Try our new research platform with insights from 80,000+ expert users

Cisco Security Cloud Control vs Tufin Orchestration Suite comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 22, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Security Cloud Control
Ranking in Firewall Security Management
14th
Average Rating
8.2
Number of Reviews
15
Ranking in other categories
No ranking in other categories
Tufin Orchestration Suite
Ranking in Firewall Security Management
2nd
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
184
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2025, in the Firewall Security Management category, the mindshare of Cisco Security Cloud Control is 1.1%, down from 1.3% compared to the previous year. The mindshare of Tufin Orchestration Suite is 22.1%, up from 20.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management
 

Featured Reviews

Vivek Balaji - PeerSpot reviewer
Useful guides, excellent support, integration could improve
Cisco Defense Orchestrator has useful guides for the steps that need to follow by users Cisco Defense Orchestrator can improve by providing more support for third-party security components. I have been using Cisco Defense Orchestrator for approximately eight months. The Cisco Defense…
MithatBulut - PeerSpot reviewer
New employees can quickly grasp the various IPs, devices, and the network's logical and physical
Tufin is primarily used to orchestrate and manage network traffic and firewall devices. It is specifically useful for implementing firewall policies and handling requests from clients that require policy updates or changes Tufin simplifies understanding network topology. New employees can quickly…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products."
"There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a little more complicated for people."
"The ability to see the uptimes on the different VPNs that we have configured for site-to-site."
"If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing."
"The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets."
"The most valuable feature is that you can push one policy or one rule out to several devices at a time."
"We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."
"If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time."
"The most valuable feature is the reporting of our risk poster in our firewall."
"Tufin Orchestration Suite is a good tool that makes firewall policies faster to implement from a central point, and its support is good."
"The filtering of lots of criteria is very valuable."
"The most valuable feature is alerting, which lets me know when someone has made a change."
"This solution has helped us meet our compliance mandates. Everything is all auditable. Every change is tracked down to the person and time."
"We just got done with major audits. Tufin was able to provide information to give back to people, and say, "Hey, this is what I need to do, and what we're doing.""
"We've scaled it to hundreds of firewalls."
"The product is good at auditing the changes that we make in our environment."
 

Cons

"CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring."
"We had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have been nice if it had been flagged for us: "Hey, these updates are failing because the MX is blocking it." It wasn't a huge problem, but there was a loss of our time as well as the fact that the updates didn't get pushed out... It would have been nice if CDO had let us know that that was an issue."
"It should have more features to manage FirePOWER appliances."
"I've found dozens of bugs over the year we've been using it. The more I use it for different things, the more problems I find... Most of the problems have to do with the user interface. A lot of thought and work has gone into the back-end component to make the product do what it's intended to do, but the way it is presented for use hasn't gotten nearly as much thought to make it smart and bug-free."
"They need to work on the user interface. It needs to be improved to make it more user-friendly."
"Cisco Defense Orchestrator should be made more user-friendly overall. Currently, to use it effectively, one must be specific with the rule set that needs to be set up."
"The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities."
"I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus."
"The reports could be easier to read and more customizable. Also, capturing some of the different versions, and being able to dig through them could be a bit better."
"The pricing of the solution is rather expensive."
"The older version that we have doesn't support some newer firewall vendors."
"While Tufin is suitable for small businesses, issues can arise in larger enterprises, particularly concerning policy-based forwarding and NAT traffic."
"It could be a little more intuitive."
"I would like more enforcement. Right now. it's a lot of alerting. You see it in Tufin, but you have to go to Check Point or whatever device to make the actual action."
"Their pricing can be better. It is not very transparent."
"I would like to see better report integration in this solution."
 

Pricing and Cost Advice

"It's around £500 per unit for a three-year license."
"I work with a lot of clients, and the price or value of the Cisco Defense Orchestrator can vary from one client to another. If you have a lot of Cisco solutions, the price of the Cisco Defense Orchestrator is justified. Whereas if you have some security components from other vendors, such as Check Point or Palo Alto. This solution would be a pretty expensive proposition considering that they don't integrate with them well."
"It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."
"It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year."
"If you compare to what is available on the market, they are in the same range with respect to pricing."
"After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."
"Pricing is quite high. We did compare it with AlgoSec but the pricing is not much different between the two."
"The solution is more reasonably priced than its competitors."
"Tufin makes things a little easier. It lessens the amount of manual work which we have to do. It has a lot of benefits in terms of revenues, profits, employee costs, and operational costs. We have already seen return on investment."
"The licensing costs are around $250,000 to $300,000."
"We have seen ROI from the side of operations, and we'll probably get to more of that as time goes on. However it took a while to get to that point."
"If you don't buy their premium support, their technical support is not great and you can only call during daytime hours. So, we ended up purchasing their premium support."
"The solution has helped us to reduce the time it takes to make changes. With Tufin, it takes ten to 15 minutes. Before, it was 30 minutes or more."
"It's quite an expensive solution."
report
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
859,579 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
49%
Manufacturing Company
12%
Financial Services Firm
8%
Legal Firm
3%
Financial Services Firm
17%
Computer Software Company
14%
Manufacturing Company
10%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What needs improvement with Cisco Defense Orchestrator?
Cisco Defense Orchestrator should be made more user-friendly overall. Currently, to use it effectively, one must be specific with the rule set that needs to be set up. Additionally, I suggest impro...
What is your primary use case for Cisco Defense Orchestrator?
Our primary use case for Cisco Defense Orchestrator is the automation of playbooks. We primarily use it for this purpose to streamline processes.
What advice do you have for others considering Cisco Defense Orchestrator?
Those who want to use Cisco Defense Orchestrator should build their own use case and see if it fits their environment. The most significant benefit for us is the response time because it automates ...
What needs improvement with Tufin SecureCloud?
Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendo...
What is your primary use case for Tufin SecureCloud?
I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compiling. However, I am not currently working with ACA, and I don't have any project...
What advice do you have for others considering Tufin SecureCloud?
There is potential for improvement in explaining the analytics in the dashboard for Tufin Orchestration Suite. Tufin Orchestration Suite does provide good monitoring; however, interpreting the grap...
 

Also Known As

Cisco Defense Orchestrator, CDO
Tufin SecureCloud
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Insurance Company of British Columbia, Shawmut
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Find out what your peers are saying about Cisco Security Cloud Control vs. Tufin Orchestration Suite and other solutions. Updated: June 2025.
859,579 professionals have used our research since 2012.