastructure. New users, devices, and locations can be onboarded easily through centralized policy management and deployment tools, providing consistent security and policy enforcement across remote users and branch offices.

Customer support for Umbrella is responsive and effective, providing opportunities for faster resolution on complex access issues.

We did not use any different solution before; from the beginning, we have been using Umbrella and do not want to switch to any other solutions.

Our experience with Umbrella's pricing, setup cost, and licensing has been positive overall. The setup cost with the initial deployment was straightforward and did not require significant infrastructure investment due to its cloud-based architecture. The licenses are simple to manage and scale well with organizational growth. User-based licenses provide flexibility and are subscription-based. Although Umbrella may be priced higher, the security features, centralized management, threat protection, and ease of deployment provide good value for the investment.

We have seen a positive return on the investment from Umbrella. The platform has helped reduce security risk by proactively blocking malicious websites, phishing attempts, and other threats at the DNS layer before they reach the end users. This has resulted in fewer security incidents, reduced time spent on remediation, and lower operational overhead for our IT team. Additionally, its cloud-based deployment model has eliminated significant infrastructure requirements.

Our experience with Umbrella's pricing, setup cost, and licensing has been positive overall. The setup cost with the initial deployment was straightforward and did not require significant infrastructure investment due to its cloud-based architecture. The licenses are simple to manage and scale well with organizational growth. User-based licenses provide flexibility and are subscription-based. Although Umbrella may be priced higher, the security features, centralized management, threat protection, and ease of deployment provide good value for the investment.

We did not evaluate other options before choosing Umbrella; we directly chose Umbrella.

My advice to others looking into using Umbrella would be to clearly define your security requirements and web access policy before deployment. Umbrella is an effective DNS layer security solution that provides strong protection against phishing, malware, ransomware, and other web-based threats. Organizations should take advantage of its centralized policy management, reporting capabilities, and integration options to maximize its value. It is important to plan for website categories, reviews, and exception processes since legitimate business websites may occasionally require whitelisting. Integrating Umbrella with endpoint management solutions can further enhance visibility and policy enforcement. I would recommend Umbrella for organizations looking for a reliable, scalable, and cloud-based web solutions architecture. I give this product a rating of nine out of ten.

My main use case for Umbrella involves whitelisting and blacklisting of URLs. I want to provide feedback on Umbrella as it functions. Umbrella provides strong DNS layer security and blocks malicious domains before connections are established. We would like to whitelist or blacklist the URLs that we want to utilize on our client side. The dashboard is relatively easy to use and provides good visibility into DNS requests and security events. Integration with other Cisco security products is beneficial, and reporting and analytics could be more customizable. Policy management can become complex in larger environments with multiple user groups. Troubleshooting blocked domains sometimes requires a very deep investigation. More granular reporting and easier policy inheritance would improve administration. Roaming client protection is valuable for remote customers, and threat intelligence backed by Cisco Talos is a strong advantage.

I can provide a quick specific example of how I have used Umbrella for whitelisting or blacklisting URLs by checking in VirusTotal as well as a few of the McAfee sites, and based on that, we will blacklist or whitelist the URLs.

The best features Umbrella offers include content filtering, protection for remote users, and DNS security, malware, and phishing protection.

Out of those features, I find myself relying on DNS security the most because it is essential for my needs.

Umbrella has positively impacted my organization by ensuring that if anyone wants to access any of the URLs, the URL will be blocked. If they want to access that particular URL, it needs to be whitelisted. Umbrella will help us to block or whitelist the URL based on malicious activity.

A specific outcome that shows how Umbrella has benefited my organization is that it saved a lot of time, and before security events occur, it filters all the URLs. Whether they are malicious or phishing URLs, it will blacklist those and will not approve that.

While Umbrella provides good visibility, reporting and dashboard customization could be improved by being more flexible, especially for management and compliance reporting. When a domain is blocked, administrators sometimes need to navigate multiple logs and dashboards to identify the exact policy or rule responsible. Simplified troubleshooting would improve this experience.

More customizable reporting, simplified policy management for large environments, and enhanced troubleshooting capabilities could be included.

Regarding Umbrella's AI capabilities, its governance and security can use threat intelligence from Cisco Talos to identify malicious domains, phishing sites, and emerging threats. Machine learning and predictive analysis can be leveraged to detect newly registered or suspicious domains before they are widely known threats. For example, AI-powered investigation summarizes and explains why a domain was blocked.

Its accuracy and reliability of output are notable since it provides reliable threat detection using Cisco Talos threat intelligence, machine learning, and domain reputation analysis. In my experience, the accuracy is generally good with effective identification of malicious and phishing domains. However, there can occasionally be false positives where legitimate sites are blocked and require review or whitelisting. The platform is highly reliable for DNS layer protection, but providing more transparency into AI-driven decisions and improving the explanation of why a domain is flagged would further enhance administrative confidence.

