Umbrella Cloud Financial Management logo

    Umbrella Cloud Financial Management

    Sold by
    Cloud costs are volatile and hard to manage at scale. Umbrella gives full control, visibility, and automation-helping enterprises cut waste, forecast spend, and scale efficiently.

    Ratings and reviews

    4.4
    56 ratings
    2 star
    1 star
    59%
    39%
    2%
    0%
    0%
    7 AWS reviews
    |
    49 external reviews
    External reviews are from G2  and PeerSpot .

    Filters

    Review type

    AWS Marketplace reviews
    External reviews
    Reviews (56)
    Hamza Sadaat

    Blocking malicious sites has reduced daily security incidents and improves workforce productivity

    Reviewed on Jun 30, 2026
    Review provided by PeerSpot

    What is our primary use case?

    The primary use case for Umbrella at Menzies Aviation is blocking malicious and unwanted websites at the DNS level. Whenever a user tries to access a website, Umbrella checks the domain before the connection is made, and if the domain is malicious, phishing-related, or against our company policies, it blocks it instantly. From a service desk analyst perspective, Umbrella protects us from phishing and malware that can come from websites, which reduces our security incidents related to our cybersecurity team. Every user is expected to follow best practices, and failing to do so means they won't be able to access specific websites, allowing access only to business-approved websites while working alongside Cisco VPN and Secure Client to maintain protection.

    Recently, I encountered a user who received a suspicious email with a link that seemed to come from me.sharepoint. When the user was unsure about the email and attempted to click the link, Umbrella immediately blocked the domain access, identifying the site as potentially unsafe. The user received a prompt stating that the website was blocked by Menzies IT, and they could reach out to IT if they needed it unblocked. This represents the best recent use case I have encountered.

    A unique aspect of Umbrella at Menzies Aviation is its ability to block websites combined with Cisco Secure Client and VPN, providing global workforce protection and enforcing strong policies. This means that regardless of the user, access to unsafe websites is blocked while allowing all compliant and business applications on the laptop.

    What is most valuable?

    The best feature that I have found useful in Umbrella is blocking website access to users, which significantly reduces our cybersecurity incidents, prevents computers from being attacked by malware, and stops users from accessing unproductive applications such as Netflix on their work laptops.

    Umbrella positively impacts my organization by not allowing users to connect to suspicious or phishing emails, thus reducing incidents where users accidentally click on unsafe links and potentially get infected. This improvement in productivity results from preventing such incidents, which previously required us to clean up malware, saving valuable time for both users and IT support.

    Before using Umbrella, we experienced around ten to twelve daily incidents at our company, which has more than seventy thousand employees. Each incident required us to reach out to the user, isolate their device, and check for malware, which wasted both the user's and the IT support's time. Since deploying Umbrella, it has significantly reduced the ability for users to access harmful websites.

    What needs improvement?

    To improve the Umbrella experience, a dashboard or daily statistics along with visual widgets would be useful if they were added.

    For Umbrella to reach a ten out of ten rating, it should have a more user-friendly interface, additional widgets, and more customization options.

    For how long have I used the solution?

    I have been using Umbrella for more than one year.

    What other advice do I have?

    I definitely advise others to consider Umbrella, as we have deployed this tool and found it easy to manage, with significantly good benefits and advantages. I have given this review a rating of eight out of ten.

    reviewer2866413

    Security policies have protected data and now control risky web and cloud usage

    Reviewed on Jun 30, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Umbrella is used mainly to track websites, block some sites, and malicious sites to safeguard the organization. Certain group policies are in place where for some applications, such as Google Drive, data loss prevention must be implemented and data should not be shared with other people or other cloud services. Google Drive and any cloud-based services which are not safe are blocked, along with file transfers to other cloud-based tools. All of this is blocked, and AI-related websites which may be malicious and critical for the organization are also blocked.

    Umbrella is used for many things beyond AI. Various other content types are blocked as well.

    What is most valuable?

    Both features stand out as valuable. Umbrella is easy to set up as well as for creating a group policy or creating a proxy setup. Everything is easy in Umbrella when compared to other competitor sites or tools.

