Try our new research platform with insights from 80,000+ expert users
Network Administrator at Texas Hydraulics, Inc.
Real User
Enables me to create a standard for access rules across all my devices
Pros and Cons
  • "The bulk changes feature is definitely the most valuable."
  • "It should have more features to manage FirePOWER appliances."

What is our primary use case?

I use it to manage my group of firewalls, and I make some configuration changes with it. If I have to update multiple devices at one time I will use it as well.

How has it helped my organization?

Its ability to make bulk changes makes it much easier, that's for sure, when I have to upgrade multiple clients. Although I don't update too often, maybe every six months, it saves me 20 minutes per device for the four devices we have.

It also helps that I'm able to look at synchronizing my configuration across all of the devices. When it comes to configuration of my access rules, it allows me to create a standard across all of them.

Our security team is just me, one guy. We're a pretty small organization. But in a way, it has made me more productive.

In addition, its support for ASA, FTD, and Meraki MX helps maintain consistent security.

What is most valuable?

  • The bulk changes feature is definitely the most valuable. 
  • Being able to look at the configuration before and after the change is made, is helpful.

What needs improvement?

They should make it more of a one-stop shop for everything. It should have more features to manage FirePOWER appliances.

Buyer's Guide
Cisco Defense Orchestrator
January 2025
Learn what your peers think about Cisco Defense Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: January 2025.
831,265 professionals have used our research since 2012.

For how long have I used the solution?

We've been using CDO ( /products/cisco-defense-orchestrator-reviews ) for about two years.

What do I think about the stability of the solution?

I'm pretty impressed with the stability. It hasn't broken on me. I'm pretty satisfied.

What do I think about the scalability of the solution?

Since I only have the four devices I really haven't done anything on a mass scale. I can see us possibly increasing usage in the future.

How are customer service and support?

I haven't used tech support.

Which solution did I use previously and why did I switch?

We didn't have a previous solution.

How was the initial setup?

The initial setup was pretty straightforward. I had one of the guys from Cisco show me how to onboard one device, and I was able to get the others onboard within about five minutes. There wasn't really an implementation strategy. He just showed me how to do one device at a time.

What other advice do I have?

It's just a good product to have.

In terms of CDO's security features around storing firewall configurations in the cloud, I haven't delved into that yet. I plan to get into it this month, but I haven't logged into it yet. I still use the ASDM a lot of times. I also have a FirePOWER which most of the firewalls are in and I will the FirePOWER Management Center for that because Orchestrator doesn't manage it quite as well. For firewall builds and daily management of existing firewalls, I normally use FirePOWER, as far as monitoring goes.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user1141920 - PeerSpot reviewer
Systems Engineer at a tech services company with 11-50 employees
Real User
Security admin can see changes on a firewall and determine if they are permitted
Pros and Cons
  • "The most valuable feature is that you can push one policy or one rule out to several devices at a time."
  • "If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it had that configuration." That view of new changes versus the old could be better... I had to log in manually, locally on the firewall, to check which version, which configuration was actually running. I couldn't see it in CDO."

What is our primary use case?

My primary use case was just to see what the solution is about. I'm a system engineer and a Cisco partner. I was using the trial to see what it can do.

I rolled it out in my home lab. I have a Cisco ASA firewall so I used it to push configurations to my firewall. I used the Secure Device Connector as a virtual appliance, so I rolled it out like a production environment.

How has it helped my organization?

It could improve things when I need to create an object and to create a new policy. Instead of logging into several devices, one at a time, I could push the policy at one time and mitigate, let's say, vulnerability. Instead of taking three hours or two days, I could do it in 30 minutes. It would save time.

It could improve visibility. When I try to push a configuration tool to my firewall locally - instead of doing it through Defense Orchestrator - I can see through the Defense Orchestrator that configuration on the firewall doesn't match. In that way, it can provide better visibility for a security administrator. He can see that there have been changes on this firewall and determine if they are permitted changes.

In terms of the management of firewalls or firewall builds, it is possible to do upgrades from Defense Orchestrator. I could also push new certificates and that would help because I wouldn't have to go to each firewall or each device to deploy a new certificate or upgrade. I could do it all from a single pane of glass.

Its support for ASA, FTD, and Meraki MX devices could potentially free up staff to do other work, although I have not tried the FTD or the MX.

What is most valuable?

The most valuable feature is that you can push one policy or one rule out to several devices at a time. That's pretty neat.

What needs improvement?

If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it had that configuration." That view of new changes versus the old could be better. Which one is the new configuration? Which one is the old one? I had trouble seeing which configuration of the two which CDO showed me was the one that was actually running. I had to log in manually, locally on the firewall, to check which version, which configuration, was actually running. I couldn't see it in CDO.

