• Home
  • Cisco Defense Orchestrator vs. Tufin Orchestration Suite

Cisco Defense Orchestrator vs Tufin Orchestration Suite comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo

Cisco Defense Orchestrator

Read 14 Cisco Defense Orchestrator reviews
1,093 views|325 comparisons
100% willing to recommend
Tufin Logo

Tufin Orchestration Suite

Read 180 Tufin Orchestration Suite reviews
12,176 views|7,128 comparisons
91% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Firewall Security Management
April 2024
Executive Summary

We performed a comparison between Cisco Defense Orchestrator and Tufin Orchestration Suite based on real PeerSpot user reviews.

Find out what your peers are saying about AlgoSec, Tufin, Palo Alto Networks and others in Firewall Security Management.
To learn more, read our detailed Firewall Security Management Report (Updated: April 2024).
Download the complete report
767,847 professionals have used our research since 2012.
Featured Review
Todd Ellis
Provides visibility into entire infrastructure and bulk changes save time and resources
For one particular client, we had almost a 20 percent remediation on some of their equipment as a result of all kinds of attacks from the desktop... Read more →
Valentin Tache
Simple setup, overall better network visibility, and scales well
The solution has made our operation a lot simpler. We are able to track changes in our network
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets.""We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple.""The most valuable feature is that you can push one policy or one rule out to several devices at a time.""This product provides excellent centralized device controls and reporting.""The initial setup was straightforward. We spun up the VM onsite. We generated the key that it needed to talk to the Cloud Orchestrator. After that, as I started adding devices, it was relatively quick and easy.""The most valuable feature is being able to do centralized upgrades on the ASAs. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us.""The most valuable feature is the Intrusion prevention.""If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing."

More Cisco Defense Orchestrator Pros →

"Comparing the rules and policy browser is valuable to me. It gives me the ability to pull running configs and be able to analyze them without having to go directly into the firewall.""It is very stable.""We use Tufin to clean up our firewall policies. This makes it a lot easier to find out the things that are wrong.""We were hit by the NotPetya attack. Therefore, our whole company and all its sites were down for several months. So, you don't have an attack like that and not need something like Tufin. Other companies can prevent these attacks, or at least slow them down, by having this type of a tool. We will never go back.""Visibility is its largest and most valuable feature. You can see everything or all the devices on the network for each customer. It provides you a larger view of what might be wrong with the network and how you can improve it with firewall rules, etc. If you are talking about secure change, being able to automate the entire change process is pretty much the winner for us. It is going to really reduce the time that it takes for us to do changes, and we can just go out and get more customers.""It has allowed us to be more efficient in our processing of firewall requests.""It's hard to pick the most valuable feature. All of them are valuable, they're all critical for us... ChangeTrack obviously has a lot of very good features, like the risk analysis, the USP, and the Policy Browser.""Our engineers save quite a bit of time that was previously spent on manual processes."

More Tufin Orchestration Suite Pros →

Cons
"It would be a better product if it incorporated device control for third-party products easily.""They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud.""I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus.""The dashboard needs to be more customizable to provide better reporting for our network.""I've found dozens of bugs over the year we've been using it. The more I use it for different things, the more problems I find... Most of the problems have to do with the user interface. A lot of thought and work has gone into the back-end component to make the product do what it's intended to do, but the way it is presented for use hasn't gotten nearly as much thought to make it smart and bug-free.""It should have more features to manage FirePOWER appliances.""The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities.""When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."

More Cisco Defense Orchestrator Cons →

"The metrics need improvement. They need more consistency or understanding of automation, along lines of customization of automation.""There are things that could be explained a little better for somebody brand new to this system, which could be helpful, especially if it was in real-time while you were working in the system. Having the ability in real-time to be able to understand search query suggestions would be helpful.""The firewall management is complex for beginners.""In the next release I would like to see better migration in the Cloud because that will allow more visibility in the network.""The two main negative points with Tufin Orca are the absence of full support and that accommodation of files and tools is not provided in a good way.""They need to offer more support to vendors, such as Cisco, Checkpoint, Fortinet, and Forcepoint.""It would be better if they modernized the web GUI. The web interface GUI is simple and not complicated, but it's also too old.""The GUI is limited with respect to how much you can develop and visualize the process."

More Tufin Orchestration Suite Cons →

Pricing and Cost Advice
  • "It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year."
  • "It's around £500 per unit for a three-year license."
  • "After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."
  • "It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."
  • "If you compare to what is available on the market, they are in the same range with respect to pricing."
  • "I work with a lot of clients, and the price or value of the Cisco Defense Orchestrator can vary from one client to another. If you have a lot of Cisco solutions, the price of the Cisco Defense Orchestrator is justified. Whereas if you have some security components from other vendors, such as Check Point or Palo Alto. This solution would be a pretty expensive proposition considering that they don't integrate with them well."