    Previously, the organization did not have any type of security tool. The network was open and there was only a firewall which used to block additional websites or safeguard the sites. After introducing Umbrella, most of the malicious emails or malicious sites that users access have been very much secured. Most of the security threats are now blocked by Umbrella. A filter layer exists where a user can request a site to be unblocked from Umbrella. Once a ticket is raised through Umbrella, and because Umbrella has been automated through the service portal, a user can request to open the site if they might have some work. This feature is very easy and very much valued.

    What needs improvement?

    Umbrella could be improved with notifications. Currently, a site is completely blocked by Umbrella, but a user does not know. There is no notification that something is going wrong with Umbrella. At that point, Umbrella has to be disabled to cross-check if the site is blocked by Umbrella or not. Sometimes this happens without any notification. A notification indicating that a site is being tracked by Umbrella but is not notified to the end user would be a good option to get a notification to the end user.

    There are some bugs or issues which need to be improved. Once these are improved, a higher rating could be provided.

    For how long have I used the solution?

    Umbrella has been used for more than five years across two to three organizations.

    What do I think about the stability of the solution?

    Umbrella is stable.

    What do I think about the scalability of the solution?

    Umbrella is very highly scalable. For example, even if it is a 100-user company, it is scalable. Even if the company needs to upgrade to 500 users, it is very scalable.

    How are customer service and support?

    Customer service is quite good. Whenever issues arise and the cause is unclear, reaching out to customer care has provided very good support.

    Which solution did I use previously and why did I switch?

    Previously, the organization did not have any type of security tool. The network was open and there was only a firewall which used to block additional websites or safeguard the sites.

    Sophos and Sophos Endpoint were used previously. Since Umbrella is very much a cloud-based solution and the move to Cisco products was necessary, the transition to Cisco Umbrella was made.

    How was the initial setup?

    Both features stand out as valuable. Umbrella is easy to set up as well as for creating a group policy or creating a proxy setup. Everything is easy in Umbrella when compared to other competitor sites or tools.

    What about the implementation team?

    The implementation details completely go to the security team, so they make the decision on this. The work is to deploy the product and run the tests.

    What was our ROI?

    A recent attack on the organization resulted in some data being leaked because of phishing attempts where a user clicked on a malicious link. After introducing Umbrella security and many other security features, these incidents have been decreased. A return on investment has been achieved by the company.

    What's my experience with pricing, setup cost, and licensing?

    The cost aspect is not something I focus on because security is something that cannot be equated to money when it comes to security. Time saved is significant. With a firewall, the slowness of site tracking is very noticeable when compared to Umbrella. When using Umbrella, there is no type of internet dependency, such as a reduction in internet speed. Everything runs fine. A lot of time is saved.

    Which other solutions did I evaluate?

    Sophos and the endpoint from Sophos were considered as alternate solutions.

    What other advice do I have?

    Both features stand out as valuable. Umbrella is easy to set up as well as for creating a group policy or creating a proxy setup. Everything is easy in Umbrella when compared to other competitor sites or tools.

    Governance and security completely depend upon the policies that are created by the security team. This mostly goes to the security team. The governance management from the Cisco side is unclear, but it completely depends upon the deployment from the security end.

    For accuracy, 60 to 70 percent accuracy is being achieved.

    The brand name from Cisco is a main reason to advise for other companies or other colleagues, because Cisco has a good reputation with all organizations. The overall review rating for this product is 9 out of 10.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Zubair Nawab

    It Provides Centralized DNS security has reduced web threats and supports proactive policy management

    Reviewed on Jun 23, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Our main use cases for Cisco Umbrella are like Blocking malicious websites and phishing attacks ,Securing users when they are outside the office and protecting against malware at the DNS level

    How has it helped my organization?

    Cisco Umbrella has improved our security by blocking threats before they reach users. It also gives better visibility of internet activity, protects users even خارج office, and reduces IT workload with easy cloud management.

    What is most valuable?

    The best feature Umbrella offers is web filtering, which is crucial because the user can secure their laptops. Sometimes users try to access malicious websites, but Umbrella is really helpful and suddenly blocks these websites, which is really beneficial for us.

    Before using Umbrella, we had a lot of complaints about users accessing websites and malware being downloaded onto the user's device, but after using Umbrella, issues related to malware have really reduced, and we are now fully satisfied.

