Cisco Duo - Premier Edition

Cisco Duo serves as an MFA platform with various primary use cases. The first use case is remote access VPN MFA, which protects VPN access for users. Integration with Windows RDP and device admin management use cases are also configured frequently. When administrators need to access network devices, switches, firewalls, routers, and remote desktop environments, these systems are protected with MFA.

Cisco Duo is mainly an MFA platform, though Cisco positions it as much more. Once a customer has Cisco Duo, we can go into details and use all of the security assessment policies that they have, or a new solution that was recently integrated is the Identity Intelligence platform, which is a kind of ITDR focusing on identity threats monitoring and posturing. However, it all starts with the MFA.

The product is really amazing, and I think it is one of the best documentation sets I have ever seen. The development platform has improved much. However, it is really hard to position against Microsoft because a lot of customers have Microsoft or Entra ID. Microsoft sells it for free, so they have similar MFA use cases and conditional access policies, and about 90% of customers have it for free. Cisco Duo shines in environments where there are multiple identity providers being used. However, that may only be relevant for really big customers. For smaller customers or medium enterprise customers that mainly rely on Microsoft IDP, Entra, and Active Directory, we have troubles because they prefer Microsoft since it comes for free and is also a great tool.

The licensing model for Cisco Duo is really amazing because it is based on the number of users. When you buy Cisco Duo, you pay for the number of users and it does not matter how many applications you want to protect. It can be any number of web applications, any number of devices, anything. This allows us to make great deployments.

When the customer is satisfied with Cisco Duo, they can become addicted to it in a good sense because we can cover pretty much everything. I love the fact that it tries to play the role of integrating multiple identities. I think that is where they are going, and I think that makes sense.

Whenever a customer has multiple IDPs, for example, they have some LDAP servers, Active Directory, or RADIUS servers, Cisco Duo integrates it all. This is a lot harder with Microsoft or with other platforms. In general, the whole UI experience for an admin and also for users is very straightforward. They have integrated recently an AI assistant that is good. It can be better, but it helps you to configure things and to troubleshoot things. I really like the whole user experience of Cisco Duo, including the configuration experience, documentation, and support is great.

Cisco Identity Intelligence, which is part of Cisco Duo, is a great feature that performs a lot of security checks on all accounts, including machine accounts and agentic users. Depending on those checks, administrators get notifications and based on those notifications, they can act.

This is kind of a SOC CDC story. The admins managing Cisco Duo are not responsible for processing those monitoring or detections. Identity Intelligence is a great, amazing, and fantastic source of information that is absolutely relevant for the use cases that SOC CDC colleagues do for investigations that they run. They heavily rely on this and really consider it very much. They also integrate Microsoft similarly. For our managed service customers where we do SIM, CM, SOC, and CDC services kind of managed detection response, they use it a lot, so I think Identity Intelligence is a great tool.

When it comes to agentic things, we are quite at the beginning of the whole cycle. We do not see yet that big organizations really deploy those agentic agents. Of course, there are service accounts and those service accounts have been monitored, which is again a great tool. However, they are really afraid to create some AI tools that are just talking to each other because nobody has an overview about that. The organization security policy does not allow it for many customers, so it is not really a topic that we see right now. However, I think it will come at some point.

Visibility is great, and you get all the possible logs and all the possible security posture results in Cisco Duo. First of all, administrators and organizations get a lot more visibility and understanding of what is happening in their network and which identities they have.

With Cisco Identity Intelligence, you get a great overview of all possible accounts, including service accounts and user accounts. A lot of people start with the cleanup of those accounts because a lot of them are dormant, probably have been compromised, or have permissions that they do not need to have.

Cisco also has a partnership with BloodHound Enterprise, which is a great tool to discover attack paths on the active directory, which is an identity access management relevant topic. This has helped a lot. However, I must admit that we should do a better job in there because unfortunately, many customers managing Cisco Duo are firewall or network admins, and they are not really security oriented. Sometimes this teamwork is missing between those firewalling Cisco Duo management teams and the security SOC at the customer where they can really exchange information. Unfortunately, this conversation sometimes is missing, and sometimes it is just political decisions. It is really hard to affect how people work between themselves and between different teams. However, we are trying, and I think Cisco Duo has all the capabilities to improve and answer those needs. It can help a lot already to many, but it can help more. We are trying to do good work there, but people are people and unfortunately, some people do not really work the best with each other.

