• Home
  • Cisco Defense Orchestrator vs. Tufin Orchestration Suite

Cisco Defense Orchestrator vs Tufin Orchestration Suite comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
Cisco Defense Orchestrator
Read 14 Cisco Defense Orchestrator reviews
1,040 views|315 comparisons
100% willing to recommend
Tufin Logo
Tufin Orchestration Suite
Read 180 Tufin Orchestration Suite reviews
11,518 views|6,668 comparisons
91% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cisco Defense Orchestrator vs. Tufin Orchestration Suite
May 2024
Executive Summary

We performed a comparison between Cisco Defense Orchestrator and Tufin Orchestration Suite based on real PeerSpot user reviews.

Find out in this report how the two Firewall Security Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Cisco Defense Orchestrator vs. Tufin Orchestration Suite Report (Updated: May 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
Todd Ellis
Provides visibility into entire infrastructure and bulk changes save time and resources
For one particular client, we had almost a 20 percent remediation on some of their equipment as a result of all kinds of attacks from the desktop... Read more →
Dominic Salzmann
Researched Cisco Defense Orchestrator but chose Tufin Orchestration Suite: Issue-free and straightforward to set up but is missing some features
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"When we're looking to the policies, it identifies the shadow rules. It notifies us about anything that will supersede other rules.""There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a little more complicated for people.""The bulk changes feature is definitely the most valuable.""This product provides excellent centralized device controls and reporting.""The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets.""Cisco Defense Orchestrator has useful guides for the steps that need to follow by users.""For this product, they are very uncharacteristically interested in resolving whatever issue the customer reports. They're really attentive, and they address whatever we bring up as quickly as they can. That's been a very positive aspect of the product.""We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."

More Cisco Defense Orchestrator Pros →

"Comparing the rules and policy browser is valuable to me. It gives me the ability to pull running configs and be able to analyze them without having to go directly into the firewall.""Visibility is its largest and most valuable feature. You can see everything or all the devices on the network for each customer. It provides you a larger view of what might be wrong with the network and how you can improve it with firewall rules, etc. If you are talking about secure change, being able to automate the entire change process is pretty much the winner for us. It is going to really reduce the time that it takes for us to do changes, and we can just go out and get more customers.""SecureChange makes our lives easier with automation.""We find it to be flexible. If we have a change that needs to be done, it will go ahead and do it for all our devices, regardless of the manufacturer that we have associated with it.""The most valuable feature of Tufin is rule analysis.""The time that we require to makes changes has been reduced from weeks to days.""It is very stable.""The clarity around the auditing provides the most value for us."

More Tufin Orchestration Suite Pros →

Cons
"They need to work on the user interface. It needs to be improved to make it more user-friendly.""If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it had that configuration." That view of new changes versus the old could be better... I had to log in manually, locally on the firewall, to check which version, which configuration was actually running. I couldn't see it in CDO.""We had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have been nice if it had been flagged for us: "Hey, these updates are failing because the MX is blocking it." It wasn't a huge problem, but there was a loss of our time as well as the fact that the updates didn't get pushed out... It would have been nice if CDO had let us know that that was an issue.""I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus.""CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring.""There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a change. If I make a change, I've then got to go back to submit and send the change.""The dashboard needs to be more customizable to provide better reporting for our network.""The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities."

More Cisco Defense Orchestrator Cons →

"We would like to see automation metrics, from a reporting standpoint. We would also like to see automation of site-to-site VPN tunnels. We would like to see automation of Check Point application-based firewall rules.""There was some complexity during the initial setup""They need to offer more support to vendors, such as Cisco, Checkpoint, Fortinet, and Forcepoint.""I would like to see API access into every aspect of Tufin.""There are things that could be explained a little better for somebody brand new to this system, which could be helpful, especially if it was in real-time while you were working in the system. Having the ability in real-time to be able to understand search query suggestions would be helpful.""I would like a better reporting feature and automatic alerting based upon rule changes.""The change impact analysis doesn't even get close to actually solving our problems. I am not impressed with it.""We were just talking to them about usage for the F5 platform. They will not be going after specific environments, but a more OpenAPI. They will have other companies write it, etc. It's a little different than I had expected."

More Tufin Orchestration Suite Cons →

Pricing and Cost Advice
  • "It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year."
  • "It's around £500 per unit for a three-year license."
  • "After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."
  • "It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."
  • "If you compare to what is available on the market, they are in the same range with respect to pricing."
  • "I work with a lot of clients, and the price or value of the Cisco Defense Orchestrator can vary from one client to another. If you have a lot of Cisco solutions, the price of the Cisco Defense Orchestrator is justified. Whereas if you have some security components from other vendors, such as Check Point or Palo Alto. This solution would be a pretty expensive proposition considering that they don't integrate with them well."

