Cisco Security Cloud Control vs Tufin Orchestration Suite comparison

Cisco Security Cloud Control vs. Tufin Orchestration Suite

Download the complete report

Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Security Cloud Control

Ranking in Firewall Security Management

14th

Average Rating

8.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Tufin Orchestration Suite

Ranking in Firewall Security Management

2nd

Average Rating

8.0

Reviews Sentiment

7.2

Number of Reviews

184

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2025, in the Firewall Security Management category, the mindshare of Cisco Security Cloud Control is 1.0%, down from 1.3% compared to the previous year. The mindshare of Tufin Orchestration Suite is 22.2%, up from 20.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewall Security Management

Featured Reviews

Vivek Balaji

Technical Director - Cyber Security at a comms service provider with 1-10 employees

Useful guides, excellent support, integration could improve

Cisco Defense Orchestrator has useful guides for the steps that need to follow by users Cisco Defense Orchestrator can improve by providing more support for third-party security components. I have been using Cisco Defense Orchestrator for approximately eight months. The Cisco Defense…

Read full review

MithatBulut

Network Security Engineer at TD SYNNEX

New employees can quickly grasp the various IPs, devices, and the network's logical and physical

Tufin is primarily used to orchestrate and manage network traffic and firewall devices. It is specifically useful for implementing firewall policies and handling requests from clients that require policy updates or changes Tufin simplifies understanding network topology. New employees can quickly…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time."

"The bulk changes feature is definitely the most valuable."

"Cisco Defense Orchestrator has useful guides for the steps that need to follow by users."

"With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products."

"The ability to see the uptimes on the different VPNs that we have configured for site-to-site."

"We have quite a few Active Stone by pairs. If they fail over... I'll see that there's a change on it and I'll have a look. The only change on it is that now this one is the standby, it took over the active role. I can go into that firewall and find out what happened... and troubleshoot based on that. That's pretty cool too."

"The initial setup was straightforward. We spun up the VM onsite. We generated the key that it needed to talk to the Cloud Orchestrator. After that, as I started adding devices, it was relatively quick and easy."

"The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets."

More Cisco Security Cloud Control pros

"The solution helps us meet our compliance needs."

"The most valuable feature is the reporting of our risk poster in our firewall."

"This solution helps us ensure that security policy is followed across our entire hybrid network. You can have a Unified Security Policy which reaches across all networks, so if you are having a change submitted, it doesn't matter if you're enforcing it or not. You can get an alert saying, "This is a violation." That's a value-add."

"The features I have found most valuable are its capability to check on the firewall and the routers. Afterwards it checks out all the configs, checks the vulnerabilities, checks the risks - it checks everything that may end up causing our router to be compromised. At the end it recommendations what we should do."

"The reporting on offer is very good. Tufin makes nice reports."

"The visibility is very good. We have managers who are overseeing it, and they are approving things through it."

"The technical support is pretty good."

"It provides a real-time sense of how the policies are configured and whether there are any shadow rules. Another great thing is that it provides greater reporting based on how the rules have been set up."

More Tufin Orchestration Suite pros

Cons

"There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a change. If I make a change, I've then got to go back to submit and send the change."

"Cisco Defense Orchestrator can improve by providing more support for third-party security components."

"If I make a change locally to the firewall, CDO gives an alarm or an error message and says there's a change in compliance: "The firewall has this configuration but the last time it was compiled it had that configuration." That view of new changes versus the old could be better... I had to log in manually, locally on the firewall, to check which version, which configuration was actually running. I couldn't see it in CDO."

"They need to work on the user interface. It needs to be improved to make it more user-friendly."

"It should have more features to manage FirePOWER appliances."

"When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."

"We had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have been nice if it had been flagged for us: "Hey, these updates are failing because the MX is blocking it." It wasn't a huge problem, but there was a loss of our time as well as the fact that the updates didn't get pushed out... It would have been nice if CDO had let us know that that was an issue."

"Cisco Defense Orchestrator should be made more user-friendly overall. Currently, to use it effectively, one must be specific with the rule set that needs to be set up."

More Cisco Security Cloud Control cons

"I would like to see visibility into the FW features like IPS/Content Filter policies, the same way it does for FW rules/policies."

"I would like to see more about the cloud in the next release. They need a large plan to deploy the cloud into the solution and a way to implement it."

"For me, there are two things that can make Tufin a bit better... [It needs] a better focus on automation - automating a lot of the processes; and automating rule re-certification, or at least finding a way to simplify it."

"There were some hiccups here and there with the initial setup."

"We will be using the appliance based product, which cannot be scaled as much. It is a limitation in the hardware."

"The initial setup can be tough."

"The documentation site is horrible as well. It has a tree structure, and you really get lost quite easily."

"The biggest area where I see a need for improvement is some of the documentation and training stuff. It does a really good job of hitting the big concepts, but it needs like another layer deeper of actually getting into some of the details of how to do some of the things. Conceptually, I understand how the product works, but now how do I start building stuff and integrating it into my environment."

More Tufin Orchestration Suite cons

Pricing and Cost Advice

"It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."

"If you compare to what is available on the market, they are in the same range with respect to pricing."

"It's around £500 per unit for a three-year license."

"After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."

"It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year."

