Cisco Defense Orchestrator Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Todd Ellis
Real User
CTO at Secure Networkers
Jul 24 2019

What is most valuable?

The simplicity, efficiency, and effectiveness of it are valuable. There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a… more»

How has it helped my organization?

For one particular client, we had almost a 20 percent remediation on some of their equipment as a result of all kinds of attacks from the desktop department. We got them down to a zero percent… more»

What needs improvement?

Some of the issues we've had aren't really a CDO problem. For example, we had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have… more»

What's my experience with pricing, setup cost, and licensing?

If I had to say anything negative it's the price point. Clients who can't invest in the complete package, it's a disservice to them because they don't have everything. They don't have as many layers… more»

If you previously used a different solution, which one did you use and why did you switch?

There's a lot of different stuff, solutions which integrate into companies' ticketing systems. It depends on what your needs are. Even stand-alone, with FirePOWER, Umbrella, and AMP for Endpoints… more»

What other advice do I have?

As an engineer, I would say that if you can afford it, you will not be sorry that you invested in it. There's no question of whether it's going to deliver. The question is more from a value… more»
Dave Klunk
Real User
Network Security Engineer at a manufacturing company with 10,001+ employees
Aug 14 2019

What is most valuable?

I don't stay in CDO all the time, so it's good that it shows what changes, if any, have been made by anybody else. That's a good feature.

How has it helped my organization?

If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time. We've done that a couple of times and we've sped things up… more»

What needs improvement?

We use it for limited changes, although I still don't find it one of the easier ways to make changes. I wish it was a lot easier for that. I have told Cisco about it before. We got it for… more»

If you previously used a different solution, which one did you use and why did you switch?

We actually got it before we decided to buy it. I heard about it at Cisco Live about three years ago and brought it back here. We decided to try it out. We thought, "Man, it looks pretty good. Let's… more»

What other advice do I have?

The biggest lesson I've learned from using CDO is, of course: Have a backup. And this gives us the means to have a backup. I think management was under the impression for a long time along the lines… more»

Which other solutions did I evaluate?

I don't think our company looked into any other options.
Find out what your peers are saying about Cisco, Tufin, FireMon and others in Firewall Security Management. Updated: October 2019.
372,906 professionals have used our research since 2012.
Real User
Systems Architect at a university with 1,001-5,000 employees
Jul 26 2019

What is most valuable?

The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at… more»

How has it helped my organization?

There are two main aspects. One is that it makes it easier to make sure that things are consistent and that there aren't too many mistakes being made through a more manual process. The second aspect… more»

What needs improvement?

In terms of bulk changes, specifically for accessing policies, there is one limitation which is especially annoying and at least one bug which hasn't been fixed. In terms of bulk changes for image… more»

If you previously used a different solution, which one did you use and why did you switch?

Before, we were using a completely manual process which is obviously less efficient, but also more controllable. We chose how to do things, which is something we can't do anymore because of product… more»

What other advice do I have?

Try it with realistic situations in your environment. Make sure that you're able to perform the tasks that you were doing before. In other words, make sure you don't lose capabilities because you're… more»

Which other solutions did I evaluate?

Before settling on Defense Orchestrator, we evaluated two other similar products. One was another product from Cisco which turned out to be way too complex and lack some of the features that we… more»
Richard Barton
Real User
Network and Data Centre Platform Manager at a manufacturing company with 1,001-5,000 employees
Jul 26 2019

What is most valuable?

The most valuable feature is being able to do centralized upgrades on the ASAs. We can literally go in and tick a bunch of ASAs - we have them grouped within their… more»

How has it helped my organization?

It is saving us at least a week's worth of work because we can log in and instantly see what version all the ASAs are at and which ones need to be upgraded. If we have a… more»

What needs improvement?

There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a… more»

What's my experience with pricing, setup cost, and licensing?

It's around £500 per unit for a three-year license. We have 30 units but because we require availability, we only need one license per unit. With a high-availability pair… more»

If you previously used a different solution, which one did you use and why did you switch?

This is the first solution of its kind in our organization. Before that, I was managing everything as a point solution. We came to the realization that we needed something… more»

What other advice do I have?

For me, it was a very straightforward setup. It worked as described on the box. There are a few little issues that we've had. For example, when you create an object, you… more»

Which other solutions did I evaluate?

We didn't evaluate any other options.
Hamed Khakipour
Real User
Sr. Network Engineer at Vocera
Aug 13 2019

What is most valuable?

I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end… more»

How has it helped my organization?

Ideally, I like CDO to be a central management tool for all my firewalls. It is not there completely, in my opinion, but I think it's going in that direction. I still do… more»

What needs improvement?