    • More Cisco Defense Orchestrator Pricing and Cost Advice →

  • "This solution helped us to reduce the time it takes to make changes. We used to spend up to an hour to do a change, and now, it's around five minutes."
  • "Tufin and AlgoSec were pretty much in the competitive price range, but this one provided us better integration into the Check Point environment."
  • "The solution has helped us to reduce the time it takes to make changes. With Tufin, it takes ten to 15 minutes. Before, it was 30 minutes or more."
  • "The solution has helped reduce the time it takes us to make changes. It helps make overall integrated changes immediately. It allows us to cut down at least a few hours in the week in regards to changes and monitoring."
  • "We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."
  • "Tufin makes things a little easier. It lessens the amount of manual work which we have to do. It has a lot of benefits in terms of revenues, profits, employee costs, and operational costs. We have already seen return on investment."
  • "This solution helps us reduce the time it takes us to make changes. We're probably saving time by 25%."
  • "Tufin reduced the time it takes to solve a problem, which reduces the time of the outage."

    • More Tufin Orchestration Suite Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
    See Recommendations
    767,847 professionals have used our research since 2012.
    Questions from the Community
    Ask a question

    Earn 20 points

    What do you like most about Tufin?
    Top Answer:The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over… more »
    Read all 91 answers   →
    What is your experience regarding pricing and costs for Tufin?
    Top Answer:Tuffin is expensive, and we have to explain to our customers the benefit for them to purchase. If we explain the benefits in the correct way they do not mind the price. We typically do costing for the… more »
    Read all 37 answers   →
    What needs improvement with Tufin?
    Top Answer:The reporting function could improve in Tufin. For our clients with companies that have strong compliance, reporting privacy data is mostly a problem. In the IT department, private data needs a… more »
    Read all 86 answers   →
    Ranking
    14th
    out of 17 in Firewall Security Management
    Views
    1,093
    Comparisons
    325
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    2nd
    out of 17 in Firewall Security Management
    Views
    12,176
    Comparisons
    7,128
    Reviews
    10
    Average Words per Review
    444
    Rating
    7.8
    Comparisons
    Also Known As
    CDO
    Tufin SecureCloud
    Learn More
    Cisco
    Video Not Available
    Tufin
    Interactive Demo
    Cisco
    Watch a demo
    Tufin
    Demo Not Available
    Overview

    Cisco Defense Orchestrator (CDO) is a cloud-based management solution designed to ensure streamlined and consistent security policies across the Cisco security portfolio. Specifically tailored to manage all Cisco Secure Firewall form factors (running either ASA or Firepower Threat Defense (FTD) software), CDO offers real-time visibility and troubleshooting capabilities, effectively enhancing overall network security.

    CDO addresses the challenges of migration, supporting transitions from on-premises to cloud environments and facilitating the shift from ASA to FTD configurations. As organizations embark on their cloud adoption journey, CDO simplifies provisioning workflows for remote branches, reduces operational expenditures related to inventory management, and offers scalability for multi-cloud deployments.

    Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines. 

    Sample Customers
    Insurance Company of British Columbia, Shawmut
    3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
    Top Industries
    REVIEWERS
    Manufacturing Company43%
    University14%
    Consumer Goods Company14%
    Healthcare Company14%
    VISITORS READING REVIEWS
    Computer Software Company44%
    Manufacturing Company7%
    Financial Services Firm5%
    Government5%
    REVIEWERS
    Financial Services Firm26%
    Comms Service Provider11%
    Healthcare Company7%
    Insurance Company7%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company17%
    Manufacturing Company7%
    Retailer6%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise21%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business11%
    Midsize Enterprise5%
    Large Enterprise83%
    REVIEWERS
    Small Business14%
    Midsize Enterprise7%
    Large Enterprise79%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise15%
    Large Enterprise70%
    Buyer's Guide
    Firewall Security Management
    April 2024
    Download Free Report
    Find out what your peers are saying about AlgoSec, Tufin, Palo Alto Networks and others in Firewall Security Management. Updated: April 2024.
    DOWNLOAD NOW
    767,847 professionals have used our research since 2012.

    Cisco Defense Orchestrator is ranked 14th in Firewall Security Management while Tufin Orchestration Suite is ranked 2nd in Firewall Security Management with 180 reviews. Cisco Defense Orchestrator is rated 8.2, while Tufin Orchestration Suite is rated 8.0. The top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". Cisco Defense Orchestrator is most compared with AlgoSec, Palo Alto Networks Panorama and Azure Firewall Manager, whereas Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Skybox Security Suite, Palo Alto Networks Panorama and Illumio.

    See our list of best Firewall Security Management vendors.

    We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.