"I work with a lot of clients, and the price or value of the Cisco Defense Orchestrator can vary from one client to another. If you have a lot of Cisco solutions, the price of the Cisco Defense Orchestrator is justified. Whereas if you have some security components from other vendors, such as Check Point or Palo Alto. This solution would be a pretty expensive proposition considering that they don't integrate with them well."

"Tufin reduced the time it takes to solve a problem, which reduces the time of the outage."

"If you don't buy their premium support, their technical support is not great and you can only call during daytime hours. So, we ended up purchasing their premium support."

"Pricing played a big part here... The customer had evaluated other products but, due to price as well as support, they chose Tufin."

"We have seen ROI just in the time savings and knowledge. Knowledge is power. Having the solution do it automatically for you without you doing the work is huge. If you are spending $50,000 a year, it could have cost you a $100,000 in man-hours without it, especially if you are working with a team.."

"The price of Tufin could be lower."

"For us, the pricing was six out of ten, with ten being the most expensive and one being the cheapest."

"There is a permanent license for devices, but it's not relative to a device itself. Once you purchase 10 licenses for virtual appliances or virtual context, you can put them into different virtual firewalls, but you can reuse these licenses for other devices if you don't need them for the old ones."

"Tufin and AlgoSec were pretty much in the competitive price range, but this one provided us better integration into the Check Point environment."

More Tufin Orchestration Suite pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.

See recommendations

849,686 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

53%

Manufacturing Company

10%

Financial Services Firm

Legal Firm

Financial Services Firm

19%

Computer Software Company

15%

Manufacturing Company

10%

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What needs improvement with Cisco Defense Orchestrator?

Cisco Defense Orchestrator should be made more user-friendly overall. Currently, to use it effectively, one must be specific with the rule set that needs to be set up. Additionally, I suggest impro...

What is your primary use case for Cisco Defense Orchestrator?

Our primary use case for Cisco Defense Orchestrator is the automation of playbooks. We primarily use it for this purpose to streamline processes.

What advice do you have for others considering Cisco Defense Orchestrator?

Those who want to use Cisco Defense Orchestrator should build their own use case and see if it fits their environment. The most significant benefit for us is the response time because it automates ...

What do you like most about Tufin SecureCloud?

The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over diffe...

What needs improvement with Tufin SecureCloud?

Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendo...

What is your primary use case for Tufin SecureCloud?

I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compiling. However, I am not currently working with ACA, and I don't have any project...

Palo Alto Networks Panorama vs Cisco Security Cloud Control

Comparisons

Compared 52% of the time

More Cisco Security Cloud Control Competitors

AlgoSec vs Tufin Orchestration Suite

Compared 36% of the time

FireMon Security Manager vs Tufin Orchestration Suite

Compared 29% of the time

Skybox Security Suite vs Tufin Orchestration Suite

Compared 17% of the time

Palo Alto Networks Panorama vs Tufin Orchestration Suite

Compared 6% of the time

AWS Firewall Manager vs Tufin Orchestration Suite

Compared 1% of the time

More Tufin Orchestration Suite Competitors

Product Reports

Cisco Security Cloud Control

Download Cisco Security Cloud Control product report

Tufin Orchestration Suite

Download Tufin Orchestration Suite product report

Also Known As

Cisco Defense Orchestrator, CDO

Tufin SecureCloud

Interactive Demo

Cisco

Demo not available

Tufin

Overview

Cisco Security Cloud Control offers centralized management, real-time visibility, and AI-driven automation for on-premises and cloud environments, simplifying scalability and deployment.

With a unified approach, Cisco Security Cloud Control enhances security posture by providing cross-platform insights across Cisco's ecosystem. It accelerates threat detection and optimizes policy enforcement through a blend of AI automation and natural language querying capabilities. The intuitive platform serves multiple devices, enabling comprehensive management of Secure Firewall, Secure Access, and other services with guidance from the Cisco AI Assistant. It also includes an AI Operations feature that identifies critical issues and provides real-time insights, enhancing response times while a policy analyzer improves security hygiene by detecting and closing security gaps. Its automation minimizes manual tasks, secures cloud-stored configurations, and supports two-factor authentication. However, it could benefit from improvements in navigation clarity, bulk change handling, and expanded third-party integrations.

What are the key features of Cisco Security Cloud Control?

Centralized Device Control: Streamlines management with bulk policy upgrades and automation.
AI-Driven Automation: Reduces manual tasks and enhances threat detection.
Network Visibility: Provides insights with valuable reporting and intrusion prevention.
Intuitive Configuration: Enables easy policy adjustments and restoration of secure connections.

What benefits can users anticipate?

Increased Efficiency: Reduces operational overhead with centralized management.
Improved Security: Enhances protection through automated policy enforcement and AI insights.
Time Savings: Simplifies management of multiple devices in cloud and on-premises environments.
Scalability: Supports growth with ease of deployment and policy consistency.

Industries implementing Cisco Security Cloud Control leverage its capabilities for tasks ranging from firewall management to intrusion prevention. Enterprises use it to streamline policy management, automate configurations, and integrate Cisco devices with cloud strategies, benefiting from simplified security orchestration and network segmentation.

Cisco

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines.

Tufin

Sample Customers

Insurance Company of British Columbia, Shawmut

3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service

Cisco Security Cloud Control vs. Tufin Orchestration Suite