We performed a comparison between AWS Firewall Manager and Cisco Defense Orchestrator based on real PeerSpot user reviews.
Find out what your peers are saying about AlgoSec, Tufin, Palo Alto Networks and others in Firewall Security Management."The interface is intuitive and it is easy for the users."
"AWS Firewall Manager isn't a separate solution when you create the virtual private cloud (VPC), so you can control the traffic through that security group."
"Once this solution is set up, we hardly have to touch it."
"Also, the strength of the community is invaluable."
"The most valuable feature is the centrally managed rule. I also like the central orchestration."
"It has centralized cloud firewall management rules. It provides compliance in tracking and reporting."
"There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a little more complicated for people."
"The most valuable feature is the Intrusion prevention."
"The bulk changes feature is definitely the most valuable."
"The ability to see the uptimes on the different VPNs that we have configured for site-to-site."
"For this product, they are very uncharacteristically interested in resolving whatever issue the customer reports. They're really attentive, and they address whatever we bring up as quickly as they can. That's been a very positive aspect of the product."
"The most valuable feature is being able to do centralized upgrades on the ASAs. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us."
"The most valuable feature is that you can push one policy or one rule out to several devices at a time."
"We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."
"They could consider organizing and enhancing documentation in a more structured and chronological manner"
"It needs to be more employee-friendly, and the security management could be more efficient."
"This solution is suitable for a small-scale enterprise and may not scale up to a very high volume of traffic or a large number of servers."
"Enabling and configuring the logging is not that straightforward."
"The system should be more customizable."
"I would like to see AWS add some UTM features to the firewall. It would also be great if AWS Firewall had native IPS/IDS. They have the separate IPS/IDS, GuardDuty."
"When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."
"If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it had that configuration." That view of new changes versus the old could be better... I had to log in manually, locally on the firewall, to check which version, which configuration was actually running. I couldn't see it in CDO."
"I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus."
"It would be a better product if it incorporated device control for third-party products easily."
"There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a change. If I make a change, I've then got to go back to submit and send the change."
"The dashboard needs to be more customizable to provide better reporting for our network."
"CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring."
"Cisco Defense Orchestrator can improve by providing more support for third-party security components."
Earn 20 points
AWS Firewall Manager is ranked 8th in Firewall Security Management with 6 reviews while Cisco Defense Orchestrator is ranked 14th in Firewall Security Management. AWS Firewall Manager is rated 7.8, while Cisco Defense Orchestrator is rated 8.2. The top reviewer of AWS Firewall Manager writes "Streamlining security and enhanced file transfer control". On the other hand, the top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". AWS Firewall Manager is most compared with Palo Alto Networks Panorama, Fortinet FortiGate Cloud, Azure Firewall Manager, Cisco Secure Firewall Management Center and Tufin Orchestration Suite, whereas Cisco Defense Orchestrator is most compared with AlgoSec, Palo Alto Networks Panorama, Tufin Orchestration Suite, Azure Firewall Manager and Cisco Secure Firewall Management Center.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.