About 80% or a lot of phishing attacks go through email. Whenever users receive emails, those are phishing emails, and Cisco Duo does not really protect email. That is a solution that protects access to applications.

The whole email part is not covered, and I think when it comes to phishing, a lot of phishing attacks use the email vector. However, if we mean phishing attacks where attackers try to hijack MFA, Cisco Duo has done a lot of work there. For example, there are lots of features similar to conditional access in Microsoft. These include behavioral analytics, risk-based assessment, and configuration of things such as only trusted devices can be used to enter applications.

If somebody is using correct credentials to enter a website but the device is not that trusted and there is no certificate from Cisco Duo, it will be denied.

There is a great feature that is normally active by default called Bluetooth proximity. The phone, which is normally a second factor, and a laptop have to be located very close to each other. Bluetooth proximity helps against these phishing attacks, and it actually works on most devices. On Linux machines and more custom things, it is a bit harder, and there is no full support in there.

My company also uses Cisco Duo internally. We are Cisco partners, so we use a lot of Cisco products. We have all of the fancy features, like Cisco Duo Passport, which is a great tool when you authenticate once and then have single sign-on across all possible applications, across different browsers, and across different platforms. We use a lot of this, including Bluetooth proximity, and a lot of security features are configured in the background as well.

I have been using Cisco Duo for more than five years.

There are no performance issues. Cisco Duo provides 99.99% availability guarantee, which is very good.

Cisco Duo is not MSP ready by default. We had some requests from customers that wanted to make it global. For example, there was a customer located in different countries that wanted to have different admin panels, different dashboards, and completely fully isolated tenants between the countries. They wanted Austria to authenticate only in the Austrian tenant, Germany and so on. That is not possible by default. Cisco has to integrate it in the background and split it between AWS regions, but we have no overview at all of what they do. It would be great if they were fully MSP ready. That is a scalability issue, but it is possible, though not perfect.

Depending on the customer, if we have implemented Cisco Duo correctly or if my organization heavily relies on Cisco Duo, it cannot be gone in a minute because we rely on that. If we cannot have Cisco Duo anymore for some reason, we would need to migrate to another solution, and that would take a lot of effort.

There are solutions that can cover use cases of Cisco Duo, such as maybe Okta, though maybe not all of the use cases. Most of them can be covered, and the other use cases may be covered somehow elsewhere, but somewhat differently. That would be a big, massive effort to migrate from Cisco Duo.

Cisco Duo cannot be easily replaced. If you configure it correctly and it is a primary authentication source, then you federate with an IDP, for example, and you need to federate other things. The federation itself is a real, global, major change. That is a complete traffic outage of the whole company. That is really hard if you go this way of relying on Cisco Duo as a primary authentication source. Not every company does it. For some of them, it is a lot easier to replace Cisco Duo, depending on how many applications they secure. However, for some customers, that is practically possible, but it is a massive effort.

I think the setup for Cisco Duo is very straightforward. You have to understand the whole topic a bit, like what is possible and what is achievable. Cisco Duo is not only MFA; it is a real identity access management platform with a lot of security features in there.

It takes some time to explain all of those capabilities, but the setup itself is very straightforward. However, in most cases, this topic does not land on the side of Windows or Active Directory admins that already know a lot about identities. Most of the time, the MFA topic lands on the firewall team because they start by securing remote access VPN and securing access to devices like switches. They do not know that much about identity, so it takes some time to explain how it works. I would say it is just more of a positioning thing, but the setup itself is very easy. If it lands on a person that knows about identities because they worked with identities before, that is very self-explanatory.

It is hard to calculate, but one of the features that has really affected operational costs is the fact that Cisco Duo can be integrated pretty well with any SIEM solution, also Splunk, which belongs to Cisco.