    Complaints about malware incidents were reduced by 40 to 50% after using Umbrella.

    What needs improvement?

    I want to highlight one concern: Umbrella can be bypassed by using the Play Store applications, which is something your team could look into, as users are bypassing the filter and accessing the websites by changing DNS and point to using application DNS.

    I would suggest one more improvement regarding the mobile application: if we change the DNS server on our laptop and install the mobile application on our mobile after changing the DNS, Umbrella can be bypassed, allowing a user to access any website by sidestepping Umbrella protection. I think the team should check this, as I've talked to a few users in our organization who are making such attempts to bypass Umbrella protection.

    Some changes are required regarding the user's ability to easily bypass the protection, and I think the team should work to resolve this so that we can ensure our users are secure and cannot bypass this protection.

    For how long have I used the solution?

    We are Using Umbrella in our organization for the last four years, and it plays a vital role; it is a really great product, so I am fully satisfied.

    What do I think about the stability of the solution?

    Yes, Cisco Umbrella is very stable. It runs on a reliable cloud infrastructure, so there is minimal downtime. It continues to protect users even when they are outside the office network, making it consistent and dependable for daily use.

    What do I think about the scalability of the solution?

    Cisco Umbrella is highly scalable because it is cloud-based. We can easily add new users, devices, or locations without installing extra hardware. It grows with the organization and works well for both small and large environments with minimal effort.

    How are customer service and support?

    Global Team provide us technical support

    Which solution did I use previously and why did I switch?

    No

    How was the initial setup?

    Straightforward

    What about the implementation team?

    No

    What was our ROI?

    yes, definitely It has reduced security incidents like malware and phishing, which saves cost on recovery and downtime

    What's my experience with pricing, setup cost, and licensing?

    No Comment please

    Which other solutions did I evaluate?

    we only used Cisco Umbrella

    What other advice do I have?

    Cisco Umbrella is a strong and reliable security solution, especially for cloud and remote users. I would recommend it to organizations looking for easy deployment, good protection, and low maintenance. Start with proper policy planning to get the best results.

    The cloud provider I use for Umbrella is Amazon Web Services (AWS).

    I did not purchase Umbrella through the AWS Marketplace; We purchased it from our global team.

    There are no additional improvements needed for Umbrella that I haven't already mentioned.

    My review rating for this product is 9.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    Udaykiran Mp

    Comprehensive DNS protection has reduced threats and provides clear visibility into internet traffic

    Reviewed on Jun 12, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Our main use case for Umbrella is DNS security.

    With Umbrella as a product, we inspect all the DNS query traffic coming in. Anything that's going to the internet is inspected with Umbrella DNS security. The policies applied over and the SASE tool help us to inspect and either allow or block or do a private endpoint, which is trusted domain management. The architecture extends quite well with cloud, Azure cloud, on-prem, as well as the agent-based policies.

    We are in a POC situation with Umbrella for enabling the SWG, which is an upcoming aspect.

    What is most valuable?

    The best features Umbrella offers include having an agent, simple installation, and a quick VA installation mode that provides a virtual tunneling sensor for any network. That is quite the best, and compared to real-time detections, it does good work in inspecting and protecting internet domains.

    The agents residing as roaming clients in user machines are always on, either in the office or in home networks, doing major work for the protection of user laptops open to the internet. VA sensors are NAT-based connectors directly tunneling to the SaaS, playing a key role in resolving private domains in Azure and AWS.

    Umbrella has positively impacted my organization because it has turned a different situation around; we see at least billions of traffic being protected and classified regarding what sort of traffic is going in and out. We also have a good SLT review chat exported as a report every month and week.

    The reports help my team by showing both huge reductions in threats at the DNS query level and improved threat protection. The report states how much traffic flow is in the count of millions and billions and how much is blocked with our policies in place.

    What needs improvement?

    I see a couple of areas for improvement in Umbrella; currently, I do not have a direct option to disable or block the agent at the end-user machine level. That is one issue, and another lack is in the policies where I cannot bypass a set of categories. We have submitted a feature request for these two cases and will have to wait for an update.

    I notice a lack of agent availability on Linux platforms; it would be better if we had agent-based protection for Linux machines as well.

