Cisco Duo vs. IBM Cloud App ID

Cisco Duo is extremely well-suited for someone wanting to add MFA to an on-premise Active Directory environment. Some of the other vendors in this space do provide this feature, but they do not natively support it. One of the top competitors in this space requires signing up with another third-party service to make this integration possible. Less moving parts for something as crucial as this is a huge benefit and having only one vendor to point fingers at makes troubleshooting much simpler.

Incentivized

Whenever you need to provide Security Provider functionality for a web based application it is well suited. You can also integrate with other directory services (e.g. SAML, Facebook, Google), but not so easily with other Auth0 based services. The customization of the login page is very intuitive, but does not allow much customisation. using the integrated Cloud Directory, you do not need to integrate with existing security providers and you can build up your own user base - including Multi-Factor Authentication settings and password policies.

Incentivized

• Speed - it's fast with almost no delay between triggering the MFA request and receiving the notification on an iPhone
• Security - in addition to the added MFA layer, a simple, 4-digit passcode can be added to the authentication request
• Ease of use - it doesn't scare users. It's simple to install, configure, and use.

Incentivized

• Uses OIDC/OAuth, so the protocols for accessing user info and token management is familiar
• Clear pricing model
• API binds nicely with IBM Cloud Functions
• Billed as part of our IBM Cloud, along with our other services
• Front-end SDK for Vue, works well

Incentivized

• If you need to integrate some legacy applications to Cisco Secure Access by Duo, it's not easy.
• If you want to have more detailed information and reports, you need to pay more for the licensing. The basic option is not enough.
• A constraint could be that each employee has to install it on their personal smartphone, which some don't like. But, there is an alternative using SMS, although sometimes it takes too long to receive the message.

Incentivized

• Pricing can be heavy on small organizations.
• User interface updates could be timely.
• Cloud services hangs at times, but very rarely.

Incentivized

There are a lot of competing solutions on the market; however, Duo "just works", and there is little to no learning curve for the new members to be acclimated to it. As long as that continues I see it as the preferred option moving forward

Incentivized

La interfaz es intuitiva y fácil de navegar, lo que permite a los usuarios administrar sus dispositivos y acceder a las políticas sin problemas. La integración con las aplicaciones SSO y SaaS facilita aún más el proceso de acceso, mejorando la experiencia del usuario.

Incentivized

In the last 5+ years we've been using Duo, there may have been 1 outage that impacted us. We do receive periodic notifications of issues but, for the most part, they impact carriers or functionality that we either don't use, or do not care about.

We do not see any degradation of performance of the protected applications. There are occasional lags in receiving the push but no show stooppers.

Since it’s a reputable company, I have received technical support when needed and I trust that if anything else happens I can contact them with any issues. I haven’t experienced bad customer service and I totally feel supported while using this authentication method. No complains so far and the high rating!

Incentivized

There was no in person training but checking the box was the only way I could complete all of the questions.

This was not organized training but the videos that Duo provides to teach you how to install a particular integration are top notch.

Implementation was straight forward and you can isolate different scenarios in order to test new application setup or add to an existing setup. Gui interface is pretty easy to understand and follow. I had no experience with Duo and still manage to easily set up new policies and rules.

Incentivized

Our school is based in Microsoft 365. Azure has a product built into their licensing (provided you have purchased the appropriate level or the add-on product.) The MFA in Azure is a work in process and doesn't offer broad integration options as Duo does. We didn't look into any other commercial products.

Incentivized

Both the software have different use cases, like IBM Cloud App ID, which will be more suitable for internal websites and apps or specific event website authentications, Auth0 can be suitable for consumer websites, e-commerce sites, where social media login is preferred more by the users. Both have their own capabilities so can be chosen according to their needs.

Incentivized

So far, the only limits we've encountered were tied to our imagination. Duo's strong list of supported integrations is amazing.

• Very positive ROI given it is inexpensive for a small group and helps us secure our most valuable IT assets.
• Lack of extreme policy granularity results in higher administrative overhead, as there is no middle ground (i.e. MFA every time or not at all).

Incentivized

• This has had a positive impact on security while developing our company's first major application.
• It has impacted our development process heavily by making authentication simpler than ever.
• It has helped reduce time in our development process by having easy integration and useful guides.

Incentivized