SOC CDC teams that are doing security investigations rely on identities. Normally, it is relatively hard for them to get all of the possible identity logs. Sometimes it is just an IP address or the hostname. They get those logs from other systems or from the firewall. Cisco Duo adds this layer of identities. I know that SOC CDC colleagues spend a lot less time finding those identities and therefore reduce the whole operational cost. They would need less time finding out the identities and they can focus on other things. However, it is really hard to calculate because you need to take each individual customer, how many investigations that customer has, and how many it was without Cisco Duo and with Cisco Duo.

I think it did improve a lot of things. From the configuration perspective, they have added an AI assistant recently, like some months ago. I think that is also great. That helps some people that are starting to work with Cisco Duo to do those configurations faster.

The UI itself has developed a lot. There are a lot of explanations when you click on a button and when you see a feature, it explains it very well. That also helps to minimize the cost of configuration because some customers do not need to contact partners or somebody else more experienced. They can do a lot of things themselves, and I think they can do everything themselves. It is just that you have to read a bit, but it is not hard at all. Cisco is doing a great job in there.

Cisco Duo is trying to be cloud only with SaaS deployment. It would be great if they did it on-premises. Here in Europe, there are plenty of customers that would benefit greatly from Cisco Duo, but they do not want it because it is SaaS only. I am not saying that they should do the whole on-prem version, but they could maybe do a data plane on site, and the control plane could reside in the cloud as SaaS. However, the data plane could reside on-prem, and for many customers, that would be already enough to consider it. Sometimes it is really a security policy. They hear cloud and they say no.

Another thing that I am really looking forward to happening is integration with the Cisco Secure Firewall. That is in terms of identity intelligence, and those kinds of risks that are dynamically assessed by Cisco Identity Intelligence, which is part of Cisco Duo, could be shared with the secure firewall. However, the identities themselves and the mappings of which users are coming from where could be used, and that would also be fantastic. They do something similar with Secure Access. Cisco Duo integrates with Secure Access. However, there is room for improvement in there. I just do not know if they go that direction. I know a lot of people at Cisco because I work a lot with them. I know that they discuss it, and they want to integrate Cisco Duo more and more with Secure Access. I do not know if they plan for Secure Firewall. I hope they plan. It would be great to see more integrations in that area.

Cisco Duo is only a SaaS solution. There is nothing else.

Cisco Duo is still kind of an island in Cisco. It is another team and kind of another company in a company. I would say they are really good, and I have really great experience with those people. They are always helpful. In general, for customer experience, they are always trying to reach out to ask for feedback, and I see that they consider those feedbacks. I would rate them as a nine. Not a ten because it is hard to be everything ten.

Cisco Identity Intelligence, which is part of Cisco Duo, is a great feature that does a lot of security checks on all accounts, including machine accounts and agentic users. Depending on those checks, administrators get notifications, and based on those notifications, they can act.

I would rate Cisco Duo a nine because they can improve in some cases like everybody. However, I think it is a really good tool. They are trying now to really promote it. You get it kind of almost for free with some products. With Secure Access, you get it, and sometimes with a great discount. However, the whole story of Microsoft is really hard to compete with in general. If it was Okta, I am sure that Okta is also struggling to compete with Microsoft because they just come in, and everybody realizes that they give the authenticator capabilities for free. That is a hard conversation to have. The overall review rating for Cisco Duo is nine out of ten.

I use Cisco Duo for device management and logging in. We also use it for applications and single sign-on, and we have Duo Central for logging into our applications.

My favorite feature about Cisco Duo is the tiles, which we use for logging into all of our applications. We have a single point of management for all of our applications that we use to log into.

Cisco Duo has improved our operational efficiency and reduced costs in areas including authentication, IT support, and security operations. It performs its job for everything we're using it for. I would say it saved us from many incoming risks regarding fake devices. Our applications are secure, and anything that didn't offer security, we were able to secure, which was great.

Cisco Duo could improve in the area of applications. The generic option is what we've had to use for 90% of our needs. They don't have many pre-existing applications, so we have to do everything ourselves.

The product is great, but it is somewhat overpriced and overcomplicated. There are things they could improve; it feels somewhat archaic compared to other products.

I have been using this solution for about two years.