For how long have I used the solution?

I used it for a month as long as my trial was running. It was a PoV so I can go sell it. The trial ended two or three weeks ago.

What do I think about the stability of the solution?

The stability seems fine. I didn't experience any outages.

How are customer service and technical support?

The tech support was great.

Which solution did I use previously and why did I switch?

I'm using Cisco ISE, and I use Firewall Device Manager, and FireSIGHT Manager Center. I haven't worked with Defense Orchestrator in-depth as I have been with the FireSIGHT Manager Center (aka FirePOWER Manager Center) but what I can see and what I have experienced is that Defense Orchestrator is better built than FirePOWER Manager Center.

There are a lot of things you can't do with the FireSIGHT Manager Center. You have to have FirePOWER Management Center to get all the features. You install the FirePOWER device manager on the device to get rid of FirePOWER Management Center, but some of the features aren't available in the Firepower device manager if you don't have the FirePOWER Management Center. That's not good.

Now there is Adaptive Security Device Manager (ASDM). If we compare these two, Defense Orchestrator is much better because you can handle many devices at once.

How was the initial setup?

I had a problem. I couldn't deploy the Secure Device Connector. I tried to deploy it in a VMware environment and I had some issues. I needed help from Cisco tech. I also had an issue deploying the on-prem virtual appliance. I had a Cisco guy helping me and he solved it for me.

If I didn't have those issues, it would have taken one hour, but because of the issue it took me three days. It took three days because I had to wait for a technician to become available. When the technician was available, we solved it in two to three hours. That was okay.

But I have tried many of Cisco's products and, normally, it's pretty straightforward to deploy their products or services.

Once it was up and running, I could see value from it straight away, in the first minute. I saw that I could push policies from the cloud. I could push certificates, I could push upgrades. I could push a command line. I could do anything. The value was not hard to see.

What was our ROI?

For one customer I have in mind, I think it could save up them eight to ten hours per week.

What's my experience with pricing, setup cost, and licensing?

I tried to see what the pricing is. What I could see it is that it is about a $100 per year for the ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year. It can sound like a lot but I see the potential it has to free up many hours of technician time. So the pricing is okay.

What other advice do I have?

It's worth it to dive in. If you have an environment with several firewalls, more than five, I would recommend just doing it.

The biggest lesson I've learned from using it is that you can configure multiple devices at once.

In terms of its security features for storing firewall configurations in the cloud, I'm not bothered by it. I don't see that as a security issue because I believe that Cisco is protecting it. I'm generally not against the cloud. It's good that we can do more and more from a single pane of glass, like Cisco Meraki, Cisco Defense Orchestrator, DNA Center, and so on. They should keep going in that direction. I think it's good.

I didn't try that many features but I can see that it has a VPN feature. I would like to try some of these things, but I only have one firewall. It's difficult to do everything with one firewall. I would like to test out the VPN functionality and how it can save time in troubleshooting. I would also like to test the ease of creating new VPNs between firewalls.

I would rate CDO at ten out of ten. It's a nice product and that's taking into account my experience with other products.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Buyer's Guide
Cisco Defense Orchestrator
January 2025
Learn what your peers think about Cisco Defense Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: January 2025.
831,265 professionals have used our research since 2012.
Vivek Balaji - PeerSpot reviewer
Technical Director - Cyber Security at a comms service provider with 1-10 employees
Real User
Useful guides, excellent support, integration could improve
Pros and Cons
  • "Cisco Defense Orchestrator has useful guides for the steps that need to follow by users."
  • "Cisco Defense Orchestrator can improve by providing more support for third-party security components."

What is most valuable?

Cisco Defense Orchestrator has useful guides for the steps that need to follow by users.

What needs improvement?

Cisco Defense Orchestrator can improve by providing more support for third-party security components.

For how long have I used the solution?

I have been using Cisco Defense Orchestrator for approximately eight months.

How are customer service and support?

The Cisco Defense Orchestrator technical support is excellent.

What's my experience with pricing, setup cost, and licensing?

I work with a lot of clients, and the price or value of the Cisco Defense Orchestrator can vary from one client to another. If you have a lot of Cisco solutions, the price of the Cisco Defense Orchestrator is justified. Whereas if you have some security components from other vendors, such as Check Point or Palo Alto. This solution would be a pretty expensive proposition considering that they don't integrate with them well.

What other advice do I have?

Cisco Defense Orchestrator is a solution that does not have a lot of competition, it is unique. However, the next similar solution would be Palo Alto Demisto.

