Cisco Defense Orchestrator Valuable Features
TE
Todd Ellis
CTO at Secure Networkers
The simplicity, efficiency, and effectiveness of it are valuable.
There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a little more complicated for people.
View full review »RB
Richard Barton
Network and Data Centre Platform Manager at a manufacturing company with 1,001-5,000 employees
The most valuable feature is being able to do centralized upgrades on the ASAs. We can literally go in and tick a bunch of ASAs - we have them grouped within their business uses. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us.
We use the command-line tool quite a lot to push out bulk commands and changes to ASAs. That saves us a considerable amount of time. We have firewalls that are used for guest WiFi access. We try and maintain them as a standard policy. We can do that centrally and push that out.
As for its security features around storing our firewall configurations in the cloud, I take it that it's secure, from conversations I had at the time. It's all encrypted on REST and in transit. That goes through our security team, who respond with that information. It doesn't concern me particularly because I know it's all encrypted. We also use two-factor authentication to be able to log in to the solution as well. Obviously, you need the user name and password, and you need the multifactor authentication key. That's built-in, we use the one that's provided by CDO, which is OneProtect. That works for rules.
Everybody has their own login and I've got a full, change-management log view, so I can see who's done what changes. The other advantage we get from that is, if somebody makes a change and there happens to be an out-of-hours issue, the users can log back in and they can look at the changes that were made on that firewall, and they can roll it back by clicking a button.
View full review »JM
Jairo Mendes
Network and Security Specialist at CONNECTED TECHNOLOGY
The most valuable feature is the restore history. For any changes that you have backed up, if something goes wrong, then the system will automatically prevent the system from crashing or from loss of the client's connection. When you start programming any ASA or device connected to CDO, if you make a mistake, you have the option to restore the previous configuration. You will not lose connection with the device and the client will continue working without problems.
We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple.
The solution’s security features for storing firewall configurations in the cloud are pretty secure. I don't see any problems with it. They have two-factor authentication. From what I see, it's working properly. I don't feel there is any gap there.
View full review »Buyer's Guide
Firewall Security Management
March 2024
Find out what your peers are saying about Cisco, Tufin, AlgoSec and others in Firewall Security Management. Updated: March 2024.
765,234 professionals have used our research since 2012.
DK
Dave Klunk
Network Security Engineer at a manufacturing company with 10,001+ employees
I don't stay in CDO all the time, so it's good that it shows what changes, if any, have been made by anybody else. That's a good feature.
View full review »HK
Hamed Khakipour
Sr. Network Engineer at Vocera
I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end and I don't really have to be involved. I just initiate, pick the image, and I pick when I want it done and it just does it, whether I have a single ASA or have a dual ASA. If I have a dual ASA and the primary is not active, the secondary wants me to make the primary active. It tells me that, but it's not a big deal.
I like the solution’s ability to make bulk changes across image upgrades.
For configuration changes, every time there's a change in the firewall, it records it in the cloud. If not, I have to go there and manually make sure it is sent. But it does have a configuration in the cloud.
In terms of firewall builds and daily management of existing firewalls, I use it for a rule-change or to add a rule to a single firewall.
View full review »JS
NetworkEa55f
Network Engineer at a healthcare company with 10,001+ employees
The rule usage is a nice feature.
The ability to see the uptimes on the different VPNs that we have configured for site-to-site.
The overarching policy as far as the rules go and the assessment that it can do with the rule base.
The GUI on it was decently put together.
View full review »PB
Architect1152942
Systems Architect at a university with 1,001-5,000 employees
The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets.
Although the solution supports ASA, FTD, and Meraki MX devices, we don't have any FTD or Meraki. But for ASA, which is the only thing we use it for, that's where it saves time and mental energy in figuring out what needs to be done, or how to implement something that has been requested.
View full review »The most valuable feature is that you can push one policy or one rule out to several devices at a time. That's pretty neat.
Cisco Defense Orchestrator has useful guides for the steps that need to follow by users.
View full review »IS
Isiac Sullivan
Network Administrator at Texas Hydraulics
- The bulk changes feature is definitely the most valuable.
- Being able to look at the configuration before and after the change is made, is helpful.
The most valuable feature of this solution is the centralization of device control. This helps to ensure that transactions between us and other companies are all secure. After we installed the firewalls we get reports for a safety check on a daily basis. Executive reports, custom reports, and penetration testing reports are all very valuable.
BN
BinhNguyen1
Product Consultant at a tech services company with 501-1,000 employees
With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products.
View full review »HL
Hasnae Lamrani Alaoui
Presales Engineer at DataProtect
The most valuable feature of this solution is the visibility that it provides into our network. It shows a graphical topography of the network.
View full review »FZ
reviewer1423293
Cyber Security Pre-Sales Consultant at a tech services company with 51-200 employees
The most valuable feature is the Intrusion prevention.
View full review »Buyer's Guide
Firewall Security Management
March 2024
Find out what your peers are saying about Cisco, Tufin, AlgoSec and others in Firewall Security Management. Updated: March 2024.
765,234 professionals have used our research since 2012.