Cisco Umbrella Room for Improvement

Syed Ali Wajahat
Sr Network and Security Consultant (SDN & Security) at a media company with 1,001-5,000 employees

Cisco Umbrella does not have a Malware Protection engine itself. It would be useful if they had a malware protection engine running inside their own VM.

They have some VM appliances with the installing enterprises for limited access for the DNS proxy to the cloud. If they had this feature running inside the VM, it would be much better.

It would improve this solution to have applications hosted on the cloud.

I would like to see the application that they promised. If you have an application running inside your environment, with multiple portals, as an example, we have our employee portal, ERP and some other portals. These portals will be accessed through the Cisco Umbrella Cloud, and the deployment will be a VPN-based deployment, Cisco Umbrella Cloud will be connected to your enterprise and afterward, you can just click on this application using Cisco Umbrella Cloud subscription, and you will have the access to your application anywhere in the world, and you don't have to publish it. You will save public IPs, and a lot of bandwidth because publishing requires bandwidth. 

All of the users from outside will be coming inside your environment and will be accessing the web servers, so there is no need to publish.

It will be some time before this feature is introduced. They are working on it and it is still not ready.

I would like to see IPS-based solutions. To have an IPS solution inside the Cisco Umbrella cloud. 

If there were an IPS product built inside the solution, it would be very good. It would be a one-box solution. With this one-box solution, you wouldn't need any extra security layers,  and you don't need any WAN solution.

There is a solution called Carbon Black. This solution can do sandboxing solution inside the PC. It checks the application which you are accessing, and what you are installing on your PC. It checks everything. It does a compliance check.

If these types of features are available on the Cisco Umbrella, so you wouldn't need any other solutions installed on your PC. It would be one solution that does everything together.  I would, like to see this.

View full review »
Technical Presales Consultant : Cisco Security at a computer software company with 201-500 employees

Data reporting is something I would like to see improved.  

Cisco is currently rolling out data centers for this type of solution. Currently, they do not have data centers everywhere. For example, they do have one in Singapore but they do not have one in India. My clients are in India and they find an issue of slowness in the services from the Singapore data center. Cisco is working on building a data center in India to address the issue but information about the completion of that project are lacking details.  

In the next release of Cisco Umbrella, I would like to see a DLP solution. That could be a feature someone can addon. But it should be a real Data Leakage Prevention solution to more securely handle the data.  

View full review »
NOC Lead at a tech services company with 11-50 employees

In the way we are using the solution it would be good for us if they would do some simplification of the analytics. They need to improve this feature so they have analytics to show the content of the user activity. I would like there to be some more analytics provided so that we can see the application routing and additional specific information. Those kinds of analytics can prove to be helpful in our security efforts. For me, this is the only thing that could be improved in Cisco Umbrella. They already have so many features that it is hard to imagine what else they can add.  

View full review »
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
501,818 professionals have used our research since 2012.
Ayman Totounji
Chief Executive Officer at Cynexlink, LLC

In the past, Cisco Umbrella has denied us access to secure websites. I haven't seen it lately, but they have blocked different legitimate websites. However, they have good tools that allow you to refresh and verify whether a website is legitimate or not. They have so many servers across the United States and even globally. I believe that it helps you to identify a website. 

In other words, the solution is good, we like it and we've been using it. We have a big customer of about 1,200 users and they're happy. The only thing I am not happy with is Cisco themselves. Not because of a technical or support issue, but because a division of Cisco poached one of my clients, stole them from me, which is completely unethical. When I talked to our account managers about it, they said there was nothing they could do about it because it was a different department. I said, "What do you mean different departments? This is my client and you guys went and provided them with a solution that I am already providing them?" So, that was a big deal for me. 

Also, I think Cisco Umbrella has an automatic push feature, which is the automated updating agent, but if I am wrong, they should get it.

View full review »
Security BDM UK at a tech services company with 51-200 employees

The API is very Cisco orientated, which is absolutely fine if you're using Cisco Firepower and SecureX kind of products, but if you want to integrate with third parties, it is a bit tricky. There are some key API connectors for the more prevalent SIEM tools.

I would really like to see in Cisco Umbrella the ability to create customized reports and then assign the rights to view these reports to people within a group. I should be able to create a customized report, which is viewable by anybody who has the rights. I should be able to create groups within Cisco Umbrella, and then assign reports to groups and have those reports split out automatically only to those groups. I can kind of do it by restricting my email list, but it is a half-complete way of doing it.

View full review »
Network Engineer & Security Specialist at a tech services company with 51-200 employees

There are always little items that can be fixed in any solution, however, I don't have any specific complaints.

The first time you set up the solution and have integrations, it may be a bit difficult, however, it gets easier.

The pricing could always be a little bit better.

View full review »
IT Systems Engineer at a financial services firm with 51-200 employees

Security, overall, can always be improved.

View full review »
Daniel Borbely
Network Specialist at Syswind Kft.

The product can be pretty expensive.

View full review »
Team Lead Network Infrastructure at a tech services company with 1-10 employees

There should be some sort of appliance for those customers who do not trust the cloud. Cisco Umbrella should introduce an on-premises device. 

Customers should have the ability to manage on-premises.

