Cisco Defense Orchestrator Overview

Cisco Defense Orchestrator is the #7 ranked solution in our list of top Firewall Security Management tools. It is most often compared to Tufin: Cisco Defense Orchestrator vs Tufin

What is Cisco Defense Orchestrator?

Cisco Defense Orchestrator is a cloud based policy management solution to drive simple and consistent security policy across multiple Cisco security platforms.

Cisco Defense Orchestrator is also known as CDO.

Cisco Defense Orchestrator Buyer's Guide

Download the Cisco Defense Orchestrator Buyer's Guide including reviews and more. Updated: July 2021

Cisco Defense Orchestrator Customers

Insurance Company of British Columbia, Shawmut

Cisco Defense Orchestrator Video

Pricing Advice

What users are saying about Cisco Defense Orchestrator pricing:
  • "After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."
  • "It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."
  • "If you compare to what is available on the market, they are in the same range with respect to pricing."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Dave Klunk
Network Security Engineer at a manufacturing company with 10,001+ employees
Real User
Top 20
If a firewall goes down, we can pull the latest configuration and get it back up quickly

What is our primary use case?

The primary use case for it is to verify that we have connectivity with the systems that we put into it. We also use it for configuration backup.

Pros and Cons

  • "If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time."
  • "We have quite a few Active Stone by pairs. If they fail over... I'll see that there's a change on it and I'll have a look. The only change on it is that now this one is the standby, it took over the active role. I can go into that firewall and find out what happened... and troubleshoot based on that. That's pretty cool too."
  • "I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus."

What other advice do I have?

The biggest lesson I've learned from using CDO is, of course: Have a backup. And this gives us the means to have a backup. I think management was under the impression for a long time along the lines of, "Hey, you've got backup on your hard drive for all this stuff don't you?" And the answer was "no." There was an expectation in other areas, things they assumed we were doing but that we couldn't do. Ultimately, it's like you tell anybody with any form of data storage: Back up, back up, back up. We weren't doing backups, we didn't have a way to do backups, and this gave us that opportunity…
HK
Sr. Network Engineer at Vocera
Real User
Upgrade feature is valuable to me because I have dual ASAs

What is our primary use case?

What I take primarily take advantage of are ASA upgrades. I also use it, sometimes, to see other backups, because each time there's a configuration change, it creates a backup for it. I also check out conflicts or unused rules. But I mostly use it for ASA, for management.

Pros and Cons

  • "I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end and I don't really have to be involved. I just initiate, pick the image, and I pick when I want it done and it just does it, whether I have a single ASA or have a dual ASA."
  • "The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities."

What other advice do I have?

It's fairly straightforward and I didn't run into any hiccups where I would say, "Hey, be aware that or be aware of this." The only advice I'd give is that if the device is out of sync, be aware of which configuration you want to keep: the one on your outer-band, that you did on the ASA, or the one that you did here. That's something to be aware of. Other than that, I think it's pretty straightforward. The support for ASA makes management somewhat easier, but I don't have a basic template for all our sites because each site is different. I would only use a template if I were to bring on a new…
Learn what your peers think about Cisco Defense Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
524,194 professionals have used our research since 2012.
Jairo Mendes
Network and Security Specialist at Connected Technology, LLC
Real User
Top 20
Restore history automatically prevents system crashes, but reporting and monitoring need work

What is our primary use case?

We manage all ASA devices, from versions 5506 to 5516, through CDO.

Pros and Cons

  • "We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."
  • "CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring."

What other advice do I have?

My advice is to try to gain more knowledge of SSH. CDO needs to improve monitoring and reporting. Every six months, we go in deep. We check the devices to make sure everything is working correctly. We have another system, not related to CDO, which is alerting us if something is not working correctly. It runs daily. For example, if we find any ASAs with vulnerabilities, we take the information from that third-party software and go to CDO and again do the update for all the devices that are affected. We're not using CDO for firewall builds or daily management of existing files. It is not as…
JS
Network Engineer at a healthcare company with 10,001+ employees
Real User
The rule usage is a nice feature, but we have problems with it staying in sync when logging into the device

What is our primary use case?