I rate Cisco Defense Orchestrator a seven out of ten

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
reviewer1423293 - PeerSpot reviewer
Cyber Security Pre-Sales Consultant at a tech services company with 51-200 employees
Consultant
Comparably priced with good support and the intrusion prevention works well
Pros and Cons
  • "The most valuable feature is the Intrusion prevention."
  • "They need to work on the user interface. It needs to be improved to make it more user-friendly."

What is our primary use case?

We are using this solution for filtering and blocking some websites. It's a firewall.

This is the main tool for network segmentation and intrusion prevention. It blocks malware and malicious activity.

What is most valuable?

The most valuable feature is the Intrusion prevention.

What needs improvement?

It's a stable solution, but it could always be improved.

They need to work on the user interface. It needs to be improved to make it more user-friendly.

For how long have I used the solution?

I have been working with Cisco Defense Orchestrator for five years.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

Cisco Defense Orchestrator is scalable.

We have 1,000 users but we don't plan to increase our usage.

How are customer service and technical support?

Technical support is good.

Which solution did I use previously and why did I switch?

Previously, we were not using another solution. We have been using Cisco Defense Orchestrator from the beginning.

How was the initial setup?

The initial setup is straightforward.

It can take up to five hours to deploy.

We have a team of five who are mainly engineers to maintain this solution.

What's my experience with pricing, setup cost, and licensing?

If you compare to what is available on the market, they are in the same range with respect to pricing.

What other advice do I have?

I would recommend this product to anyone who is interested in using it.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Presales Engineer at DataProtect
Real User
Good network visibility and assists with re-routing blocked traffic
Pros and Cons
  • "If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing."
  • "The dashboard needs to be more customizable to provide better reporting for our network."

What is our primary use case?

This is part of our network orchestration solution. It allows us to optimize our network. For example, if I want to communicate with a laptop, this solution gives us a way to route the communication.

We have a public cloud deployment using Microsoft Azure.

How has it helped my organization?

If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing. It gives us recommendations of what to do, and it can be done automatically.

What is most valuable?

The most valuable feature of this solution is the visibility that it provides into our network. It shows a graphical topography of the network.

What needs improvement?

The dashboard needs to be more customizable to provide better reporting for our network.

For how long have I used the solution?

I have been using this solution for about two weeks.

What do I think about the stability of the solution?

This solution appears to be stable for the moment.

What do I think about the scalability of the solution?

The scalability of this solution is good.

There are three people who use this solution. We have an administrator, and engineering architect, and a software engineer.

How are customer service and technical support?

I would rate technical support a seven out of ten.

Which solution did I use previously and why did I switch?

Prior to this solution, I was working on Skybox. It is primarily used for firewalls.

How was the initial setup?

The initial setup of this solution is of medium difficulty. The deployment took one day, although for a larger infrastructure I think it will take more than one day.

One person is suitable for deployment. In terms of maintenance, two people including the administrator are sufficient.

What about the implementation team?

We deployed this solution with assistance from Cisco.

What other advice do I have?

My advice for anybody who is researching this solution is to consider the advantages that it provides in terms of infrastructure.

It is easy to configure administrators and other users who can generate reports and check the dashboard. For the moment, this solution meets our needs and I cannot think of any additional features that should be added.

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Product Consultant at a tech services company with 501-1,000 employees
Real User
A simple and centralized way to manage all products
Pros and Cons
  • "With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products."
  • "They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."

What is our primary use case?

We provide consultation for all Cisco solutions. We give consultations to customers for buying a preventive solution like Cisco Email Security, Cisco IronPort, Cisco Security, Cisco Web Security. 

What is most valuable?

With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products. 

What needs improvement?

They can centralize all products and provide a correlation about an incident and the response.

They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud.

For how long have I used the solution?

I have been working with this solution for around four years.

What do I think about the stability of the solution?

The stability depends upon the Cisco cloud. 

What do I think about the scalability of the solution?

Because it's on the cloud, Cisco Defense Orchestrator can scale up very well.

How are customer service and technical support?

They have good technical support. They're very good, and they can very well help a customer with implementation.

How was the initial setup?

Cisco Defense Orchestrator is on the cloud. It's really fast to deploy.

What other advice do I have?

I would recommend Cisco Defense Orchestrator. Cisco is a very good company and has a reputation. They can provide a comprehensive solution to customers. They have a lot of defense solutions for the network and endpoint security.

Cisco buys a lot of solutions and has a lot of acquisitions. When they combine them into one central management, the setup can be quite complex.

I would rate Cisco Defense Orchestrator an eight out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
PeerSpot user
Buyer's Guide
Download our free Cisco Defense Orchestrator Report and get advice and tips from experienced pros sharing their opinions.
Updated: January 2025
Buyer's Guide
Download our free Cisco Defense Orchestrator Report and get advice and tips from experienced pros sharing their opinions.