Cisco Defense Orchestrator Reviews
Cisco Defense Orchestrator is the #4 ranked solution of our top Firewall Security Management tools. It's rated 4.1 out of 5 stars, and is most commonly compared to Tufin - Cisco Defense Orchestrator vs Tufin
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
Jul 24 2019
What is most valuable?The simplicity, efficiency, and effectiveness of it are valuable. There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a… more »
How has it helped my organization?For one particular client, we had almost a 20 percent remediation on some of their equipment as a result of all kinds of attacks from the desktop department. We got them down to a zero percent… more »
What needs improvement?Some of the issues we've had aren't really a CDO problem. For example, we had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have… more »
What's my experience with pricing, setup cost, and licensing?If I had to say anything negative it's the price point. Clients who can't invest in the complete package, it's a disservice to them because they don't have everything. They don't have as many layers… more »
Which solution did I use previously and why did I switch?There's a lot of different stuff, solutions which integrate into companies' ticketing systems. It depends on what your needs are. Even stand-alone, with FirePOWER, Umbrella, and AMP for Endpoints… more »
What other advice do I have?As an engineer, I would say that if you can afford it, you will not be sorry that you invested in it. There's no question of whether it's going to deliver. The question is more from a value… more »
Aug 14 2019
What is most valuable?I don't stay in CDO all the time, so it's good that it shows what changes, if any, have been made by anybody else. That's a good feature.
How has it helped my organization?If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time. We've done that a couple of times and we've sped things up… more »
What needs improvement?We use it for limited changes, although I still don't find it one of the easier ways to make changes. I wish it was a lot easier for that. I have told Cisco about it before. We got it for… more »
Which solution did I use previously and why did I switch?We actually got it before we decided to buy it. I heard about it at Cisco Live about three years ago and brought it back here. We decided to try it out. We thought, "Man, it looks pretty good. Let's… more »
What other advice do I have?The biggest lesson I've learned from using CDO is, of course: Have a backup. And this gives us the means to have a backup. I think management was under the impression for a long time along the lines… more »
Which other solutions did I evaluate?I don't think our company looked into any other options.
Learn what your peers think about Cisco Defense Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,725 professionals have used our research since 2012.
Jul 26 2019
What is most valuable?The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at… more »
How has it helped my organization?There are two main aspects. One is that it makes it easier to make sure that things are consistent and that there aren't too many mistakes being made through a more manual process. The second aspect… more »
What needs improvement?In terms of bulk changes, specifically for accessing policies, there is one limitation which is especially annoying and at least one bug which hasn't been fixed. In terms of bulk changes for image… more »
Which solution did I use previously and why did I switch?Before, we were using a completely manual process which is obviously less efficient, but also more controllable. We chose how to do things, which is something we can't do anymore because of product… more »
What other advice do I have?Try it with realistic situations in your environment. Make sure that you're able to perform the tasks that you were doing before. In other words, make sure you don't lose capabilities because you're… more »
Which other solutions did I evaluate?Before settling on Defense Orchestrator, we evaluated two other similar products. One was another product from Cisco which turned out to be way too complex and lack some of the features that we… more »
Jul 26 2019
What is most valuable?The most valuable feature is being able to do centralized upgrades on the ASAs. We can literally go in and tick a bunch of ASAs - we have them grouped within their… more »
How has it helped my organization?It is saving us at least a week's worth of work because we can log in and instantly see what version all the ASAs are at and which ones need to be upgraded. If we have a… more »
What needs improvement?There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a… more »
What's my experience with pricing, setup cost, and licensing?It's around £500 per unit for a three-year license. We have 30 units but because we require availability, we only need one license per unit. With a high-availability pair… more »
Which solution did I use previously and why did I switch?This is the first solution of its kind in our organization. Before that, I was managing everything as a point solution. We came to the realization that we needed something… more »
What other advice do I have?For me, it was a very straightforward setup. It worked as described on the box. There are a few little issues that we've had. For example, when you create an object, you… more »
Which other solutions did I evaluate?We didn't evaluate any other options.
