We performed a comparison between AlgoSec and Cisco Defense Orchestrator based on real PeerSpot user reviews.
Find out what your peers are saying about AlgoSec, Tufin, Palo Alto Networks and others in Firewall Security Management."Breaking down a rule to specify used objects within groups and protocols has proven invaluable for us because we are able to narrow exposure to potential threats, and more generally, areas in which we are exposed."
"The features that I like are the monitoring and the alerts. It provides real-time monitoring, or at least close to real-time. I think that is important. I like its way of organizing, also. It is pretty clear. I also like their reporting structure - the way we can use AlgoSec to clear a rule base, like covering and hiding rules."
"We now have baseline and rules checking."
"ABF is application-centric. which helps to track changes in the application from day one."
"The Firewall Analyzer helps us achieve our various IT compliance requirements, like ISO-27001."
"The solution provides us with full visibility into the risk involved in firewall change requests. This is very important for us because we are regulated according to the FDA. It shows us which changes have been made and why. So, it has worked very well for our compliance needs."
"We need less time to identify any risks in our firewalls, as we can detect changes in real-time."
"It saves time by allowing administrators to test network traffic and pinpoint which rules are being triggered for a particular traffic flow."
"Cisco Defense Orchestrator has useful guides for the steps that need to follow by users."
"For this product, they are very uncharacteristically interested in resolving whatever issue the customer reports. They're really attentive, and they address whatever we bring up as quickly as they can. That's been a very positive aspect of the product."
"We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."
"The most valuable feature is being able to do centralized upgrades on the ASAs. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us."
"The bulk changes feature is definitely the most valuable."
"There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a little more complicated for people."
"The ability to see the uptimes on the different VPNs that we have configured for site-to-site."
"If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing."
"To be more specific, when we tried to add some devices on AlgoSec it seemed to be done but when you checked the monitor section, some device was always red. Finally, we could handle this part by installing a new software fix but AlgoSec support was weak when we tried to handle this process."
"Some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times."
"We would like to have a kind of "Time Capsule" to be able to restore to a certain state from a backup."
"Algosec should also be exploring the integration with the open source firewalls as well."
"A vulnerability management module might be interesting, though not integrated with a third-party vendor. It should be an AlgoSec VM module."
"In our environment, we add rules in the files based on user logins, but currently, we can't do that with AlgoSec. AlgoSec can't create rules based on user logins. For example, generally, when we create a rule, we put IP Address, Destination IP Address, and Service Port. However, in our environment, we put IP Address, User Login, Destination IP Address, and Service Port, but AlgoSec doesn't support a rule in this format. We opened a ticket regarding this with their support two months ago, and they said that they will be able to add it in the future, but they don't know the timeframe."
"The interface is more on the complex side."
"The Firewall Analyzer module can be improved to implement a vulnerability management solution, or they can link Firewall Analyzer with a vulnerability management solution in order to get a better overview of what's going on in our network in terms of vulnerabilities."
"The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities."
"I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus."
"It should have more features to manage FirePOWER appliances."
"The dashboard needs to be more customizable to provide better reporting for our network."
"They need to work on the user interface. It needs to be improved to make it more user-friendly."
"When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."
"Cisco Defense Orchestrator can improve by providing more support for third-party security components."
"If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it had that configuration." That view of new changes versus the old could be better... I had to log in manually, locally on the firewall, to check which version, which configuration was actually running. I couldn't see it in CDO."
Earn 20 points
AlgoSec is ranked 1st in Firewall Security Management with 173 reviews while Cisco Defense Orchestrator is ranked 14th in Firewall Security Management. AlgoSec is rated 9.0, while Cisco Defense Orchestrator is rated 8.2. The top reviewer of AlgoSec writes "Gives us the ability to dig down into details and work at a level above the skills that we already have". On the other hand, the top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". AlgoSec is most compared with Tufin Orchestration Suite, FireMon Security Manager, Skybox Security Suite, Palo Alto Networks Panorama and Azure Firewall Manager, whereas Cisco Defense Orchestrator is most compared with Palo Alto Networks Panorama, Tufin Orchestration Suite and Azure Firewall Manager.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
