We just raised a $30M Series A: Read our story

Cisco Defense Orchestrator OverviewUNIXBusinessApplication

Cisco Defense Orchestrator is #9 ranked solution in top Firewall Security Management tools. IT Central Station users give Cisco Defense Orchestrator an average rating of 8 out of 10. Cisco Defense Orchestrator is most commonly compared to AlgoSec:Cisco Defense Orchestrator vs AlgoSec. The top industry researching this solution are professionals from a comms service provider, accounting for 41% of all views.
What is Cisco Defense Orchestrator?

Cisco Defense Orchestrator is a cloud based policy management solution to drive simple and consistent security policy across multiple Cisco security platforms.

Cisco Defense Orchestrator is also known as CDO.

Buyer's Guide

Download the Firewall Security Management Buyer's Guide including reviews and more. Updated: October 2021

Cisco Defense Orchestrator Customers

Insurance Company of British Columbia, Shawmut

Cisco Defense Orchestrator Video

Pricing Advice

What users are saying about Cisco Defense Orchestrator pricing:
  • "If you compare to what is available on the market, they are in the same range with respect to pricing."

Cisco Defense Orchestrator Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Jairo Mendes
Network and Security Specialist at Connected Technology, LLC
Real User
Restore history automatically prevents system crashes, but reporting and monitoring need work

Pros and Cons

  • "We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."
  • "CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring."

What is our primary use case?

We manage all ASA devices, from versions 5506 to 5516, through CDO

How has it helped my organization?

When we are doing updates for security reasons, every six months we review certain companies. Before CDO, we had to spend hours and hours to update ten devices. Now, with one simple click, we select the devices and set it to update on a given day, and save different the configurations. It's pretty simple and a great feature for us. Whenever we have found any problems in the devices and we want to create a new policy that applies to ten or 20 companies, we select the devices and we send the same commands to all those devices at once.

In terms of auditing, CDO has the option to review all the logs and if something is modified we have control of that. We know what time it was modified. There is a history on it so we can go and check that. As for visibility, with CDO we can see any changes that were made. If there is a vulnerability from one device, we can go and fix it in different devices at once. It's not just one device. We can work and try to prevent that specific problem from hampering the rest of the devices.

The solution's support for ASA, FTD, and Meraki MX devices helps free up staff time for other work.

What is most valuable?

The most valuable feature is the restore history. For any changes that you have backed up, if something goes wrong, then the system will automatically prevent the system from crashing or from loss of the client's connection. When you start programming any ASA or device connected to CDO, if you make a mistake, you have the option to restore the previous configuration. You will not lose connection with the device and the client will continue working without problems.

We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple.

The solution’s security features for storing firewall configurations in the cloud are pretty secure. I don't see any problems with it. They have two-factor authentication. From what I see, it's working properly. I don't feel there is any gap there.

What needs improvement?

CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring.

For how long have I used the solution?

I have been using it for two to three years.

What do I think about the stability of the solution?

It's really stable, I don't see any glitches at this point. Once one is connected, it's just a matter of doing maintenance.

What do I think about the scalability of the solution?

If a person has knowledge of how switches and routers work, and that could be a Cisco technician, that would be enough to for scalability using this platform.

I don't see any limitations on the number of firewalls it can handle. We have, on average, about 100 running on it. We have five users.

In terms of features, we're not using the VPN section or the templates so there's room to grow and keep learning the platform.

How are customer service and technical support?

On a scale of one to ten, tech support would be about a seven.

We definitely have to escalate the issues. The first tier is always complicated. We, ourselves, are basically second-tier here, so the guys don't often call support. We try to resolve problems here. I do recall that about eight months that ago we had a situation, a specific problem, but it was something out scope so the system was not supporting those devices. It took about a week to resolve it because we could never get the right person. We tried to explain what's going on and it was a little confusing. It had to do with CDO but not everybody at Cisco has knowledge of CDO.

Which solution did I use previously and why did I switch?

We have something different, but at this point we are mostly using CDO. We use Cyberhub only to monitor vulnerabilities. That's all it does. With CDO we try to do SSH and all the language. But CDO doesn't have vulnerability monitors. That is something that they definitely need to improve on.

How was the initial setup?

The initial setup was really straightforward. If the person setting this up has knowledge of firewalls and switches, it's pretty simple. It took about two hours for us to deploy. It depends on the company. It could be a company has only five ASAs, and that could take 20 minutes to one hour. All companies are different, so it depends on how many ASAs they have.

