Compare Cisco Defense Orchestrator vs. ManageEngine Firewall Analyzer

Cisco Defense Orchestrator is ranked 4th in Firewall Security Management with 11 reviews while ManageEngine Firewall Analyzer is ranked 8th in Firewall Security Management with 3 reviews. Cisco Defense Orchestrator is rated 8.2, while ManageEngine Firewall Analyzer is rated 7.6. The top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". On the other hand, the top reviewer of ManageEngine Firewall Analyzer writes "Simple and easy to use but needs better graphical visualization". Cisco Defense Orchestrator is most compared with FireMon, Tufin, AlgoSec, Palo Alto Networks Panorama and Skybox Security Suite, whereas ManageEngine Firewall Analyzer is most compared with AlgoSec, FireMon, Palo Alto Networks Panorama, Tufin and RedSeal. See our Cisco Defense Orchestrator vs. ManageEngine Firewall Analyzer report.
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Cisco Defense Orchestrator vs. ManageEngine Firewall Analyzer and other solutions. Updated: July 2020.
426,947 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple.If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing.The bulk changes feature is definitely the most valuable.The initial setup was straightforward. We spun up the VM onsite. We generated the key that it needed to talk to the Cloud Orchestrator. After that, as I started adding devices, it was relatively quick and easy.The ability to see the uptimes on the different VPNs that we have configured for site-to-site.If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time.We have quite a few Active Stone by pairs. If they fail over... I'll see that there's a change on it and I'll have a look. The only change on it is that now this one is the standby, it took over the active role. I can go into that firewall and find out what happened... and troubleshoot based on that. That's pretty cool too.I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end and I don't really have to be involved. I just initiate, pick the image, and I pick when I want it done and it just does it, whether I have a single ASA or have a dual ASA.

More Cisco Defense Orchestrator Pros »

Overall the solution does a good job.Firewall Analyzer helps our organization to fulfill the compliance requirement as per ISO 27001, managing the network security effectively.I found the reporting to be useful because not only can I go back months, but it lists the individual URLs and the time that a particular person visited.

More ManageEngine Firewall Analyzer Pros »

CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring.The dashboard needs to be more customizable to provide better reporting for our network.It should have more features to manage FirePOWER appliances.When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up.I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus.The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities.I've found dozens of bugs over the year we've been using it. The more I use it for different things, the more problems I find... Most of the problems have to do with the user interface. A lot of thought and work has gone into the back-end component to make the product do what it's intended to do, but the way it is presented for use hasn't gotten nearly as much thought to make it smart and bug-free.There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a change. If I make a change, I've then got to go back to submit and send the change.

More Cisco Defense Orchestrator Cons »

The solution lacks a lot of features that other products have in the marketplace.It would be awesome if the product could monitor services for applications.

More ManageEngine Firewall Analyzer Cons »

Pricing and Cost Advice
It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours.After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte.It's around £500 per unit for a three-year license.It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year.

More Cisco Defense Orchestrator Pricing and Cost Advice »

Needs to work on pricing.

More ManageEngine Firewall Analyzer Pricing and Cost Advice »

Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
426,947 professionals have used our research since 2012.
Average Words per Review
Avg. Rating
Average Words per Review
Avg. Rating
Popular Comparisons
Compared 26% of the time.
Also Known As

Cisco Defense Orchestrator is a cloud based policy management solution to drive simple and consistent security policy across multiple Cisco security platforms.

ManageEngine Firewall Analyzer is an agent less log analytics and configuration management software that helps network administrators to centrally collect, archive, analyze their security device logs and generate forensic reports out of it.

Real-time event response system and Integrated Compliance Management module of Firewall Analyzer automates your end point security monitoring, network bandwidth monitoring and security & compliance auditing. Firewall Analyzer eases your Device Configuration Management by providing out-of-the-box reports and alerts for configuration changes. Firewall Analyzer is vendor-agnostic and supports almost all open source and commercial network firewalls like Check Point, Cisco, Juniper, Fortinet, Snort, Squid Project, SonicWALL, Palo Alto and more, IDS/IPS, VPNs, Proxies and other related security devices.

Learn more about Cisco Defense Orchestrator
Learn more about ManageEngine Firewall Analyzer
Sample Customers
Insurance Company of British Columbia, ShawmutWFP,, Sony Pictures, Franklin Security Bank, ITC INFOTECH
Top Industries
Comms Service Provider35%
Software R&D Company35%
Manufacturing Company8%
Healthcare Company5%
Software R&D Company42%
Comms Service Provider18%
Healthcare Company13%
Find out what your peers are saying about Cisco Defense Orchestrator vs. ManageEngine Firewall Analyzer and other solutions. Updated: July 2020.
426,947 professionals have used our research since 2012.

See our list of best Firewall Security Management vendors.

We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.