While support is provided, the response time could be faster.

View full review »
Senior Manager - Information Technology at Emami Ltd

Deep packet inspection features should be implemented. This solution does not give us full, 360-degree protection.

They should have a local data center available in India.

View full review »
CTO at a tech vendor with 11-50 employees

Looking at the full umbrella suite in the light of SASE, Secure Access Service Edge, they are clearly lacking in the inline CASB. Any line cloud access security broker has an API-based cloud access security broker, which is called CloudLock, but they're lacking the inline components, which are able to intercept traffic.

An on-premise DLP solution or integration with an on-premise DLP solution would be a nice addition. Also, more broad operating system support for endpoints would be an advantage.

View full review »
Andrew Ta
Network Engineer at LADWP

While technical support is good, there are features in the backend development side that were initially promised but are not there yet.

More granularity in the product would be helpful.

The reporting functionality should integrate better with SIEM products because it lets us report in PDF, but we want more flexibility.

Support for multiple domains is important to us.

View full review »
Victor Mejia

I can't think of a place where there is a gap in features. It seems to cover everything.

The pricing is a bit high. Being outside of the USA, we have issues with the exchange rate.

The solution could use more intelligence.

They likely could combine some of the AMP features that they already have in other AEM's for anti-malware purposes.

View full review »
Victor Mejia

I would like to see more intelligence built into Umbrella.

In the future, they should combine some of the Cisco AMP features that they already have, for anti-malware purposes.

View full review »
Cyber Security Consultant at a tech services company with 1,001-5,000 employees

It should have a real-time malware classification engine. It should check the malware on the website. It would be good if it had a real-time malware check for the websites because currently, it just compares the DNS queries of the blacklist. 

It should also have malware control over file execution and the types of files that the users are allowed to download.

View full review »
Global Security at a manufacturing company with 501-1,000 employees

The reporting could be improved by way of the information that's displayed. For example, when you pull a report, it shows an internal employee going to many websites, but you can spin that right down by saying a lot of it is being cached. So for example, if you go to, that would then not only pull the MSN domain down, but it would also bring back all the ads and the adverts. It looks like you've been to 30, 40 websites when in actual fact you've only been to one. They should narrow it down.

View full review »
Hasnae Lamrani Alaoui
Presales Engineer at DataProtect

This solution is difficult to configure.

I would like to see a graphical representation of the entire network. For example, the network topography that shows connections to the server, as well as the communication that is coming into and going out of Umbrella.

View full review »
Project Delivery Coordinator at a media company with 201-500 employees

We would like to see the enhancements made to the EDR, as we see features that are running endpoint management. For example, If you want to have this feature included, you will also need another product such as Kaspersky.

If it can come included with Cisco Umbrella, it would be a good point to have.

View full review »
Shadi Alyounes
Security Tem Leader at a tech services company with 501-1,000 employees

We would like to improve nothing in particular on Cisco Umbrella.  They are very good.

View full review »
Security Engineering Senior Manager at a retailer with 10,001+ employees

I would like to see DLP integration in the next release of this solution. Including this would give us headroom with some of the infrastructures that we have today.

View full review »
Consultant at a computer software company with 1,001-5,000 employees

I think it's a very basic solution, and because of that, we provide it to the small business market. Cisco Umbrella would not be a suitable solution for large companies.

In the next release, integration or shoulder, for example, to a firewall on-premises using Cisco Umbrella to connect would be good. If possible, it would be good to take the weight off the shoulder of the solutions.

View full review »
Senior Manager - Information Technology at Emami Ltd

It could be improved by having a local data center and caching, which can provide protection support. I would like to be able to channel my intel and my network traffic to their clouds, and this feature is not available. Advanced protection or any malware file support, which might be required, is not available.

View full review »
Network Consultant at a security firm with 51-200 employees

I would like them to make some videos, practical videos, the kind with steps that people can use to learn and deploy.

View full review »
General Manager at a mining and metals company with 10,001+ employees

The detection of wireless attacks or targeted attacks reports many false rates. This is an area that needs some improvement.

It should be more specific. This can help the customers to know the exact incident details.

The intel logs and the incident proactive security incidents for targeted attacks are also something that needs to be improved.

If the security issues are taken care of it would be better.

View full review »
Sean Cottman
Chief Enterprise Architect at Expanded Reality

Improvements could be made with the user interface, it could be a little smoother and more intuitive.

View full review »
System Engineer at a non-profit with 10,001+ employees

The different levels of security, such as backend security and internet security, need improvement.

In the next release, I would like to see the integration of VDI NSX with Cisco Umbrella.

View full review »
Mohammed Omer
Solutions Pvt at iDesign Data Solutions Pvt.Ltd.

I would like to see integration with SecurNX in the future.

View full review »
Head of Business Solutions, UK&I at a comms service provider with 10,001+ employees

It's a very new product, so it's quite immature at the moment. It can be more user friendly.

View full review »
Tetsuya Suenaga
Manager and Senior Consultant at NTT DATA

There should be some programs for the POC phase.

I would like to see more integration between Cisco Umbrella and Cisco DNA center

View full review »
Learn what your peers think about Cisco Umbrella. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
501,818 professionals have used our research since 2012.