Anonymous UserLead Program Manager at a computer software company
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a little more complicated for people."
"When we're looking to the policies, it identifies the shadow rules. It notifies us about anything that will supersede other rules."
"The most valuable feature is that you can push one policy or one rule out to several devices at a time."
"This product provides excellent centralized device controls and reporting."
"The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets."
"For this product, they are very uncharacteristically interested in resolving whatever issue the customer reports. They're really attentive, and they address whatever we bring up as quickly as they can. That's been a very positive aspect of the product."
"The most valuable feature is being able to do centralized upgrades on the ASAs. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us."
"I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end and I don't really have to be involved. I just initiate, pick the image, and I pick when I want it done and it just does it, whether I have a single ASA or have a dual ASA."
"It's helpful that the solution allows us to control all the firewalls from one device."
"The dashboards are very good on Palo Alto. They offer a centralized dashboard for managers as well."
"Using this solution means that you can store logs for longer periods, up to perhaps two years, depending on your attached storage."
"What I like most about this solution is that it allows me to push multiple policies on multiple followers at the same time."
"The most valuable feature is WildFire."
"The interface is very easy to use. You can do most jobs from one single console."
"The solution is absolutely stable."
"The solution is very stable. It's reliable. We don't experience bugs or glitches. It doesn't crash. It works as expected."
"We had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have been nice if it had been flagged for us: "Hey, these updates are failing because the MX is blocking it." It wasn't a huge problem, but there was a loss of our time as well as the fact that the updates didn't get pushed out... It would have been nice if CDO had let us know that that was an issue."
"If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it had that configuration." That view of new changes versus the old could be better... I had to log in manually, locally on the firewall, to check which version, which configuration was actually running. I couldn't see it in CDO."
"It would be a better product if it incorporated device control for third-party products easily."
"I've found dozens of bugs over the year we've been using it. The more I use it for different things, the more problems I find... Most of the problems have to do with the user interface. A lot of thought and work has gone into the back-end component to make the product do what it's intended to do, but the way it is presented for use hasn't gotten nearly as much thought to make it smart and bug-free."
"There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a change. If I make a change, I've then got to go back to submit and send the change."
"The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities."
"It should have more features to manage FirePOWER appliances."
"When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."
"It can take a few minutes to test to see if any changes are successful or not. This needs to be improved. A commit change should take a second, not a minute or more."
"Panorama needs to work on its configuration issues."
"The dual WAN functionality is missing in this solution."
"Customer support can improve."
"There is room for improvement in the integration within endpoint detection. They need to do some integration between endpoints and the firewalls."
"The general customer feedback is when saving the configuration, it takes a long time. That needs to be fixed. The troubleshooting, the debugging part is also a little bit of a pain. It's not user-friendly on the interface to do our debugging when comparing it with other firewalls, like Forcepoint."
"I would like more dashboard management."
"The solution should improve the speed at which they make changes on the system. Historically, they've been a bit slow in that respect. They should apply changes to the box quicker and more often."
"It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year."
"It's around £500 per unit for a three-year license."
"After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."
"It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."
"If you compare to what is available on the market, they are in the same range with respect to pricing."
"Initially, Palo Alto looks expensive, but if you dig deeper then you will find that it is very comparable, or even cheaper than other solutions."
"You only pay for the license and there are no additional costs."
"We pay approximately $3,000 a year in order to use the product."
"The pricing model is reasonable for this class of solutions."
"Palo Alto is expensive and there are many cheaper firewalls, but they do not work as well."
"It is not a cheap solution."
"The price of Panorama is expensive."
Cisco Defense Orchestrator is a cloud based policy management solution to drive simple and consistent security policy across multiple Cisco security platforms.
Panorama network security management provides static rules and dynamic security updates in an ever-changing threat landscape. Reduce administrator workload and improve your overall security posture with a single rule base for firewall, threat prevention, URL filtering, application awareness, user identification, file blocking and data filtering.
Cisco Defense Orchestrator is ranked 4th in Firewall Security Management with 13 reviews while Palo Alto Networks Panorama is ranked 5th in Firewall Security Management with 22 reviews. Cisco Defense Orchestrator is rated 8.2, while Palo Alto Networks Panorama is rated 8.6. The top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". On the other hand, the top reviewer of Palo Alto Networks Panorama writes "Offers a lot of advanced functionality that is easy to deploy and the GUI is easy to use ". Cisco Defense Orchestrator is most compared with Tufin, FireMon, AlgoSec and Skybox Security Suite, whereas Palo Alto Networks Panorama is most compared with AWS Firewall Manager, AlgoSec, Tufin, Fortinet FortiGate Cloud and Azure Firewall Manager. See our Cisco Defense Orchestrator vs. Palo Alto Networks Panorama report.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.