We performed a comparison between Cisco Defense Orchestrator and Palo Alto Networks Panorama based on real PeerSpot user reviews.
Find out what your peers are saying about AlgoSec, Tufin, Palo Alto Networks and others in Firewall Security Management."I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end and I don't really have to be involved. I just initiate, pick the image, and I pick when I want it done and it just does it, whether I have a single ASA or have a dual ASA."
"The initial setup was straightforward. We spun up the VM onsite. We generated the key that it needed to talk to the Cloud Orchestrator. After that, as I started adding devices, it was relatively quick and easy."
"If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing."
"The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets."
"Cisco Defense Orchestrator has useful guides for the steps that need to follow by users."
"The bulk changes feature is definitely the most valuable."
"If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time."
"The ability to see the uptimes on the different VPNs that we have configured for site-to-site."
"I like the quality of this product, and it performs. It's the best solution in the IT business."
"Technical support is quite helpful."
"The telemetry visibility is really good as well as the automated workflows for creating policies. The overall solution is quite intuitive to use."
"Networks Panorama has improved our organizational security"
"The management and the deployment features are most valuable. We can easily deploy and manage the devices. We can do fast deployments without moving from our office and by just providing a short description to the end-user about how to install the physical device."
"The solution offers good logging features."
"What's most valuable in Palo Alto Networks Panorama is that it allows us to see the status on the network side, particularly on the endpoint, because we also use it for the internal network."
"The most valuable aspect of Palo Alto Networks Panorama for me is the centralized management of multiple firewalls."
"I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus."
"It should have more features to manage FirePOWER appliances."
"It would be a better product if it incorporated device control for third-party products easily."
"I've found dozens of bugs over the year we've been using it. The more I use it for different things, the more problems I find... Most of the problems have to do with the user interface. A lot of thought and work has gone into the back-end component to make the product do what it's intended to do, but the way it is presented for use hasn't gotten nearly as much thought to make it smart and bug-free."
"The dashboard needs to be more customizable to provide better reporting for our network."
"CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring."
"They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."
"If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it had that configuration." That view of new changes versus the old could be better... I had to log in manually, locally on the firewall, to check which version, which configuration was actually running. I couldn't see it in CDO."
"My company's getting whatever it needs from Palo Alto Networks Panorama, but in the cloud, there's an issue with CPU management, and that's an area for improvement. Though the normal data traffic doesn't go through the management interface, whenever there's an increase in the throughput, CPU management becomes high. If you increase the load, CPU management spikes, and it's what needs to be taken care of in Palo Alto Networks Panorama."
"It could be easier to manage. In the future, it should be much easier because it's not very easy to manage. So in the next release, I think it should be much easier to manage, especially in the first configuration. It could also be more stable."
"In our version, there is no feature to transfer or upload a database of third-party vulnerabilities or signatures so that Panorama can convert them into its own database. This kind of feature might already have come in version 10."
"At times we have noticed that we get into issues where Panorama is going too slow or has other little problems. The performance can suffer occasionally."
"There is a need to improve the upgrade process. When we are upgrading the solution we are facing some issues with Elasticsearch services. Every time we upgrade it takes a long time to become stable."
"The licensing costs are quite high."
"The ability to add scheduled jobs would be a significant improvement. Panorama has the ability to push out OS updates, but it would be nice to be able to schedule those updates so not to affect the site during normal business hours."
"Reporting might be an area to improve. It can provide reporting or some sort of graphical representation of your environment."
Earn 20 points
Cisco Defense Orchestrator is ranked 14th in Firewall Security Management while Palo Alto Networks Panorama is ranked 3rd in Firewall Security Management with 80 reviews. Cisco Defense Orchestrator is rated 8.2, while Palo Alto Networks Panorama is rated 8.4. The top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". On the other hand, the top reviewer of Palo Alto Networks Panorama writes "Built-in proxy with the ability to maintain your own policies". Cisco Defense Orchestrator is most compared with Tufin Orchestration Suite, AlgoSec, Azure Firewall Manager and FireMon Security Manager, whereas Palo Alto Networks Panorama is most compared with AWS Firewall Manager, AlgoSec, Fortinet FortiGate Cloud, Tufin Orchestration Suite and Cisco Secure Firewall Management Center.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.