Regarding the stability of Cisco Duo, I experienced lagging, crashing, and downtime a few times, but they did send out warnings. They came back up within a reasonable amount of time, so I would say they are really good about that.

For scalability, Cisco Duo is quite good. I don't run into any problems with it, and they are pretty good about that.

I have never contacted technical support for Cisco Duo.

We were concerned about credential-based attacks before we decided to implement Cisco Duo. We have our own solution that goes through Mail Assure.

The initial deployment of Cisco Duo was difficult because setting up the original single sign-on was challenging.

It took me several hours across several days to deploy Cisco Duo for the first time because I kept giving up on the single sign-on. It was frustrating.

One person can deploy Cisco Duo.

Cisco Duo's visibility into identity-based risk has been really good. We conducted a practice scenario with something similar to spamming, where you get one request and then another one immediately. You assume it's legitimate, but it's not, and you pass it anyways. You could have been lazy about it.

Regarding the pricing of Cisco Duo, we are actually leaving because of that. It's something that we are not going to continue with due to the cost.

NinjaOne is our choice because it has everything all together in one package. It's at a more favorable price point, and it is easier to manage everything.

I didn't have anything from Cisco Duo regarding phishing attacks that I remember. I don't receive emails from them or any warnings that I recall. I don't remember them reaching out to us about that at all.

We do offer Cisco products as part of our package as an MSFP, but we no longer have an official partnership.

My overall review rating for Cisco Duo is 6.

My main use case for Cisco Duo is authentication. Currently, I am only using Cisco Duo for authentication, which is the first piece. I cannot comment on the whole architecture because I don't work on that team. I would say I'm using Cisco Duo as an added security layer.

I can only talk to the human identities because that's the use case I have seen. I don't think we have, or at least I don't know if we have deployed it for the agentic use case.

The feature I like the most about Cisco Duo is the iWatch.

The benefit of using Cisco Duo's features for my organization is better security. We don't have to worry about changing passwords very often and things of that nature. Overall, it improves our security posture.

To improve Cisco Duo, wherever the team can try to reduce the number of clicks an end user needs to go through to authenticate would be good. Otherwise, I think it's pretty flawless.

I have been using Cisco Duo for maybe six years.

In all my years of using Cisco Duo, I've had maybe a couple of issues here and there, but there are so many different options to authenticate using Cisco Duo, so if one is not working, I can always revert to another. Thus, we've been able to work around things, and they come back up pretty soon as well. I think it has performed better than any other cloud platform.

Cisco Duo has scaled well with the growing needs of my organization, and because it's a cloud-based platform, we haven't really had any issues scaling the solution. It's been fairly seamless.

I'm sure Cisco Duo's customer service and technical support are great, but I haven't had to call them, which is a good thing.

On a scale from one to 10, I would rate Cisco Duo's customer service and technical support a 10 just because I haven't had to use them, but I'm sure they are top-notch because they are a Cisco-based company.

Prior to adopting Cisco Duo, I don't think we used anything else beforehand in my company, but I've used other products whenever I've accessed things that other companies are hosting. I've used Okta and Microsoft, which are not very seamless compared to Cisco Duo.

I was not part of the deployment team, so I can't really comment on that, but as an end user, my experience with Cisco Duo was pretty seamless.

Cisco Duo has definitely improved my operational efficiency and reduced costs in areas like authentication and IT support, as evidenced by a reduction in security tickets since we don't see too many password change requests or forgotten password calls anymore. Everything is Cisco Duo authenticated these days, so that has been a very positive change.

If Cisco Duo were removed, I guess we will have to use an inferior product from somebody else. I don't know how that's going to impact the end-user experience, but it's probably going to be worse.

I'm not sure exactly how Cisco Duo has helped our organization become more resilient to phishing attacks, so I'm probably not the right person to ask that question. But I'm guessing because most of our apps are secured behind Cisco Duo for authentication, that helps overall with phishing.

Before implementing Cisco Duo, I was concerned about increasingly sophisticated phishing or credential-based attacks, but because Cisco Duo keeps up with all those threats and things of that nature, we feel fairly secure using Cisco Duo.