    Regarding Umbrella's AI capabilities, I think the backend work is not shown well to customers, as I see a lag in providing accurate categorization. The threat intel integrated in the backend does not achieve 100% accuracy since about 10% of domains vary between Cisco representation and other threat intel categorization, which I see as one gap.

    The accuracy of Umbrella's output is slightly missing, around 10 to 15%, and it does not provide accurate categorization compared to available market threat intels.

    For how long have I used the solution?

    I have been using Umbrella for close to eight years.

    What do I think about the stability of the solution?

    Umbrella is stable; although we experienced some deployment hiccups with agent specific to IPv4 and IPv6, these issues were resolved, resulting in a very stable solution.

    What do I think about the scalability of the solution?

    Umbrella's scalability is easy to manage, requiring no major configuration changes and facilitated by alignment with the account team for deployment.

    How are customer service and support?

    Customer support is excellent; we connect weekly with our Professional Services team as needed and extend our meetings based on ongoing projects.

    Which solution did I use previously and why did I switch?

    I previously used Infoblox Threat Defense, specifically BloxOne Threat Defense, which lacked features compared to Umbrella. The transition occurred six to seven years ago due to major drawbacks in protection accuracy and management features.

    How was the initial setup?

    Integrating Umbrella with our existing systems was easy; it involved integrating directly with NAT exits and external-facing IPs on Cisco SaaS without difficulty. We were in monitoring mode for a while before switching to protection mode, but redesigning the architecture would not be as straightforward.

    What about the implementation team?

    We handle user training and onboarding for Umbrella primarily through Cisco Professional Services, who support us in every step, especially during situations such as recent MacBook agent deployments. Until we onboard online, they ensure our policies are updated and effective.

    What was our ROI?

    I have not seen a significant return on investment as the management perspective requires minimal administrators; once devices are deployed, they function largely on their own, protecting against threats at the DNS level.

    What's my experience with pricing, setup cost, and licensing?

    My experience with pricing, setup costs, and licensing is neutral; it is not too good or bad, but reasonable for the market. Licensing is based on headcount in our organization, but now we need to consider the impact of adding SWG to our DNS security.

    Which other solutions did I evaluate?

    We evaluated Netscope and Akamai before choosing Umbrella based on price, features, and Gartner recommendations, which led us to that decision.

    What other advice do I have?

    I rate Umbrella an eight overall, considering the feature requests submitted; I think it is doing well.

    I rate it an eight because the score specifically relates to DNS security; I would not give a higher rating due to the two feature requests mentioned. Otherwise, the overall experience with Umbrella is good.

    I advise others considering Umbrella to thoroughly test during their POC, especially if agent controls at the management plane and scalability on macOS are critical factors. While Umbrella excels in protection and ROI, these considerations warrant reevaluation.

    I found this interview experience good and refreshing, allowing me to reflect on my journey with the product over the years; thank you for the opportunity to share feedback. My review rating for Umbrella is eight out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    reviewer2855808

    Improved web security has blocked malicious domains and provides better visibility into user traffic

    Reviewed on Jun 12, 2026
    Review from a verified AWS customer

    What is our primary use case?

    My main use case for Umbrella is for our DNS security and proxy. This is what we are required to use to block any unwanted communications, domains, or certain categories which are available on the web internet that we want to restrict for our organization users so that they can avoid going into malicious sites and domains.

    I can give a quick specific example of how I have used Umbrella to block or restrict access in my organization through content filtering, by manually adding the domains, AI blocking, blocking of on-size, blocking of unwanted restricted sites, blocking of newly registered domains, blocking of social media platforms and various others.

    What is most valuable?

    Umbrella offers excellent features including usability; it is simple, easily accessible, and usable. The content filtering, reporting, and researching capabilities are very good and make it user-friendly for everyone.

    Those reporting and researching capabilities have been really helpful in our day-to-day operations and have provided insights to understand what is happening so we can strategically plan based on our organization needs.

    Umbrella has positively impacted my organization because previously, we were not having any visibility on what was coming in and what was going out. Currently, with the help of Umbrella, we are able to restrict what can go out and what can come inside, which is really helpful for each and every organization, not only for us. Umbrella is doing a great job in this area.