In terms of an implementation strategy, we used SSH first and then did the connections.

Deployment of the whole system can be done by one person. And similarly, it takes one person to maintain it.

What was our ROI?

Once we had CDO up and running, after first implementing it, it took about six months to see value from the solution.

The ROI comes from the fact that, before CDO we had different teams in charge of different companies. They were responsible for updates, checking for vulnerabilities, making sure the devices follow protocols and have all the policies necessary in those companies. For the most part, the companies share the same policies. We try to leave everything standard. We had teams in charge of that, but now we have one person who is in charge of it. That is saving a lot of money for our company and time for the clients. CDO has made our security team more productive. We're saving all that time. Again, it's just one person who can now take care of that.

Which other solutions did I evaluate?

We did a few tests but I don't remember the names of the other products. What made CDO stand out is that you can do different devices at once. The other companies offered only one system. There was no way we could do updates on all the devices. That's really the strong point of CDO.

What other advice do I have?

My advice is to try to gain more knowledge of SSH. CDO needs to improve monitoring and reporting.

Every six months, we go in deep. We check the devices to make sure everything is working correctly. We have another system, not related to CDO, which is alerting us if something is not working correctly. It runs daily. For example, if we find any ASAs with vulnerabilities, we take the information from that third-party software and go to CDO and again do the update for all the devices that are affected.

We're not using CDO for firewall builds or daily management of existing files. It is not as strong in that.

Overall, I would rate the solution at seven out of ten. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Google
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner.
BinhNguyen1
Product Consultant at a tech services company with 501-1,000 employees
Reseller
Top 10
A simple and centralized way to manage all products

Pros and Cons

  • "With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products."
  • "They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."

What is our primary use case?

We provide consultation for all Cisco solutions. We give consultations to customers for buying a preventive solution like Cisco Email Security, Cisco IronPort, Cisco Security, Cisco Web Security. 

What is most valuable?

With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products. 

What needs improvement?

They can centralize all products and provide a correlation about an incident and the response.

They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud.

For how long have I used the solution?

I have been working with this solution for around four years.

What do I think about the stability of the solution?

The stability depends upon the Cisco cloud. 

What do I think about the scalability of the solution?

Because it's on the cloud, Cisco Defense Orchestrator can scale up very well.

How are customer service and technical support?

They have good technical support. They're very good, and they can very well help a customer with implementation.

How was the initial setup?

Cisco Defense Orchestrator is on the cloud. It's really fast to deploy.

What other advice do I have?

I would recommend Cisco Defense Orchestrator. Cisco is a very good company and has a reputation. They can provide a comprehensive solution to customers. They have a lot of defense solutions for the network and endpoint security.

Cisco buys a lot of solutions and has a lot of acquisitions. When they combine them into one central management, the setup can be quite complex.

I would rate Cisco Defense Orchestrator an eight out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Find out what your peers are saying about Cisco, Tufin, FireMon and others in Firewall Security Management. Updated: October 2021.
552,136 professionals have used our research since 2012.
FZ
Cyber Security Pre-Sales Consultant at a tech services company with 51-200 employees
Consultant
Top 10
Comparably priced with good support and the intrusion prevention works well

Pros and Cons

  • "The most valuable feature is the Intrusion prevention."
  • "They need to work on the user interface. It needs to be improved to make it more user-friendly."

What is our primary use case?

We are using this solution for filtering and blocking some websites. It's a firewall.

This is the main tool for network segmentation and intrusion prevention. It blocks malware and malicious activity.

What is most valuable?

The most valuable feature is the Intrusion prevention.

What needs improvement?

It's a stable solution, but it could always be improved.

They need to work on the user interface. It needs to be improved to make it more user-friendly.

For how long have I used the solution?

I have been working with Cisco Defense Orchestrator for five years.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

Cisco Defense Orchestrator is scalable.

We have 1,000 users but we don't plan to increase our usage.

How are customer service and technical support?

Technical support is good.

Which solution did I use previously and why did I switch?

Previously, we were not using another solution. We have been using Cisco Defense Orchestrator from the beginning.

How was the initial setup?

The initial setup is straightforward.

It can take up to five hours to deploy.

We have a team of five who are mainly engineers to maintain this solution.

What's my experience with pricing, setup cost, and licensing?

If you compare to what is available on the market, they are in the same range with respect to pricing.

What other advice do I have?

I would recommend this product to anyone who is interested in using it.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.