    • More Cisco Defense Orchestrator Pricing and Cost Advice →

  • "This solution helped us to reduce the time it takes to make changes. We used to spend up to an hour to do a change, and now, it's around five minutes."
  • "Tufin and AlgoSec were pretty much in the competitive price range, but this one provided us better integration into the Check Point environment."
  • "The solution has helped us to reduce the time it takes to make changes. With Tufin, it takes ten to 15 minutes. Before, it was 30 minutes or more."
  • "The solution has helped reduce the time it takes us to make changes. It helps make overall integrated changes immediately. It allows us to cut down at least a few hours in the week in regards to changes and monitoring."
  • "We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."
  • "Tufin makes things a little easier. It lessens the amount of manual work which we have to do. It has a lot of benefits in terms of revenues, profits, employee costs, and operational costs. We have already seen return on investment."
  • "This solution helps us reduce the time it takes us to make changes. We're probably saving time by 25%."
  • "Tufin reduced the time it takes to solve a problem, which reduces the time of the outage."

    • More Tufin Orchestration Suite Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Questions from the Community
    Ask a question

    Earn 20 points

    What do you like most about Tufin?
    Top Answer:The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over… more »
    Read all 91 answers   →
    What is your experience regarding pricing and costs for Tufin?
    Top Answer:Tuffin is expensive, and we have to explain to our customers the benefit for them to purchase. If we explain the benefits in the correct way they do not mind the price. We typically do costing for the… more »
    Read all 37 answers   →
    What needs improvement with Tufin?
    Top Answer:The reporting function could improve in Tufin. For our clients with companies that have strong compliance, reporting privacy data is mostly a problem. In the IT department, private data needs a… more »
    Read all 86 answers   →
    Ranking
    14th
    out of 17 in Firewall Security Management
    Views
    1,040
    Comparisons
    315
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    2nd
    out of 17 in Firewall Security Management
    Views
    11,518
    Comparisons
    6,668
    Reviews
    9
    Average Words per Review
    432
    Rating
    7.9
    Comparisons
    Also Known As
    CDO
    Tufin SecureCloud
    Learn More
    Cisco
    Video Not Available
    Tufin
    Interactive Demo
    Cisco
    Watch a demo
    Tufin
    Demo Not Available
    Overview

    Cisco Defense Orchestrator (CDO) is a cloud-based management solution designed to ensure streamlined and consistent security policies across the Cisco security portfolio. Specifically tailored to manage all Cisco Secure Firewall form factors (running either ASA or Firepower Threat Defense (FTD) software), CDO offers real-time visibility and troubleshooting capabilities, effectively enhancing overall network security.

    CDO addresses the challenges of migration, supporting transitions from on-premises to cloud environments and facilitating the shift from ASA to FTD configurations. As organizations embark on their cloud adoption journey, CDO simplifies provisioning workflows for remote branches, reduces operational expenditures related to inventory management, and offers scalability for multi-cloud deployments.

    Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines. 

    Sample Customers
    Insurance Company of British Columbia, Shawmut
    3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
    Top Industries
    REVIEWERS
    Manufacturing Company38%
    Computer Software Company13%
    University13%
    Consumer Goods Company13%
    VISITORS READING REVIEWS
    Computer Software Company45%
    Manufacturing Company7%
    Financial Services Firm6%
    Government5%
    REVIEWERS
    Financial Services Firm26%
    Comms Service Provider11%
    Healthcare Company7%
    Insurance Company7%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company17%
    Manufacturing Company7%
    Retailer6%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise21%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business11%
    Midsize Enterprise5%
    Large Enterprise84%
    REVIEWERS
    Small Business14%
    Midsize Enterprise7%
    Large Enterprise79%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise15%
    Large Enterprise69%
    Buyer's Guide
    Cisco Defense Orchestrator vs. Tufin Orchestration Suite
    May 2024
    Free Report: Cisco Defense Orchestrator vs. Tufin Orchestration Suite
    Find out what your peers are saying about Cisco Defense Orchestrator vs. Tufin Orchestration Suite and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,679 professionals have used our research since 2012.

    Cisco Defense Orchestrator is ranked 14th in Firewall Security Management while Tufin Orchestration Suite is ranked 2nd in Firewall Security Management with 180 reviews. Cisco Defense Orchestrator is rated 8.2, while Tufin Orchestration Suite is rated 8.0. The top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". Cisco Defense Orchestrator is most compared with AlgoSec, Palo Alto Networks Panorama and Azure Firewall Manager, whereas Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Skybox Security Suite, Palo Alto Networks Panorama and Opinnate. See our Cisco Defense Orchestrator vs. Tufin Orchestration Suite report.

    See our list of best Firewall Security Management vendors.

    We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.