I have been using Umbrella for eight plus years.

Umbrella is stable.

Regarding Umbrella's scalability, it is highly scalable and well-suited for organizations of different sizes from small businesses to large enterprises. Since it is a cloud-delivered service, it can support a growing number of users, devices, and locations without requiring significant on-premises infrastructure. In my experience, scaling protection to remote users and multiple sites is relatively straightforward through centralized policy management.

The customer support was great, as they would solve the issue immediately based on the priority after we raise a request.

I have not used any other solution; Umbrella is the only one I am using.

Before choosing Umbrella, we did not evaluate other options. Our client chose only Umbrella, and it has been the best option so far.

My advice for others looking into using Umbrella is to consider that it would be helpful for all clients to better whitelist and blacklist the URLs that are malicious and phishing ones, as it will add more security or a layer of security to the companies. I would rate this product a nine out of ten.

My main use case for Umbrella is DNS security, by securing end users to utilize a security DNS. I have deployed Umbrella in proxy mode, and we have two appliances in our environment. Our Active Directory gets all the DNS queries from the Umbrella appliances, and the Umbrella appliances reach DNS and Cisco Security Cloud. Our end users utilize it from the Active Directory.

The best features Umbrella offers secure the DNS queries for our environment, including servers and endpoints. What makes the security feature stand out for our servers and endpoints is that most of the DNS queries come from trusted sources. Umbrella has positively impacted my organization by providing a layer of security on the DNS level. I can share specific outcomes including improved compliance with NCA regulation that resulted from using Umbrella.

Umbrella can be improved by adding DHCP services to be a full DDI solution, as most customers today are looking for a full DDI solution. Exporting reports for all the DNS queries, including how much reached and what has been blocked, can give full visibility for the protection. Additionally, adding DDoS protection services to the DNS cloud would provide more layers of security.

I have been using Umbrella for three years.

Umbrella is stable.

Umbrella's scalability is great.

Cisco Customer Support always answers on time, which is very helpful. I would rate the customer support a nine on a scale of one to ten.

I previously used Infoblox as a different solution before switching to Umbrella.

Before using Umbrella, I did not evaluate any other options.

I would rate Umbrella an eight on a scale of one to ten. I chose that number because of the ease of deployment of Umbrella, as well as its easy use and low operational headache. My advice for others looking into using Umbrella is to make sure to deploy Umbrella appliances on-premises to utilize the proxy services. The interview was great, and I have no changes to suggest for the future.

The main use case for Umbrella is that I am using it for SASE. I am using Umbrella for blocking malicious domains before connection happens, then protecting remote and hybrid users also without forcing full VPN. I am using it for web content filtering as well. Visibility into internet traffic, lightweight client protection, and the cloud delivered secure web gateway are part of my workflow. These include HTTP inspection, file inspection, URL filtering, SaaS control, and CASB.

The speed feature of Umbrella is the most useful feature and the one I find most valuable. For BYOD users, I am using the speed feature which stands out for me.

Mostly from SWG, HTTP inspection is an advantage, file inspection is an advantage, and URL filtering is also an advantage regarding the features of Umbrella.

Umbrella has positively impacted my organization as I am getting fewer phishing and malware incidents. Users are very happy with Umbrella.

I measure those improvements by getting lower incident response, fewer endpoint cleanup, less time to investigate commodity phishing, and fewer repetitive user tickets. I am able to achieve almost net zero incidents.

User experience of Umbrella can be improved, with less backhauling traffic, better browsing performance, and fewer VPN dependency complaints.

I have been using Umbrella for 2.6 years.

Umbrella is stable, and as of now, it is very much stable.

Umbrella's scalability is very much flexible as you just buy a license and you can scale as much as you want.

We have not experienced customer support for Umbrella. We are with Cisco, so we do not need any customer support for any Cisco product. I rate the customer support of Umbrella 10 out of 10.

Before Umbrella, I used a Firewall VPN which was not a full-fledged Umbrella SASE. I am seeing Umbrella for the first time. I was evaluating Palo Alto before choosing Umbrella.

I have mostly seen time saved as a return on investment. I am not investing more than 30 minutes of time every day, so you can analyze how much time we are saving.

We were evaluating Palo Alto as well for SASE, but finally, we decided to go with Cisco SASE and Cisco Umbrella because of the relationship we have.

My advice is to go ahead with Umbrella. It is a very nice product with good customer support plus a return on investment. You are investing $1 and you are getting a value of $10. People should go ahead with Umbrella. It is a very good product. Please go ahead, buy the product, and contact your Cisco account manager. They will help you, and the customer support team will assist you as well. Please try the demo. I am providing this review with an overall rating of 7.5 out of 10.