    We have seen a couple of reductions in the sites and domains which users were visiting unwantedly or without having information, which drastically reduced, resulting in a positive impact. This is how it is increasing our security posture as well. This was the main objective for acquiring Umbrella within the organization, and the business is pretty much helpful with that.

    What needs improvement?

    I found Umbrella to be good, and it would be helpful if we could enhance some features related to the AIs and also provide some inputs on a weekly basis regarding what is going on in the market and your best recommendations; probably I am not getting it. We have not subscribed, but if you can guide me on where we can get that information, that would be really helpful.

    Umbrella can be improved by providing something on a day-to-day basis so that users can be aware. The improvement of AI facilities or AI recommendations needs to be added, and they should provide the best recommendations based on the traffic they are seeing on a weekly or bi-weekly basis, such as what needs to be blocked and what can be looked after so that the business or the person who is looking into that can find it helpful. That is the main enhancement I can think of right now.

    I think I have covered pretty much all the needed improvements for Umbrella that I have not mentioned yet.

    For how long have I used the solution?

    I have been working in my current field for more than ten plus years. I have been using Umbrella for more than four years.

    What do I think about the stability of the solution?

    Umbrella is stable.

    How are customer service and support?

    Umbrella customer support is good.

    Which solution did I use previously and why did I switch?

    We were not using any solution previously; this is the first one we have purchased.

    How was the initial setup?

    My experience with pricing, setup cost, and licensing has been good.

    I have not found any challenges regarding pricing, setup cost, or licensing; everything is good.

    What was our ROI?

    I cannot calculate it based on specific metrics, but from a security perspective, it is the best investment and a good investment, probably what we need for our organization.

    Which other solutions did I evaluate?

    We have not evaluated other options before choosing Umbrella.

    What other advice do I have?

    I would advise others looking into using Umbrella to definitely look for it and opt for it, as it is a good product based on the organization's needs; I would highly recommend it. I believe this review merits a rating of eight out of ten.

    Which deployment model are you using for this solution?

    Private Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Zafir Khan

    Improved DNS security has protected against tunneling attacks and now needs stronger data protection

    Reviewed on Jun 10, 2026
    Review provided by PeerSpot

    What is our primary use case?

    I use Umbrella for DNS security because our network experiences tunnel-based DNS tunneling attacks. On a daily basis with Umbrella, we create policies to block 18 plus content.

    What is most valuable?

    Umbrella's best feature is DNS security because DNS is the most vulnerable component and can be a potential attack vector. I appreciate Umbrella's security features, particularly the URL filtering, SSL decryption, and secure web gateway feature, which I use very effectively.

    Umbrella's AI capabilities are strong, particularly in interactive threat intelligence. I believe this is a good application of AI, as it can protect against phishing attempts, different vulnerabilities, and exploits. Umbrella's AI output has been consistent and reliable without raising any suspicions.

    Umbrella has positively impacted our organization by improving productivity. We can control content while also maintaining the main usage benefits.

    What needs improvement?

    I think data loss prevention would be a good addition to Umbrella. Data loss prevention would be a beneficial feature if it were included. I believe data loss prevention would be a good fit for this product.

    For how long have I used the solution?

    I am currently using this solution.

    What do I think about the stability of the solution?

    Umbrella is stable. Due to Cisco's engagement, it is a good scalable product.

    What do I think about the scalability of the solution?

    Umbrella's scalability is good and handles growth well within our organization.

    How are customer service and support?

    Umbrella's customer support is impressive. Cisco Umbrella's customer support is very good, and the product itself is supported by strong customer service.

    Which solution did I use previously and why did I switch?

    I did not evaluate many other products because Cisco was the known product.

    What was our ROI?

    I have seen a return on investment from using Umbrella. It is a good investment.

    What's my experience with pricing, setup cost, and licensing?

    The experience with pricing, setup cost, and licensing for Umbrella is positive. I think the licensing is good and the pricing is competitive.

    What other advice do I have?

    We do not use Umbrella uniquely but rather use it for network-based security purposes. We also capture various scenarios with the product. The experience with pricing, setup cost, and licensing for Umbrella is positive, and I think the licensing is good with competitive pricing. I would rate this review a 7 out of 10.

