Cisco Defense Orchestrator Valuable Features

TE
CTO at Secure Networkers

The simplicity, efficiency, and effectiveness of it are valuable.

There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a little more complicated for people.

View full review »
RB
Network and Data Centre Platform Manager at a manufacturing company with 1,001-5,000 employees

The most valuable feature is being able to do centralized upgrades on the ASAs. We can literally go in and tick a bunch of ASAs - we have them grouped within their business uses. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us.

We use the command-line tool quite a lot to push out bulk commands and changes to ASAs. That saves us a considerable amount of time. We have firewalls that are used for guest WiFi access. We try and maintain them as a standard policy. We can do that centrally and push that out.

As for its security features around storing our firewall configurations in the cloud, I take it that it's secure, from conversations I had at the time. It's all encrypted on REST and in transit. That goes through our security team, who respond with that information. It doesn't concern me particularly because I know it's all encrypted. We also use two-factor authentication to be able to log in to the solution as well. Obviously, you need the user name and password, and you need the multifactor authentication key. That's built-in, we use the one that's provided by CDO, which is OneProtect. That works for rules.

Everybody has their own login and I've got a full, change-management log view, so I can see who's done what changes. The other advantage we get from that is, if somebody makes a change and there happens to be an out-of-hours issue, the users can log back in and they can look at the changes that were made on that firewall, and they can roll it back by clicking a button.

View full review »
JM
Network and Security Specialist at CONNECTED TECHNOLOGY

The most valuable feature is the restore history. For any changes that you have backed up, if something goes wrong, then the system will automatically prevent the system from crashing or from loss of the client's connection. When you start programming any ASA or device connected to CDO, if you make a mistake, you have the option to restore the previous configuration. You will not lose connection with the device and the client will continue working without problems.

We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple.

The solution’s security features for storing firewall configurations in the cloud are pretty secure. I don't see any problems with it. They have two-factor authentication. From what I see, it's working properly. I don't feel there is any gap there.

View full review »
Buyer's Guide
Firewall Security Management
March 2024
Find out what your peers are saying about Cisco, Tufin, AlgoSec and others in Firewall Security Management. Updated: March 2024.
765,234 professionals have used our research since 2012.
DK
Network Security Engineer at a manufacturing company with 10,001+ employees

I don't stay in CDO all the time, so it's good that it shows what changes, if any, have been made by anybody else. That's a good feature.

View full review »
HK
Sr. Network Engineer at Vocera

I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end and I don't really have to be involved. I just initiate, pick the image, and I pick when I want it done and it just does it, whether I have a single ASA or have a dual ASA. If I have a dual ASA and the primary is not active, the secondary wants me to make the primary active. It tells me that, but it's not a big deal.

I like the solution’s ability to make bulk changes across image upgrades.

For configuration changes, every time there's a change in the firewall, it records it in the cloud. If not, I have to go there and manually make sure it is sent. But it does have a configuration in the cloud.

In terms of firewall builds and daily management of existing firewalls, I use it for a rule-change or to add a rule to a single firewall.

View full review »
JS
Network Engineer at a healthcare company with 10,001+ employees

The rule usage is a nice feature. 

The ability to see the uptimes on the different VPNs that we have configured for site-to-site.

The overarching policy as far as the rules go and the assessment that it can do with the rule base.

The GUI on it was decently put together.

View full review »
PB
Systems Architect at a university with 1,001-5,000 employees

The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets.

Although the solution supports ASA, FTD, and Meraki MX devices, we don't have any FTD or Meraki. But for ASA, which is the only thing we use it for, that's where it saves time and mental energy in figuring out what needs to be done, or how to implement something that has been requested.

View full review »
it_user1141920 - PeerSpot reviewer
Systems Engineer at a tech services company with 11-50 employees

The most valuable feature is that you can push one policy or one rule out to several devices at a time. That's pretty neat.

View full review »
Vivek Balaji - PeerSpot reviewer
Technical Director - Cyber Security at a comms service provider with 1-10 employees

Cisco Defense Orchestrator has useful guides for the steps that need to follow by users.

View full review »
IS
Network Administrator at Texas Hydraulics
  • The bulk changes feature is definitely the most valuable. 
  • Being able to look at the configuration before and after the change is made, is helpful.
View full review »
it_user1004274 - PeerSpot reviewer
I.T. Manager at Egypt Foods group

The most valuable feature of this solution is the centralization of device control. This helps to ensure that transactions between us and other companies are all secure. After we installed the firewalls we get reports for a safety check on a daily basis. Executive reports, custom reports, and penetration testing reports are all very valuable.

View full review »
BN
Product Consultant at a tech services company with 501-1,000 employees

With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products. 

View full review »
HL
Presales Engineer at DataProtect

The most valuable feature of this solution is the visibility that it provides into our network. It shows a graphical topography of the network.

View full review »
FZ
Cyber Security Pre-Sales Consultant at a tech services company with 51-200 employees

The most valuable feature is the Intrusion prevention.

View full review »
Buyer's Guide
Firewall Security Management
March 2024
Find out what your peers are saying about Cisco, Tufin, AlgoSec and others in Firewall Security Management. Updated: March 2024.
765,234 professionals have used our research since 2012.