How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
This is part of our network orchestration solution. It allows us to optimize our network. For example, if I want to communicate with a laptop, this solution gives us a way to route the communication. We have a public cloud deployment using Microsoft Azure.
The primary use case for it is to verify that we have connectivity with the systems that we put into it. We also use it for configuration backup.
I use it to manage my group of firewalls, and I make some configuration changes with it. If I have to update multiple devices at one time I will use it as well.
We have it set up to test to look at policy from an overarching perspective. Then, we are hoping to use it for policy push, such as making both changes across different firewalls, but we haven't gotten to that point yet. We have the on-prem relay, and then that connects into the cloud for Cisco Defense Orchestrator (CDO), We deployed the most recent version about a year ago. We don't use it on a day-to-day basis. It's not something that we really spend a lot of time reviewing. I just haven't had time to sit down with it.
What I take primarily take advantage of are ASA upgrades. I also use it, sometimes, to see other backups, because each time there's a configuration change, it creates a backup for it. I also check out conflicts or unused rules. But I mostly use it for ASA, for management.
We manage all ASA devices, from versions 5506 to 5516, through CDO.
As an IT person for Egypt Foods Group company, we primarily rely on Cisco Defense Orchestrator as centralized management for our Cisco devices (e.g., firewalls and other security devices).
We have around 30 firewalls and we use it to centrally manage the firewalls. We use it to have one panel where we can log in and see all the firewall rules, all the objects, where they're deployed, where they duplicate across firewalls. We use it to maintain the configuration. We also use it to perform centrally managed updates. We can update ASDM and ASA images on the firewalls. We have a connector on-premise and we have that linked to all of our ASAs internally. It runs within their cloud environment, which I believe is AWS. It talks back to a cloud connector on-premise which, in turn, talks to all of our firewalls to manage them centrally. We use it daily for firewall administration and change management, and we use it as and when required to do all the software and firmware upgrades.
We use it to manage our firewalls.
My primary use case was just to see what the solution is about. I'm a system engineer and a Cisco partner. I was using the trial to see what it can do. I rolled it out in my home lab. I have a Cisco ASA firewall so I used it to push configurations to my firewall. I used the Secure Device Connector as a virtual appliance, so I rolled it out like a production environment.
Most of the time we use it for the simplicity, for streamlining security policy management. We have other layers of stuff that we use with Cisco, from an integrated standpoint. Defense Orchestrator brings everything together.