As my organization adopts and deploys AI agents, most of the platforms we are deploying are secured behind Cisco Duo authentication. I'm not sure if deploying the agents includes Cisco Duo for those agents or not, but all those platforms we are using are secured behind Cisco Duo for authentication.

Looking back, Cisco Duo has helped me evolve my IAM strategy from simple authentication to a more comprehensive identity security platform, though right now, the only use case I know is more human identification purposes. I'm pretty sure my company is looking into deploying it for agentic AI as well. Cisco Duo has helped me evolve my IAM strategy.

When evaluating my identity strategy, I was not looking for a standalone MFA tool but rather a comprehensive identity security platform. I'm pretty sure we selected Cisco Duo because of its capabilities, not just for authentication, but for the overall solution. I think Cisco Duo represents more of a comprehensive security solution rather than just a standalone MFA tool.

The end-user experience stood out to me in my evaluation process, which is why my company selected Cisco Duo. The key capabilities beyond MFA that led me to choose Cisco Duo as my primary identity security partner include the end-user experience and the MFA piece, as well as the fact that Cisco has many other security solutions and is a very trusted company. That helps the overall story because all the other solutions work seamlessly together, making Cisco Duo a great solution.

We have expanded our usage of Cisco Duo. On a scale from one to 10, I would rate Cisco Duo overall a 10 and advise other organizations to go for Cisco Duo. They've been solid over the years, and they innovate and come up with better security every time. I would give them a 10 out of 10. I would also say don't compromise on such a crucial security posture item by getting something that's free but also far less secure, like Microsoft. My overall review rating for Cisco Duo is 10 out of 10.

My main use case for Cisco Duo is authentication.

The feature I like the most about Cisco Duo is App Push.

Cisco Duo's App Push feature allows me to authenticate from my Apple Watch.

Cisco Duo has improved my operational efficiency and reduced costs in areas such as authentication, IT support, and security operations, as the ability to use App Push eliminated the need for text messages and additional costs for messaging, also lowering IT support costs because of the simplicity for the end-user experience.

I cannot think of any improvements or additional features that should be included in the next release of Cisco Duo.

However, I would say that Microsoft is somehow making it harder for Cisco Duo to do its job seamlessly with some of the hooks that Microsoft has in the OAuth connection.

I have been using Cisco Duo for 15 years.

I have not experienced any downtime, crashes, or performance issues with Cisco Duo.

Cisco Duo scales well with the growing needs of my organization, as the fact that Cisco is continuing to invest in Duo and bring things such as agentic authentication to the table allows us to continue using Cisco Duo.

I am not aware of any expanded usage of Cisco Duo yet.

Prior to adopting Cisco Duo, I was not using another solution to address similar needs, as Cisco Duo was the first two-factor authentication that I am aware of us using.

As my organization adopts and deploys AI agents, we have a team tackling the issue of agentic IAM to ensure that these non-human identities are secure, and Cisco Duo is a key part of the authentication strategy.

Cisco Duo has improved my operational efficiency and reduced costs in areas such as authentication, IT support, and security operations, as the ability to use App Push eliminated the need for text messages and additional costs for messaging, also lowering IT support costs because of the simplicity for the end-user experience.

I do not recall what other solutions we were considering before selecting Cisco Duo, but I think we made a good choice with Cisco Duo.

Microsoft was not one of those we considered; my search predates Microsoft's offerings in identity.

If Cisco Duo were removed, the impact on my ability to manage and secure access across my entire identity ecosystem would be that I would have to use something else.

I have no idea what steps my organization has taken to become more resistant to phishing attacks, and I am unsure how Cisco Duo's broader security approach has contributed to that effort.

I have no idea what types of phishing or credential-based attacks I was concerned about before implementing Cisco Duo, and I do not know how those threats have evolved.

Thus far, to my knowledge, we are using Cisco Duo primarily for human users, and I do not know that we have started for agentic users.

Cisco Duo has helped me evolve my IAM strategy from simple authentication to a more comprehensive identity security platform, as the more capable platform offers us more capable features.

When evaluating my identity strategy, I was initially looking for a point product, but as Cisco Duo has evolved from a point product into more of a platform, it has become more useful.

I rate this review a 10.

