We performed a comparison between Cisco Defense Orchestrator and Tufin Orchestration Suite based on real PeerSpot user reviews.
Find out in this report how the two Firewall Security Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."When we're looking to the policies, it identifies the shadow rules. It notifies us about anything that will supersede other rules."
"We have quite a few Active Stone by pairs. If they fail over... I'll see that there's a change on it and I'll have a look. The only change on it is that now this one is the standby, it took over the active role. I can go into that firewall and find out what happened... and troubleshoot based on that. That's pretty cool too."
"This product provides excellent centralized device controls and reporting."
"For this product, they are very uncharacteristically interested in resolving whatever issue the customer reports. They're really attentive, and they address whatever we bring up as quickly as they can. That's been a very positive aspect of the product."
"The ability to see the uptimes on the different VPNs that we have configured for site-to-site."
"With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products."
"Cisco Defense Orchestrator has useful guides for the steps that need to follow by users."
"The bulk changes feature is definitely the most valuable."
"We are able to stay compliant with many of the regulations."
"We've scaled it to hundreds of firewalls."
"Tufin has made handling firewall rule request tickets more centralized and easier to manage."
"SecureChange is the most interesting part. It all comes down to having the user request firewall access and SecureChange, based on workflows, takes care of it, sending two or three emails to the business approvers. With one click, you can automate a firewall rule."
"Tufin allows our say junior guys to learn how to view policies. It gives them a tool that will help them consolidate and optimize."
"It is an important application for controlling and monitoring firewall rules. It is useful for making and monitoring the changes."
"The time that we require to makes changes has been reduced from weeks to days."
"We were hit by the NotPetya attack. Therefore, our whole company and all its sites were down for several months. So, you don't have an attack like that and not need something like Tufin. Other companies can prevent these attacks, or at least slow them down, by having this type of a tool. We will never go back."
"It would be a better product if it incorporated device control for third-party products easily."
"CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring."
"Cisco Defense Orchestrator can improve by providing more support for third-party security components."
"They need to work on the user interface. It needs to be improved to make it more user-friendly."
"They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."
"We had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have been nice if it had been flagged for us: "Hey, these updates are failing because the MX is blocking it." It wasn't a huge problem, but there was a loss of our time as well as the fact that the updates didn't get pushed out... It would have been nice if CDO had let us know that that was an issue."
"I've found dozens of bugs over the year we've been using it. The more I use it for different things, the more problems I find... Most of the problems have to do with the user interface. A lot of thought and work has gone into the back-end component to make the product do what it's intended to do, but the way it is presented for use hasn't gotten nearly as much thought to make it smart and bug-free."
"The dashboard needs to be more customizable to provide better reporting for our network."
"The network part of the solution could be improved. It's too hard because of the Tufin licensing model for the routing devices."
"We found some bugs on the software, but we're working with tech support to fix them."
"I don't get the full visibility. There are a lot of improvements which can be done in terms of visibility."
"We need to implement micro-segmentation in our infrastructure, and we are using Cisco ACI. However, we are facing an issue with Tufin, as it does not currently support integration with ACI for micro-segmentation, even though it is advertised as such."
"The solution does not have automation with other Firewalls."
"I would really like to see a new UI for SecureChange. SecureTrack 2.0 has quite an improvement in the UI and it flows more smoothly. The current SecureTrack and SecureChange are a little blocky, and sometimes loading a tab or a page is required to refresh information. Whereas in SecureTrack 2.0, they're starting to improve on that."
"We like the change impact analysis capabilities quite a bit. The only weakness is that the reporting is a bit clunky. We would like to have the reporting be better."
"I would like to see more configuration options on next-generation firewalls, defining possible standards for devices."
Earn 20 points
Cisco Defense Orchestrator is ranked 14th in Firewall Security Management while Tufin Orchestration Suite is ranked 2nd in Firewall Security Management with 180 reviews. Cisco Defense Orchestrator is rated 8.2, while Tufin Orchestration Suite is rated 8.0. The top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". Cisco Defense Orchestrator is most compared with AlgoSec, Palo Alto Networks Panorama, Azure Firewall Manager and Cisco Secure Firewall Management Center, whereas Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Skybox Security Suite, Palo Alto Networks Panorama and Opinnate. See our Cisco Defense Orchestrator vs. Tufin Orchestration Suite report.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.