"With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products."
"Cisco Defense Orchestrator has useful guides for the steps that need to follow by users."
"The most valuable feature is the Intrusion prevention."
"We also use the solution’s SASE integration capabilities to extend security policy management for cloud firewall management. It helps in creating one consistent rule across multiple platforms and it improves accuracy."
"For the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls."
"It is a good product. Previously, we were using only spreadsheets to compare the usage, but now with FireMon, we are able to clean up or review the policies to some extent. It is still a work in progress, but we are at a good stage now."
"In one report, FireMon tells us there are, say, 1,000 rules that can be taken out and it gives us the ability to disable those for a year and to track when we made our changes. After a year, we can go back and eliminate the rules, to bring the configuration down to an almost human-readable level."
"Compared to other applications, it is user-friendly. The appearance of the menus and titles is clear and they are easy to follow. Of course, it requires some experience through using it, to go through everything, but it is not very difficult. It is an easy application to use."
"FireMon decreases errors and misconfigurations by 10% that increase risk in our environment. That has to do a lot with the change reporting that is in place, but also with the built-in controls and custom controls that we have made. Those all decrease the errors that people naturally make on a day-to-day basis for firewall administration."
"FireMon is nice and provides 360-degree user views."
"The most valuable features are the security assessments and the ability to identify unused rules or objects."
"They need to work on the user interface. It needs to be improved to make it more user-friendly."
"They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."
"Cisco Defense Orchestrator can improve by providing more support for third-party security components."
"When it comes to identifying risk in our environment and prioritizing fixes, it is really about the different priorities within the organization. FireMon is not so smart that it can tell what's important to us. It's up to us to figure that out."
"I don't like that it comes with bugs, constant issues, and limited functionality."
"The initial setup can take some time, including connecting it and configuring it. It's not something that is easy for anybody to do. There is time and energy required because of the number of systems you have to configure to get it to work properly."
"The cost of the solution is pretty expensive. It would be ideal if they could work on their pricing."
"FireMon could improve its end-user practices. As an end user, I am just trying to catch up on all the alerts. There are so many, and you still have to go through them and document what was found."
"The advanced features are complex in setting up the rules."
"It comes as a Linux appliance on a server and we're not a Linux shop, we're more of a Windows shop. It would be great if they could automate or integrate the backups into it and other things through their GUI interface, just to make the management of Linux a little more transparent."
"Our firewalls have multiple paths through them and FireMon falls short a little bit because it's not Palo Alto-centric. I don't think FireMon has kept up with where Palo Alto is at. They started out being Check Point-centric for years and they've never really fully embraced the nuances others, like Palo Alto or Fortinet, have. They don't handle a lot of the capabilities and attributes that Palo Alto does yet. They're working on it. They're getting there."
Cisco Defense Orchestrator is ranked 11th in Firewall Security Management with 3 reviews while FireMon is ranked 3rd in Firewall Security Management with 17 reviews. Cisco Defense Orchestrator is rated 7.6, while FireMon is rated 8.0. The top reviewer of Cisco Defense Orchestrator writes "A simple and centralized way to manage all products". On the other hand, the top reviewer of FireMon writes "We have made massive improvements to firewall management and firewall hygiene". Cisco Defense Orchestrator is most compared with Palo Alto Networks Panorama, AlgoSec, Tufin, Skybox Security Suite and Fortinet FortiGate Cloud, whereas FireMon is most compared with Tufin, AlgoSec, Skybox Security Suite, Palo Alto Networks Panorama and AWS Firewall Manager. See our Cisco Defense Orchestrator vs. FireMon report.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