Aug 13 2019
What is most valuable?I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end… more »
How has it helped my organization?Ideally, I like CDO to be a central management tool for all my firewalls. It is not there completely, in my opinion, but I think it's going in that direction. I still do… more »
What needs improvement?The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them. I know they… more »
What's my experience with pricing, setup cost, and licensing?After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would… more »
Which solution did I use previously and why did I switch?I didn't use anything prior to CDO. I went to CDO for better management, central management. CDO was suggested to me and they gave me a free trial for a couple of devices… more »
What other advice do I have?It's fairly straightforward and I didn't run into any hiccups where I would say, "Hey, be aware that or be aware of this." The only advice I'd give is that if the device… more »
Which other solutions did I evaluate?I didn't assess any other options at the time but I'm familiar with a couple of them. I tried Tufin, but that's just an auditing tool. Another one was FireMon, but I… more »
Jan 07 2020
What is most valuable?The most valuable feature is the restore history. For any changes that you have backed up, if something goes wrong, then the system will automatically prevent the system from crashing or from loss of… more »
How has it helped my organization?When we are doing updates for security reasons, every six months we review certain companies. Before CDO, we had to spend hours and hours to update ten devices. Now, with one simple click, we select… more »
What needs improvement?CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that… more »
Which solution did I use previously and why did I switch?We have something different, but at this point we are mostly using CDO. We use Cyberhub only to monitor vulnerabilities. That's all it does. With CDO we try to do SSH and all the language. But CDO… more »
What other advice do I have?My advice is to try to gain more knowledge of SSH. CDO needs to improve monitoring and reporting. Every six months, we go in deep. We check the devices to make sure everything is working correctly. We… more »
Which other solutions did I evaluate?We did a few tests but I don't remember the names of the other products. What made CDO stand out is that you can do different devices at once. The other companies offered only one system. There was no… more »
Jul 25 2019
What is most valuable?The most valuable feature is that you can push one policy or one rule out to several devices at a time. That's pretty neat.
How has it helped my organization?It could improve things when I need to create an object and to create a new policy. Instead of logging into several devices, one at a time, I could push the policy at one time and mitigate, let's say… more »
What needs improvement?If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it… more »
What's my experience with pricing, setup cost, and licensing?I tried to see what the pricing is. What I could see it is that it is about a $100 per year for the ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516… more »
Which solution did I use previously and why did I switch?I'm using Cisco ISE, and I use Firewall Device Manager, and FireSIGHT Manager Center. I haven't worked with Defense Orchestrator in-depth as I have been with the FireSIGHT Manager Center (aka… more »
What other advice do I have?It's worth it to dive in. If you have an environment with several firewalls, more than five, I would recommend just doing it. The biggest lesson I've learned from using it is that you can configure… more »
Aug 14 2019
The rule usage is a nice feature, but we have problems with it staying in sync when logging into the device
What is most valuable?The rule usage is a nice feature. The ability to see the uptimes on the different VPNs that we have configured for site-to-site. The overarching policy as far as the rules go and the assessment that… more »
How has it helped my organization?It hasn't really improved our organization. It has been more like a PoC which was spun up and played with for a little while, and we haven't gotten back to it. I saw that it could simplify security… more »
What needs improvement?When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a… more »
What's my experience with pricing, setup cost, and licensing?It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours, but we didn't spin it up with the intent to permanently move over to it. It was just something our… more »
What other advice do I have?It was just something for us to spin up and look through, then see if it was something that could benefit us from a policy perspective by pushing policy out. It might have been able to, but it was a… more »
Which other solutions did I evaluate?We are still using FireMon as our firewall manager right now. FireMon is definitely a little more feature-rich. It definitely could get further into the rule base of it. We didn't use FireMon to… more »
See 4 More Cisco Defense Orchestrator Reviews
What is Cisco Defense Orchestrator?
Cisco Defense Orchestrator is a cloud based policy management solution to drive simple and consistent security policy across multiple Cisco security platforms.
Also known asCDO
Cisco Defense Orchestrator customers
Insurance Company of British Columbia, Shawmut