    Michael Palaca

    Strict URL blocking has protected our organization and continues to strengthen cyber defense

    Reviewed on Jun 09, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Umbrella is OpenDNS. I use Umbrella with OpenDNS in my organization by ensuring that all external URLs are denied by default. When a user requests access, they raise a ticket to us and we analyze it. If it is a valid URL, we allow the request to grant access. I chose to set it up this way for cybersecurity protection, which addresses a particular challenge we face.

    What is most valuable?

    The best features Umbrella offers in my experience include OpenDNS and the ability to block URLs. Umbrella positively impacts my organization by protecting us from cybersecurity threats and malware. I think Umbrella can be improved regarding AI capabilities.

    What needs improvement?

    I think Umbrella can be improved regarding AI capabilities. I believe some tasks need to be automated, especially the repetitive tasks.

    For how long have I used the solution?

    I have been using Umbrella since 2023, so it has been three years.

    What other advice do I have?

    I don't have anything else to add about my main use case with Umbrella. So far, I don't have a specific example of how the advanced URL blocking feature has helped my team or made things easier from the support perspective. I don't wish to add anything else about the features.

    I don't have specific outcomes to share, but it has been helpful so far without seeing fewer incidents or noticeable changes in security metrics since using Umbrella. Regarding Umbrella's AI capabilities, I think its governance and security are good. I find the accuracy and reliability of Umbrella's AI output to be good, with an accuracy and reliability rating of eight overall. The accuracy and reliability of Umbrella's AI output is good, and it is fine without any improvements needed. My overall review rating for Umbrella is 9.

    Ike Christian

    Umbrella has streamlined daily planning and supports data-driven decisions for our organization

    Reviewed on Jun 08, 2026
    Review provided by PeerSpot

    What is our primary use case?

    I use Umbrella for ERP resources, like enterprise resource planning for our company on a day-to-day basis.

    Umbrella helps us assist with our data analysis, such as profiling the database solutions to what our customers need.

    What is most valuable?

    I rate Umbrella an eight out of ten because of its diverse features. I think it has been helpful. The software itself is very helpful for companies that are into enterprise systems. It helps give you a very good modeling of what your request and your mission and vision is for your company. It helps to make the process seamless and more effective.

    What needs improvement?

    I wish Umbrella could make the whole process more user-friendly. It should be more user-friendly for people to be able to use because it is a bit sophisticated.

    For how long have I used the solution?

    I have been using Umbrella for the past five months.

    What other advice do I have?

    My advice to others looking into using Umbrella is to tailor it to actually know what their request is and tailor it in the same process because Umbrella is a very wide model with specifications where you could just look at what your objectives are, what your goals are, and probably tailor it to serve the purpose or the main objective of the organization. I definitely recommend Umbrella and would rate this product an eight out of ten.

    Md Mujahiduzzaman

    Web filtering has protected users from harmful sites and supports safe browsing every day

    Reviewed on Jun 08, 2026
    Review from a verified AWS customer

    What is our primary use case?

    I have been using Umbrella for actual deployment at my client site and have also been maintaining it, so I have experience over the last one year.

    My main use case for Umbrella is its excellent security feature for web security related to any type of URL blocking or dangerous sites, and it works well.

    A specific example of how I use Umbrella's web security features is that end users visit many sites and do not know which sites are usually good for them, so using Umbrella DNS security automatically blocks the harmful sites.

    I create policies for exceptional users and give them special permissions to visit any site.

    What is most valuable?

    In my opinion, DNS security is the best feature Umbrella offers.

    The DNS security feature stands out for me because its deployment is easy and its maintenance is easy.

    I hoped Umbrella would help make our company safe from dangerous sites, and after installing it, I found it very helpful for my company.

    I saw many incidents happening and noticed that the best feature is its capability to block URLs that have a backend server, which I think is the best feature in Umbrella that works behind the scenes on the web server.

    What needs improvement?

    I think the accuracy and reliability of Umbrella's output is 100% in blocking all bad sites; however, one problem is that it sometimes blocks valid URLs. For example, regarding the backend where some URLs communicate with the backend, I want to manually check it and then allow it.

    I acknowledge that every device has a downside, and I still do not know which sites are bad for the user.

    I find Umbrella very user-friendly, so there are no challenges or confusing aspects.