The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them. I know they… more»

What's my experience with pricing, setup cost, and licensing?

After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would… more»

If you previously used a different solution, which one did you use and why did you switch?

I didn't use anything prior to CDO. I went to CDO for better management, central management. CDO was suggested to me and they gave me a free trial for a couple of devices… more»

What other advice do I have?

It's fairly straightforward and I didn't run into any hiccups where I would say, "Hey, be aware that or be aware of this." The only advice I'd give is that if the device… more»

Which other solutions did I evaluate?

I didn't assess any other options at the time but I'm familiar with a couple of them. I tried Tufin, but that's just an auditing tool. Another one was FireMon, but I… more»
Jairo Mendes
Real User
Network and Security Specialist at Connected Technology, LLC
Aug 13 2019

What is most valuable?

The most valuable feature is the restore history. For any changes that you have backed up, if something goes wrong, then the system will automatically prevent the system from crashing or from loss of… more»

How has it helped my organization?

When we are doing updates for security reasons, every six months we review certain companies. Before CDO, we had to spend hours and hours to update ten devices. Now, with one simple click, we select… more»

What needs improvement?

CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that… more»

If you previously used a different solution, which one did you use and why did you switch?

We have something different, but at this point we are mostly using CDO. We use Cyberhub only to monitor vulnerabilities. That's all it does. With CDO we try to do SSH and all the language. But CDO… more»

What other advice do I have?

My advice is to try to gain more knowledge of SSH. CDO needs to improve monitoring and reporting. Every six months, we go in deep. We check the devices to make sure everything is working correctly. We… more»

Which other solutions did I evaluate?

We did a few tests but I don't remember the names of the other products. What made CDO stand out is that you can do different devices at once. The other companies offered only one system. There was no… more»
AndreasForby
Real User
Systems Engineer at a tech services company with 11-50 employees
Jul 25 2019

What is most valuable?

The most valuable feature is that you can push one policy or one rule out to several devices at a time. That's pretty neat.

How has it helped my organization?

It could improve things when I need to create an object and to create a new policy. Instead of logging into several devices, one at a time, I could push the policy at one time and mitigate, let's say… more»

What needs improvement?

If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it… more»

What's my experience with pricing, setup cost, and licensing?

I tried to see what the pricing is. What I could see it is that it is about a $100 per year for the ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516… more»

If you previously used a different solution, which one did you use and why did you switch?

I'm using Cisco ISE, and I use Firewall Device Manager, and FireSIGHT Manager Center. I haven't worked with Defense Orchestrator in-depth as I have been with the FireSIGHT Manager Center (aka… more»

What other advice do I have?

It's worth it to dive in. If you have an environment with several firewalls, more than five, I would recommend just doing it. The biggest lesson I've learned from using it is that you can configure… more»
Real User
Network Engineer at a healthcare company with 10,001+ employees
Aug 14 2019

What is most valuable?

The rule usage is a nice feature. The ability to see the uptimes on the different VPNs that we have configured for site-to-site. The overarching policy as far as the rules go and the assessment that… more»

How has it helped my organization?

It hasn't really improved our organization. It has been more like a PoC which was spun up and played with for a little while, and we haven't gotten back to it. I saw that it could simplify security… more»

What needs improvement?

When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a… more»

What's my experience with pricing, setup cost, and licensing?

It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours, but we didn't spin it up with the intent to permanently move over to it. It was just something our… more»

What other advice do I have?

It was just something for us to spin up and look through, then see if it was something that could benefit us from a policy perspective by pushing policy out. It might have been able to, but it was a… more»

Which other solutions did I evaluate?

We are still using FireMon as our firewall manager right now. FireMon is definitely a little more feature-rich. It definitely could get further into the rule base of it. We didn't use FireMon to… more»
See 3 More Cisco Defense Orchestrator Reviews

Articles

User Assessments By Topic About Cisco Defense Orchestrator

Find out what your peers are saying about Cisco, Tufin, FireMon and others in Firewall Security Management. Updated: October 2019.
372,906 professionals have used our research since 2012.

Cisco Defense Orchestrator Questions

What is Cisco Defense Orchestrator?

Cisco Defense Orchestrator is a cloud based policy management solution to drive simple and consistent security policy across multiple Cisco security platforms.

Also known as
CDO
Cisco Defense Orchestrator customers

Insurance Company of British Columbia, Shawmut

BUYER'S GUIDE
Download our free Firewall Security Management Report and find out what your peers are saying about Cisco, Tufin, FireMon, and more!
Sign Up with Email