Cisco Defense Orchestrator Review

Enables me to create a standard for access rules across all my devices

What is our primary use case?

I use it to manage my group of firewalls, and I make some configuration changes with it. If I have to update multiple devices at one time I will use it as well.

How has it helped my organization?

Its ability to make bulk changes makes it much easier, that's for sure, when I have to upgrade multiple clients. Although I don't update too often, maybe every six months, it saves me 20 minutes per device for the four devices we have.

It also helps that I'm able to look at synchronizing my configuration across all of the devices. When it comes to configuration of my access rules, it allows me to create a standard across all of them.

Our security team is just me, one guy. We're a pretty small organization. But in a way, it has made me more productive.

In addition, its support for ASA, FTD, and Meraki MX helps maintain consistent security.

What is most valuable?

  • The bulk changes feature is definitely the most valuable. 
  • Being able to look at the configuration before and after the change is made, is helpful.

What needs improvement?

They should make it more of a one-stop shop for everything. It should have more features to manage FirePOWER appliances.

For how long have I used the solution?

We've been using CDO ( /products/cisco-defense-orchestrator-reviews ) for about two years.

What do I think about the stability of the solution?

I'm pretty impressed with the stability. It hasn't broken on me. I'm pretty satisfied.

What do I think about the scalability of the solution?

Since I only have the four devices I really haven't done anything on a mass scale. I can see us possibly increasing usage in the future.

How are customer service and technical support?

I haven't used tech support.

Which solution did I use previously and why did I switch?

We didn't have a previous solution.

How was the initial setup?

The initial setup was pretty straightforward. I had one of the guys from Cisco show me how to onboard one device, and I was able to get the others onboard within about five minutes. There wasn't really an implementation strategy. He just showed me how to do one device at a time.

What other advice do I have?

It's just a good product to have.

In terms of CDO's security features around storing firewall configurations in the cloud, I haven't delved into that yet. I plan to get into it this month, but I haven't logged into it yet. I still use the ASDM a lot of times. I also have a FirePOWER which most of the firewalls are in and I will the FirePOWER Management Center for that because Orchestrator doesn't manage it quite as well. For firewall builds and daily management of existing firewalls, I normally use FirePOWER, as far as monitoring goes.

**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
More Cisco Defense Orchestrator reviews from users
...who compared it with FireMon
Learn what your peers think about Cisco Defense Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
523,372 professionals have used our research since 2012.
Add a Comment
ITCS user