    For how long have I used the solution?

    I am working almost five years in my current field.

    What do I think about the stability of the solution?

    Umbrella is stable.

    What do I think about the scalability of the solution?

    Umbrella easily handles more users or traffic, demonstrating good scalability.

    How are customer service and support?

    I have never used the customer support portal and find it very user-friendly, so I do not need to use it.

    Which solution did I use previously and why did I switch?

    Umbrella is my first solution; I have not used a different solution before.

    What was our ROI?

    I have not seen a return on investment since I do not get involved with business aspects, so I have no idea regarding saving money, time, or needing fewer employees because of Umbrella.

    What's my experience with pricing, setup cost, and licensing?

    I do not have any idea about the pricing, setup cost, and licensing because another team calculates it.

    Which other solutions did I evaluate?

    I did not evaluate other options before choosing Umbrella, as our client chose Umbrella.

    What other advice do I have?

    Umbrella is very user-friendly, the GUI is very understandable, and the traffic and detection are also fine and excellent. I give Umbrella a rating of nine out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    Mohan Adav

    Security platform has reduced phishing risks and provides silent DNS protection for remote users

    Reviewed on Jun 05, 2026
    Review provided by PeerSpot

    What is our primary use case?

    Umbrella serves as my main DNS layer security and visibility tool, which is essential to the first line of defense for any outbound traffic day to day. Every DNS request is checked against Umbrella's threat intelligence before it resolves, meaning that malware, phishing, and command and control callbacks are blocked at an earlier stage. It typically fits into daily operations through web filtering and policy enforcement, enforcing acceptable use policies across the user and site, for example by blocking categories such as gambling or adult content while allowing business-critical domains. Threat protection automatically stops the connection to malicious domains, IPs, and URLs, reducing the number of incidents that reach firewall points, allowing the firewall SOC team to spend less time chasing alerts. Regarding visibility, Umbrella provides insight into traffic from laptops and mobile devices outside the corporate network, which is especially useful for distributed teams. My daily use includes reviewing Umbrella's dashboard for blocked requests, top destinations, and policy hits, with this report data often exported for compliance frameworks such as NIST or ISO. Umbrella integrates seamlessly with existing systems such as firewalls by Palo Alto, FortiGate, and Cisco ASA, not replacing them but acting as a complementary layer that reduces risks before traffic reaches those devices.

    What is most valuable?

    Umbrella has really helped my team specifically during a phishing campaign targeting remote users. A few employees received emails with links looking like a legitimate Microsoft 365 login page, which were crafted to bypass basic email filters. However, when users clicked them, Umbrella intercepted the DNS request and blocked the domain before the page could even load. Instead of relying on users to recognize the fake login, Umbrella's threat intelligence stopped the connection outright, preventing credential theft and saving the SOC team from having to run a full incident response cycle. This day-to-day difference shows the value of Umbrella's silent protection, which reduces downstream alerts in the firewall and SIEM team, providing confidence that even if something slips past email security, Umbrella will catch it at the DNS layer.

    Umbrella fits into the workflow as a quiet backbone for security operations, providing baseline protection, reducing noise, covering the remote workforce, and enabling reporting compliance. These are key factors, as Umbrella is not something the team constantly interacts with but is woven into the workflow as a preventive visibility and driving layer, making everything downstream more effective.

    The best features of Umbrella are its DNS layer security, cloud delivery, simplicity, and integrated threat intelligence, which together provide fast, reliable protection against malware, phishing, and ransomware. These features are valued most for blocking threats before connections are established, ensuring consistent security for both on-network and remote users. Key features include DNS layer security, cloud delivery protection, threat intelligence, visibility, Secure Web Gateway, Cloud Access Security Broker, Firewall as a Service, Data Loss Prevention, and Remote Browser Isolation.

