Cisco Duo vs. IBM Cloud App ID

It is a very compete and solid solution Once it is in place, and you have configured the different settings and policies it is consistent and works well. It does take some time to work the kinks out. We had a Cisco support provider assist us while we stepped through the process of getting it set up.

Incentivized

Whenever you need to provide Security Provider functionality for a web based application it is well suited. You can also integrate with other directory services (e.g. SAML, Facebook, Google), but not so easily with other Auth0 based services. The customization of the login page is very intuitive, but does not allow much customisation. using the integrated Cloud Directory, you do not need to integrate with existing security providers and you can build up your own user base - including Multi-Factor Authentication settings and password policies.

Incentivized

• We use Cisco Duo with different type of device and application, but we never face any difficulties to integrate Cisco Duo with any of them.
• We integrated Cisco Duo with some of our active directory and some of the OS are quite old but Cisco Duo works totally fine with them.
• The end user application is very easy to use. We never had any complain from non tech team members of having trouble of using Cisco Duo.
• There are several authentication methods available rather than passcode. I personally like the push notification which is always on time and quite fast.

Incentivized

• Uses OIDC/OAuth, so the protocols for accessing user info and token management is familiar
• Clear pricing model
• API binds nicely with IBM Cloud Functions
• Billed as part of our IBM Cloud, along with our other services
• Front-end SDK for Vue, works well

Incentivized

• Documentation is oftentimes missing key information for proper implementation. This is circumvented by reading third-party guides or contacting support for additional details.
• They do not push Fail-Closed as much as I think they should. Fail-Open is fairly trivial to bypass and it should be made known to the customer during setup how much this will affect overall security.
• More vendor integration is something that is always craved by administrators. There are so many third-parties to integrate with.

Incentivized

• Pricing can be heavy on small organizations.
• User interface updates could be timely.
• Cloud services hangs at times, but very rarely.

Incentivized

There are a lot of competing solutions on the market; however, Duo "just works", and there is little to no learning curve for the new members to be acclimated to it. As long as that continues I see it as the preferred option moving forward

Incentivized

La interfaz es intuitiva y fácil de navegar, lo que permite a los usuarios administrar sus dispositivos y acceder a las políticas sin problemas. La integración con las aplicaciones SSO y SaaS facilita aún más el proceso de acceso, mejorando la experiencia del usuario.

Incentivized

In the last 5+ years we've been using Duo, there may have been 1 outage that impacted us. We do receive periodic notifications of issues but, for the most part, they impact carriers or functionality that we either don't use, or do not care about.

We do not see any degradation of performance of the protected applications. There are occasional lags in receiving the push but no show stooppers.

I have not needed direct support for Cisco Secure Access by Duo as I have not had a problem with it, but I have full confidence that the support is outstanding. It is now a core component of the corporate technology stack - a problem would mean a serious degradation in the ability of the company to function.

Incentivized

There was no in person training but checking the box was the only way I could complete all of the questions.

This was not organized training but the videos that Duo provides to teach you how to install a particular integration are top notch.

Implementation was straight forward and you can isolate different scenarios in order to test new application setup or add to an existing setup. Gui interface is pretty easy to understand and follow. I had no experience with Duo and still manage to easily set up new policies and rules.

Incentivized

I would fully expect a competitor like Okta or any other multifactor mechanic to function pretty similarly, and I hesitate to say duos the best. I think the idea is that it's a simple concept, but it does it well. So I haven't evaluated any myself outside of duo, but I'm also not in the market and I don't feel like we need to go shopping for something else.

Incentivized

Both the software have different use cases, like IBM Cloud App ID, which will be more suitable for internal websites and apps or specific event website authentications, Auth0 can be suitable for consumer websites, e-commerce sites, where social media login is preferred more by the users. Both have their own capabilities so can be chosen according to their needs.

Incentivized

So far, the only limits we've encountered were tied to our imagination. Duo's strong list of supported integrations is amazing.

• Assess user risk within minutes
• Cisco Secure Access by Duo cloud-based MFA eliminates the need for on-prem appliances and hardware; you don't need to invest in your data center
• There is no on-going maintenance or service costs, eliminating time to patch and update
• No required important IT time and extra resources beyond implementation

Incentivized

• This has had a positive impact on security while developing our company's first major application.
• It has impacted our development process heavily by making authentication simpler than ever.
• It has helped reduce time in our development process by having easy integration and useful guides.

Incentivized