Cisco Umbrella only does DNS and not IP Management. Moreover, it's DNS is cloud based and requires a local dns resolver. So it makes no sense in having only Cisco Umbrella without infoblox.
Well suited to networks that include Active directory, as you can hook it into the directory to allow you to target specific users and computers. Not particularly well suited to personal users due to the price point, and also not well suited to organisations with disorganised IT, since the system can be bypassed simply by changing the DNS server of the device. You need a dedicated IT department to ensure these sorts of settings are locked down
We have been using Infoblox DDI for 10+ years at Pitney Bowes. The experience has improved gradually. As far as DNS and DHCP go, they are amongst the top ones offering this service. The support is great and downtime is minimal. The IPAM is always scanning the network to update the IP database. The caching servers reduce the lookups towards the internet. All in all, this is a must-have in every data center.
Umbrella Virtual Appliances have been buggy in resolving local domain hosts.
Integration between other Cisco and Meraki products is complicated.
Reporting is not always accurate; for example, if you configure a Meraki access point to use an Umbrella Virtual Appliance, you lose device reporting. All reporting shows up under the AP's IP.
First off I never give anything a "10" unless it's perfect. LOL - I grade on the curve. I think OpenDNS/Umbrella is a very good product. I think that fact that Cisco absorbed them is one of the proofs of that. I have used the product back when it was free for companies our size. I have not always appreciated the cost - but in the post pandemic cyber chaos, I believe the cost benefit ratio is still very high. I have honestly not looked at other products because Umbrella continues to work to my satisfaction. I consider Umbrella to be one of the key layers in my cyber security strategy.
The product was easy to install and get running. To maintain the product is also a simple matter of maintaining lists of wanted and unwanted domains or URLs. The basic and advanced security features all do what they are intended to do with no known erroneous outcomes
It's generally easy to navigate through all of the menus. It's also very powerful in that there are many options available for configuration, allowing one to take advantage of IP address management tools. This tool is definitely a leader in the space, and provided you have the budget, is a very good investment. The team that uses it will appreciate the tool.
Cisco Umbrella's availability was great, they got back to me in less than an hour to get my problem solved.
We needed to get our Meraki AP's hooked up to Cisco Umbrella to monitor that specific traffic and they got back to me promptly, they guided me and explained every question I had.
Accessibility to support executives those are having great product knowledge and able to resolve most of the issues related to configuration or operation at their level only and in very few cases it need to be escalated to next level and most of the issues were resolved at first level itself.
Generally, the support is very good. For comparison, for networking people the company that begins with a "C" and has 5 letters has some of the best support, and Infoblox support is comparable. I had a very complex tier 3 issue, where I was working with their SME on the issue for several weeks before we were able to resolve it. In this particular issue, we had to make a change and let it work for several days before we could determine if we were getting the desired outcome. Infoblox worked with me throughout the whole process.
The implementation just required us a bit of study because there are a lot of options and configurations available. I believe that the interface could be a bit better, but it works fine. We did an initial setup and only need to do changes when a new demand appears. Other than that, we just keep it running.
We used a product before this called iPrism by EdgeWave and also briefly tried Barracuda Web Security in the cloud. We were having such a large influx of service desk calls about proxy-based layer 7 web filters that we wanted to step back and pick something more at the DNS level, to protect our employees but not hover over their social media use, etc. Cisco will also employ a layer 7 proxy if a site is suspicious, which does require us to push a certificate out should we want that feature. For most policies we have it enabled.
We previously used Microsoft DHCP. Infoblox DDI is head and shoulders better than Microsoft for DHCP and IPAM. Its is much more robust, easy to use, and reliable. The added features of DNS and TFTP are a bonus for what we are doing. It can easily be expanded for multiple locations with its grid architecture.
Saved us lots of technician time dealing w/ Malware and virus issues, I don't think we've had a malware incident this year for example. This was the main reason we bought the product in the first place. We've renewed 2 times because we see the value.
Umbrella helped us reduce the risk of CryptoLocker variants infecting our clients.
This is a crown piece of infrastructure for us. Downtime on this would cause a network down for us. Fortunately, this has been working well for us till now.
The support is also very good, Patching does require some downtime and reboots though