My main use cases for Cisco Duo are authentication and double authentication.

The features of Cisco Duo that I like the most are the simplicity. The benefits of these features to my organization include security components and security authentication components.

I think Cisco Duo could be improved by including email authentication, as there is currently only SMS, SMS push, and code generation, but having email authentication could be beneficial when you don't have a phone.

I have been using Cisco Duo for five years.

I would assess the stability and reliability of Cisco Duo as excellent, since I never had any problems. I have not noticed any downtimes, crashes, or performance issues from my perspective.

As for scaling with the growing needs of my organization, I think as we are growing, the number of licenses is assigned to the components, so it is just a matter of license.

Prior to adopting Cisco Duo, I don't know what Verizon was using before.

My experience with deployments was that I deployed this as an end user and it was seamlessly available on the App Store and any type of store. There was no problem with the deployment or initiating Cisco Duo on the phone.

I was not the one selecting Cisco Duo, but there were a couple of platforms that Verizon was considering, and they probably selected Cisco Duo because of the other Cisco ecosystem components.

The steps my organization has taken to become more resistant to phishing attacks include seamlessly integrating with all the ecosystem components we have from Cisco, Webex, and others, so it is an advantage as well.

Before implementing Cisco Duo, I was concerned about basic phishing and scam attacks. Cisco Duo fits into my broader security environment as we are using several Cisco software platforms like Webex and Duo, and it nicely falls into one full Cisco ecosystem.

I'm using it as an added security layer.

My ability to manage the security of both human users and non-human agentic identities across my environment has not improved by Cisco Duo's visibility to identify based risk, as I'm just a user of Duo and not looking from the policy perspective, so I don't have a view on any statistics or any policy.

Looking back, Cisco Duo has helped to evolve my IAM strategy from simple authentication to a more comprehensive identity security platform as we were always more concerned about how we build this second-factor authentication, and Cisco Duo perfectly fits into this gap in terms of push, SMS, and code generation.

When evaluating my identity strategy, I was looking for a more comprehensive security platform to manage identity, rather than a standalone MFA tool. Cisco Duo's broader IAM capabilities meet those needs as they are nicely integrated as part of the Cisco ecosystem that we currently have.

The key capabilities beyond the MFA that led to choosing Cisco Duo as my primary identity security partner are not entirely clear to me, but I think it was to extend and combine with the existing Cisco platform ecosystem that we have.

The advice I would give to another organization that's considering using Cisco Duo is that the simplicity of second-factor authentication is a big advantage, at least from the user perspective. I would rate this review an 8 out of 10.

Cisco Duo's main use case for us is dual authentication.

The security side of Cisco Duo is what I appreciate the most. Cisco Duo's authentication means people cannot get into our network without the second step.

Cisco Duo's visibility into identity-based risks improves our ability to manage the security of both human users and non-human entities, though distinguishing between them would be the hard part because from our point of view, everything appears human. However, you can often tell by the usernames that are attempted that it is not really a human.

Cisco Duo scales well with the growing needs of our organization, and we have expanded usage. Since we combined three different data centers into one, we purchased licenses for each side of it so we can log into each data center from one spot. Cisco Duo gave us that ability to do that, transitioning from one footprint to three.

Integration was probably the toughest part for us with Cisco Duo, as with any new product. We are looking at AI to integrate Cisco Duo with AI to make the integration more streamlined and user-friendly. As a network person, I am used to switching and routing. When it comes to Cisco Duo, it is more of a server setup instead of network configuration, so that was the hardest hurdle for us.

Since 1998, we have been using Cisco Duo. I believe we deployed it roughly in 2017.

I very rarely have experienced downtime with Cisco Duo. The only time that there is a holdup is when the internet connection to the phone delays the push notification, and that has really been the only issue.

My experience with Cisco Duo's customer support and technical support has been great. Anytime we have run into a hurdle where we cannot figure it out, technical support is right there and very quick. I rarely rate things at ten, so I give it a nine because I always see there is room for improvement.

For MFA, Cisco Duo was really the only thing that we had, and it was our first, so we did not have anything before it.

Our higher-ups looked at every possible avenue when selecting Cisco Duo, but it was the best fit for our topology, which is why we went with it.