We have it set up to test to look at policy from an overarching perspective. Then, we are hoping to use it for policy push, such as making both changes across different firewalls, but we haven't gotten to that point yet. We have the on-prem relay, and then that connects into the cloud for Cisco Defense Orchestrator (CDO), We deployed the most recent version about a year ago. We don't use it on a day-to-day basis. It's not something that we really spend a lot of time reviewing. I just haven't had time to sit down with it.

Pros and Cons

  • "The initial setup was straightforward. We spun up the VM onsite. We generated the key that it needed to talk to the Cloud Orchestrator. After that, as I started adding devices, it was relatively quick and easy."
  • "The ability to see the uptimes on the different VPNs that we have configured for site-to-site."
  • "When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."

What other advice do I have?

It was just something for us to spin up and look through, then see if it was something that could benefit us from a policy perspective by pushing policy out. It might have been able to, but it was a little cumbersome to select firewalls. We just didn't go through and spend a lot of time with it. With the security features around storing firewall configurations in the cloud, I sort of go back and forth on it. you are putting a configuration out there on the cloud for somebody to read. However, it is a private cloud that Cisco manages, so all we can really do is hold Cisco accountable if…
IS
Network Administrator at Texas Hydraulics
Real User
Enables me to create a standard for access rules across all my devices

What is our primary use case?

I use it to manage my group of firewalls, and I make some configuration changes with it. If I have to update multiple devices at one time I will use it as well.

Pros and Cons

  • "The bulk changes feature is definitely the most valuable."
  • "It should have more features to manage FirePOWER appliances."

What other advice do I have?

It's just a good product to have. In terms of CDO's security features around storing firewall configurations in the cloud, I haven't delved into that yet. I plan to get into it this month, but I haven't logged into it yet. I still use the ASDM a lot of times. I also have a FirePOWER which most of the firewalls are in and I will the FirePOWER Management Center for that because Orchestrator doesn't manage it quite as well. For firewall builds and daily management of existing firewalls, I normally use FirePOWER, as far as monitoring goes.
Hasnae Lamrani Alaoui
Presales Engineer at DataProtect
Real User
Top 10
Good network visibility and assists with re-routing blocked traffic

What is our primary use case?

This is part of our network orchestration solution. It allows us to optimize our network. For example, if I want to communicate with a laptop, this solution gives us a way to route the communication. We have a public cloud deployment using Microsoft Azure.

Pros and Cons

  • "If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing."
  • "The dashboard needs to be more customizable to provide better reporting for our network."

What other advice do I have?

My advice for anybody who is researching this solution is to consider the advantages that it provides in terms of infrastructure. It is easy to configure administrators and other users who can generate reports and check the dashboard. For the moment, this solution meets our needs and I cannot think of any additional features that should be added. I would rate this solution an eight out of ten.
BinhNguyen1
Product Consultant at a tech services company with 501-1,000 employees
Reseller
Top 10
A simple and centralized way to manage all products

What is our primary use case?

We provide consultation for all Cisco solutions. We give consultations to customers for buying a preventive solution like Cisco Email Security, Cisco IronPort, Cisco Security, Cisco Web Security.

Pros and Cons

  • "With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products."
  • "They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."

What other advice do I have?

I would recommend Cisco Defense Orchestrator. Cisco is a very good company and has a reputation. They can provide a comprehensive solution to customers. They have a lot of defense solutions for the network and endpoint security. Cisco buys a lot of solutions and has a lot of acquisitions. When they combine them into one central management, the setup can be quite complex. I would rate Cisco Defense Orchestrator an eight out of ten.
FZ
Cyber Security Pre-Sales Consultant at a tech services company with 51-200 employees
Consultant
Top 5
Comparably priced with good support and the intrusion prevention works well

What is our primary use case?

We are using this solution for filtering and blocking some websites. It's a firewall. This is the main tool for network segmentation and intrusion prevention. It blocks malware and malicious activity.

Pros and Cons

  • "The most valuable feature is the Intrusion prevention."
  • "They need to work on the user interface. It needs to be improved to make it more user-friendly."

What other advice do I have?

I would recommend this product to anyone who is interested in using it. I would rate this solution an eight out of ten.