    Regarding how I use the Secure Web Gateway and Cloud Access Security Broker features, they extend Umbrella beyond just DNS filtering and are valuable because they give the team deeper control and visibility. Secure Web Gateway stops threats that hide behind legitimate domains or encrypted traffic, reducing reliance on decryption by catching malware at the gateway and giving confidence that even if the DNS layer allows a domain, the SWG layer will still inspect and block malicious payloads. Cloud Access Security Broker is useful for monitoring SaaS app usage, such as Office 365, Google Workspace, and Dropbox, helping identify shadow IT with employees using unsanctioned cloud apps, and enforcing policies such as blocking the upload of sensitive data to personal cloud storage. It prevents data leaks while providing visibility into cloud adoption threats across the workforce, balancing productivity with risk management. Together, SWG and CASB make Umbrella more than just a DNS filter, giving layered control over both traffic and application usage, critical in a hybrid workforce where employees continuously access SaaS platforms from different locations. In practice, SWG protects against external threats while CASB addresses internal risks such as data leaks, making them valuable to the team.

    From a features point of view, I want to highlight core items that make Umbrella feel concerning a complete security platform rather than just a DNS filtering solution. Features such as Firewall as a Service, Data Loss Prevention, Remote Browser Isolation, reporting, and analytics work together with SWG and CASB to provide a layered defense model. DNS security stops threats at an early stage, while SWG inspects and filters web traffic, CASB controls SaaS usage, and prevents shadow IT, with Firewall as a Service, DLP, and RBI extending protection to border traffic and data leakage. This consolidation of multiple security functions into one cloud delivery platform reduces complexity while improving coverage, which is invaluable to the team.

    Umbrella has positively impacted my organization primarily in two areas: risk reduction and operational efficiency, representing the overall positive impact. It essentially becomes a silent backbone, preventing incidents before they happen and reducing noise downstream in the firewall and SIEM. Umbrella provides measurable proof to stakeholders of improved security posture, allowing the team to spend less time firefighting and more time on proactive projects while leadership receives clear metrics showing ROI.

    I see Umbrella's positive impact reflected in areas such as phishing incidents, SOC efficiency, and remote workforce coverage. For compliance and audit proof, during a phishing campaign, Umbrella blocked access to malicious domains at the DNS layer before users reached fake login pages, stopping requests instantly. This prevented credential theft and saved the SOC team from a full incident response cycle, clearly demonstrating both risk reduction and time savings. In summary, Umbrella has led to fewer incidents, faster audits, and more efficient SOC operations, with metrics that leadership can refer to as proof of ROI.

    What needs improvement?

    While Umbrella is strong, there are areas where it could improve based on daily use. Some aspects that my team often wishes were better include reporting depth, policy granularity, false positive whitelisting, integration with other tools, and cost considerations. Overall, Umbrella effectively blocks threats early and provides visibility, but if Cisco enhances reporting and policy flexibility and integration, it would make the platform even more powerful and reduce the need for workarounds. Improvements in reporting depth, such as enabling the team to find the root cause easily, would be beneficial, as would making reports more visually appealing with graphs and color combinations, similar to other platforms concerning Forti Manager and Palo Alto.

    Regarding the needed improvements, I have noticed some key areas, particularly around integration and policy management, which tend to be pain points in daily use. Challenges include integration with third-party SIEMs, endpoint tools, SD-WAN, and managing multi-vendor firewall policies, as well as the regularity of whitelisting workflows. Although Umbrella excels at blocking threats early, if Cisco can enhance integration breadth and policy flexibility, it would alleviate frustrations for teams managing a hybrid multi-vendor environment, making Umbrella not just a strong security layer but also a smooth operational fit.

    For how long have I used the solution?

    I have been using Umbrella for the last three years, which has provided me more confidence in using it, and it is a very nice product.

    What other advice do I have?

    From my perspective, Umbrella's AI capabilities are designed with governance and security in mind, which is one reason it is trusted in enterprise environments. Governance ensures policy enforcement, shadow IT control, and compliance alignment, while the security aspect features threat intelligence at scale and adaptive blocking that reduces human error. For my team, Umbrella's AI means more than just blocking threats; it supports governed cloud usage and secures traffic intelligently. The governance side ensures compliance and visibility, while the security side guarantees resilience against evolving threats.

    In summary, Umbrella's AI capabilities make it both a security shield and a governance tool, helping organizations stay compliant while reducing risk.

    Regarding Umbrella's AI capabilities and the accuracy and reliability of its output, I find them generally very accurate and reliable, which is why they are trusted as the first line of defense. My overall rating for this review is nine out of ten.