We performed a comparison between Cisco Defense Orchestrator and Skybox Security Suite based on real PeerSpot user reviews.
Find out what your peers are saying about AlgoSec, Tufin, Palo Alto Networks and others in Firewall Security Management."We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."
"The initial setup was straightforward. We spun up the VM onsite. We generated the key that it needed to talk to the Cloud Orchestrator. After that, as I started adding devices, it was relatively quick and easy."
"The most valuable feature is the Intrusion prevention."
"If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time."
"The most valuable feature is that you can push one policy or one rule out to several devices at a time."
"I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end and I don't really have to be involved. I just initiate, pick the image, and I pick when I want it done and it just does it, whether I have a single ASA or have a dual ASA."
"The most valuable feature is being able to do centralized upgrades on the ASAs. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us."
"With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products."
"The most valuable feature is firewall management."
"It shows me a client's or an organization's entire network. I can see everything."
"Change Manager is most important because of the impact on each other of a network change or a firewall change. We want to understand this and to know, beforehand, what the impact of a change will be. We are a large network so that is a very important tool."
"When you import all the assets that you have, like desktops, servers, networks, devices, routers, and then firewalls, and other products, then Skybox makes like, a model of the network, but with context. So, it is not just a model in VIZIO. Or something like it like that. You get the model with context, and, like, it looks like a real network in a real-time. So you can check your network and the security of your network on that model."
"The most valuable features of Skybox Security Suite are all the modules that are provided, such as vulnerability assessments and network, and firewall assessments."
"Skybox deployment is simple, and it's very useful."
"Key features for us include the firewall change audit every week. Also, being able to track firewall ACL usage, so that we can produce semiannual reports on ACL usage and shadowed and redundant rules on the firewall."
"We are currently working on rule review and compliance. The logging features are good."
"When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."
"They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."
"I've found dozens of bugs over the year we've been using it. The more I use it for different things, the more problems I find... Most of the problems have to do with the user interface. A lot of thought and work has gone into the back-end component to make the product do what it's intended to do, but the way it is presented for use hasn't gotten nearly as much thought to make it smart and bug-free."
"The dashboard needs to be more customizable to provide better reporting for our network."
"They need to work on the user interface. It needs to be improved to make it more user-friendly."
"It should have more features to manage FirePOWER appliances."
"CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring."
"It would be a better product if it incorporated device control for third-party products easily."
"They are not satisfied with the complexity of the solution and the price."
"The solution needs to move improve its interface to a full web browser version that is more accessible and doesn't require installation for use."
"There is room for improvement in pricing. It would be better, especially if a customer bought all four modules."
"The tool does not offer options for customization."
"The solution needs improvement in firewall configuration checks. I would also like to see more configuration checks for Forcepoint and for other non-supported firewalls."
"The most recent update was not tested with all of the vendors before it was released, so some of the features are misbehaving."
"I've had issues with licensing where, when they were expiring and I asked for the updated licenses, I would the wrong ones. I think their process needs to be straightened out a little bit - I don't know if they fixed it already, it has been awhile. It wasn't as straightforward as it could have been."
"The Network Assurance, which helps to create the network model, is not so rich."
Earn 20 points
Cisco Defense Orchestrator is ranked 14th in Firewall Security Management while Skybox Security Suite is ranked 6th in Firewall Security Management with 33 reviews. Cisco Defense Orchestrator is rated 8.2, while Skybox Security Suite is rated 7.8. The top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". On the other hand, the top reviewer of Skybox Security Suite writes "Efficient in vulnerability management, stable and easy to use ". Cisco Defense Orchestrator is most compared with AlgoSec, Palo Alto Networks Panorama, Tufin Orchestration Suite and Azure Firewall Manager, whereas Skybox Security Suite is most compared with AlgoSec, Tufin Orchestration Suite, FireMon Security Manager, Palo Alto Networks Panorama and RedSeal.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.