My experience with Cisco Duo's deployment was minimal. I had input on it, but the team that actually did it was still part of the network team, and they do more of that kind of work. Since I am known on the switching and routing side, I had input on it, but I did not actually do it.

From my point of view, I do not see the pricing or setup cost side of it because purchasing deals with all of that. I am assuming that since they purchased it, Cisco Duo was one of the cheaper options. It also was the best fit for our network since we are mostly Cisco.

Before we got Cisco Duo, we were encountering everything from phishing to credential-based attacks. We would get global attempts where everybody would try to get into it, and it significantly reduced the volume by doing it that way. Using Active Directory accounts and then the second step with Cisco Duo made it so that they just could not get in.

If Cisco Duo were removed, it would be the old days where we just directly connected, and we do not want to do that anymore, even though it was faster and I liked it.

We use more than just Cisco Duo for phishing attacks, and we have multiple layers of different products that we use. Splunk is even one of them that we used in the past, so Cisco Duo helps with minimizing the amount of people trying to get into our network via VPN primarily.

We are not exploring AI at the moment, however, we are considering it. At the data center, we have not implemented anything with AI yet.

When evaluating our identity strategy, it came down to cost. We are cost recovery, so we have to do everything the cheapest way possible, which is why we still run seventeen-year-old products.

Cisco Duo has improved our operational efficiency, and the security side of it was really the biggest thing.

I rate Cisco Duo a nine because there is always room for improvement, no matter what.

For MFA, our main use case of Cisco Duo is to ensure secure access.

We use Cisco Duo for authenticating prior to connecting to VPN, integrating with our GlobalProtect, Palo Alto, and it really helps our organization.

Cisco Duo acts as a central point that integrates with our security products and tools, including our firewall.

The feature I like the most about Cisco Duo is the generated pin passcode.

If Cisco Duo were removed, it would be an issue with CJIS compliance for MFA issues, affecting our ability to manage and secure access across the entire identity of the ecosystem.

The upgrades and the updates we have with Cisco Duo, along with fixing our appliances that have the applications, have contributed to our efforts to become more resistant to phishing attacks.

The visibility of Cisco Duo into identity-based risk has improved my ability to manage the security of both human users and non-human users' identities across my environment; it is accurate, and it is a really good tool.

Looking back, Cisco Duo has helped me evolve our IAM strategy from simple authentication to a more comprehensive identity security platform, as it is easy to manage and integrates well with our current platforms and application programs.

Cisco Duo meets both federal and state compliance as well as the CJIS compliance, which is criminal justice compliance.

For the next release, Cisco Duo could be improved by adding touchless authentication and biometric features.

I have experienced some bugs with Cisco Duo, but the patches were able to fix them; when Duo releases those patches, we can patch Cisco Duo security on the server side.

Cisco Duo really scales well with the growing needs of our organization; it has been great and excellent.

When we expanded, the process with Cisco Duo was pretty much easy; everything was done within a day, and their tech support was easier to communicate with.

With Cisco Duo, I would say their customer service and technical support is a 10; they are really good.

Overall, I would rate their customer service and technical support a 10, as they are very easy to contact when I do tickets, getting a response within an hour, and their technical support is really friendly and professional with solutions to our issues.

Prior to adopting Cisco Duo, I was not using another solution to address similar needs.

I did not consider any other solutions before selecting Cisco Duo.

As our organization adopts and deploys AI agents, we are not there yet in our sector, in the public sector, but pretty soon we will catch up, and I am pretty much sure we are going to be still using Cisco Duo.

Cisco Duo fits as an added security layer in our broader security environment.

The key capabilities beyond the MFA that led me to choose Cisco Duo as our primary identity security partner was its easy integration into our current IT infrastructure.

Cisco Duo has improved our operational efficiency and reduced costs in areas such as authentication, IT support, and security operations by enhancing our security workflows; pretty much everyone is using MFA at work, making it easy for us to see who is actually accessing our network and computers.

The best advice I can give to another organization considering Cisco Duo is that it is user-friendly and easier to integrate into an IT infrastructure.

I would rate this review a 10.