1. Home
  2. Authentication Systems
  3. Cisco Duo Reviews
  4. User Review of Cisco Duo
Cisco Duo MFA: a simple yet effective tool to secure users and foil the bad guys
May 03, 2021

Cisco Duo MFA: a simple yet effective tool to secure users and foil the bad guys

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Duo Security

We use Duo Security across the organization as our multi-factor authentication (MFA) solution for users who are working remotely to connect to our corporate network using a Virtual Private Network (VPN). When users initiate a VPN connection, they receive a prompt on their personal cell phone or tablet asking them to accept or decline the connection attempt. We also use Duo to secure access to internal web resources that are made publicly available, such as our intranet and purchase requisition sites. Furthermore, we utilize Duo within the Information Systems (IS) department to secure access to servers.
  • Simple tool for end users to learn and to use.
  • Multiple uses--used to secure access to the network, websites, and servers.
  • No additional device requirements; users can easily use their own personal devices.
  • Active Directory sync--fairly straightforward to sync accounts from AD to Duo that should be using Duo.
  • The interface to secure web applications isn't as polished as the other interfaces.
  • Ability to switch devices is possible, but seems a little cumbersome--especially if the user is switching to a different OS.
  • Occasionally, it seems that Duo goes to sleep on a user's device so that they miss the authentication prompt. However, this doesn't happen very often.
  • Peace of mind--with Duo, we can relax (a little) knowing that our network is more secure.
  • Hosted solution--the implementation timeline was simplified since the configuration site is hosted by Cisco.
  • Improved security and accountability--with Duo, we have increased the security of our publicly facing resources; we have also increased the accountability of managing internal server resources by logging user access.
Duo is very easy to use from an end user's standpoint. Simply install and configure the app on a personal mobile device of your choosing. Then when MFA is required, look at your personal device and accept or decline the login request. I was not involved with the technical implementation of Duo, but it seemed fairly straightforward (it didn't take long for us to get up and running with it). We also keep expanding our use of it, which shows that it is a flexible tool that can offer increased security to a variety of applications.
We use Duo to secure access to our network when users are connecting via VPN. We also use it to secure internal web resources that are made available publicly, such as our company's intranet site and our site for submitting purchasing requests. Finally, we also use Duo to secure login attempts on our servers.
I actually don't have any experience with Duo's support team because I have had no cause to contact them. The co-worker who has been handling our implementation has been able to accomplish each task successfully and in a timely fashion, which leads me to believe that Duo's support must be pretty good or the product is merely that simple to implement.
It didn't take very long from the time we first licensed Duo to when we were implementing it for users. It was very important for us to begin using MFA as soon as possible once our workforce became distributed because of the pandemic. Cisco was able to get us licensed and using Duo in very little time.
We had an existing relationship with Cisco and we had become familiar with Duo previously because of that relationship. We didn't spend a lot of time evaluating other solutions because Duo seemed simple to use and met our requirements. I have seen the various devices other people use to implement MFA and they all seem cumbersome to me after having using Duo.
From a support standpoint, we see very few user issues with Duo. It's also fairly easy to rule out an issue with Duo when users are unable to connect to the VPN because of the Duo Dashboard website, which logs authentication requests. We can tell, using the Dashboard, if a user's login attempt is reaching Duo or if something upstream isn't working instead. Duo seemed pretty simple to implement and it immediately improved the security of our network by adding another layer of security when connecting remotely. The ability to secure remote connections became incredibly more important when a large portion of our workforce began working remotely because of the pandemic.