• Home
  • Cisco Defense Orchestrator vs. Tufin Orchestration Suite

Cisco Defense Orchestrator vs Tufin Orchestration Suite comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
Cisco Defense Orchestrator
Read 14 Cisco Defense Orchestrator reviews
1,059 views|319 comparisons
100% willing to recommend
Tufin Logo
Tufin Orchestration Suite
Read 180 Tufin Orchestration Suite reviews
11,923 views|6,941 comparisons
91% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cisco Defense Orchestrator vs. Tufin Orchestration Suite
May 2024
Executive Summary

We performed a comparison between Cisco Defense Orchestrator and Tufin Orchestration Suite based on real PeerSpot user reviews.

Find out in this report how the two Firewall Security Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Cisco Defense Orchestrator vs. Tufin Orchestration Suite Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Todd Ellis
Provides visibility into entire infrastructure and bulk changes save time and resources
For one particular client, we had almost a 20 percent remediation on some of their equipment as a result of all kinds of attacks from the desktop... Read more →
Anonymous User
Useful rule analysis, responsive support, and scalable
This solution was a need for our organization to stay compliant and it has helped us in this way.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple.""The most valuable feature is being able to do centralized upgrades on the ASAs. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us.""For this product, they are very uncharacteristically interested in resolving whatever issue the customer reports. They're really attentive, and they address whatever we bring up as quickly as they can. That's been a very positive aspect of the product.""The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets.""With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products.""The initial setup was straightforward. We spun up the VM onsite. We generated the key that it needed to talk to the Cloud Orchestrator. After that, as I started adding devices, it was relatively quick and easy.""There are a lot of templates that are already built-in. They give you quick-to-create and quick-to-apply policies that are typically a little more complicated for people.""We have quite a few Active Stone by pairs. If they fail over... I'll see that there's a change on it and I'll have a look. The only change on it is that now this one is the standby, it took over the active role. I can go into that firewall and find out what happened... and troubleshoot based on that. That's pretty cool too."

More Cisco Defense Orchestrator Pros →

"The features I have found most valuable are its capability to check on the firewall and the routers. Afterwards it checks out all the configs, checks the vulnerabilities, checks the risks - it checks everything that may end up causing our router to be compromised. At the end it recommendations what we should do.""I like the deployment and management of this solution.""We use Tufin to clean up our firewall policies. This makes it a lot easier to find out the things that are wrong.""The product is good at auditing the changes that we make in our environment.""It provides a real-time sense of how the policies are configured and whether there are any shadow rules. Another great thing is that it provides greater reporting based on how the rules have been set up.""One of the biggest quick wins that we had with Tufin was cleaning up our firewall policies and rules. We cleaned out a lot of rules which helped our devices, longevity-wise, as well as speed-wise.""A customer is able to submit a request for access and Tufin will automatically analyze the system to find out where the rule needs to go, and then design the rule for you.""I don't think that we were ever slow, but we can now say that changes are completed within twenty-four hours."

More Tufin Orchestration Suite Pros →

Cons
"It should have more features to manage FirePOWER appliances.""The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities.""We had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have been nice if it had been flagged for us: "Hey, these updates are failing because the MX is blocking it." It wasn't a huge problem, but there was a loss of our time as well as the fact that the updates didn't get pushed out... It would have been nice if CDO had let us know that that was an issue.""I've found dozens of bugs over the year we've been using it. The more I use it for different things, the more problems I find... Most of the problems have to do with the user interface. A lot of thought and work has gone into the back-end component to make the product do what it's intended to do, but the way it is presented for use hasn't gotten nearly as much thought to make it smart and bug-free.""CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring.""It would be a better product if it incorporated device control for third-party products easily.""There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a change. If I make a change, I've then got to go back to submit and send the change.""They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."

More Cisco Defense Orchestrator Cons →

"There was some complexity during the initial setup""The hardest piece is getting the matrix built.""I would like an improved reporting module which can be flexible (custom reports) and allow us to generate our own reports, because the data is already there.""There is room for improvement in the speed of Tufin. It is using so many of my VM resources and yet it is still a bit slow... Even though we are allocating 130 gigs of RAM, we still have to wait for a few minutes for a single report to be generated. Otherwise it would be a perfect tool.""The initial setup of Tufin was complex. We had some issues with the architecture.""We actually had a key issue, which was a bug, that the development team didn't want to fix. We escalated it, then it got fixed. So, the management level seems very responsive at least, but at a support level, they are just regular support people and not outstanding.""There were some hiccups here and there with the initial setup.""Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin."

More Tufin Orchestration Suite Cons →

Pricing and Cost Advice
  • "It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year."
  • "It's around £500 per unit for a three-year license."
  • "After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."
  • "It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."
  • "If you compare to what is available on the market, they are in the same range with respect to pricing."
  • "I work with a lot of clients, and the price or value of the Cisco Defense Orchestrator can vary from one client to another. If you have a lot of Cisco solutions, the price of the Cisco Defense Orchestrator is justified. Whereas if you have some security components from other vendors, such as Check Point or Palo Alto. This solution would be a pretty expensive proposition considering that they don't integrate with them well."

    • More Cisco Defense Orchestrator Pricing and Cost Advice →

  • "This solution helped us to reduce the time it takes to make changes. We used to spend up to an hour to do a change, and now, it's around five minutes."
  • "Tufin and AlgoSec were pretty much in the competitive price range, but this one provided us better integration into the Check Point environment."
  • "The solution has helped us to reduce the time it takes to make changes. With Tufin, it takes ten to 15 minutes. Before, it was 30 minutes or more."
  • "The solution has helped reduce the time it takes us to make changes. It helps make overall integrated changes immediately. It allows us to cut down at least a few hours in the week in regards to changes and monitoring."
  • "We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."
  • "Tufin makes things a little easier. It lessens the amount of manual work which we have to do. It has a lot of benefits in terms of revenues, profits, employee costs, and operational costs. We have already seen return on investment."
  • "This solution helps us reduce the time it takes us to make changes. We're probably saving time by 25%."
  • "Tufin reduced the time it takes to solve a problem, which reduces the time of the outage."

    • More Tufin Orchestration Suite Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    Ask a question

    Earn 20 points

    What do you like most about Tufin?
    Top Answer:The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over… more »
    Read all 91 answers   →
    What is your experience regarding pricing and costs for Tufin?
    Top Answer:Tuffin is expensive, and we have to explain to our customers the benefit for them to purchase. If we explain the benefits in the correct way they do not mind the price. We typically do costing for the… more »
    Read all 37 answers   →
    What needs improvement with Tufin?
    Top Answer:The reporting function could improve in Tufin. For our clients with companies that have strong compliance, reporting privacy data is mostly a problem. In the IT department, private data needs a… more »
    Read all 86 answers   →
    Ranking
    14th
    out of 17 in Firewall Security Management
    Views
    1,059
    Comparisons
    319
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    2nd
    out of 17 in Firewall Security Management
    Views
    11,923
    Comparisons
    6,941
    Reviews
    9
    Average Words per Review
    432
    Rating
    7.9
    Comparisons
    Also Known As
    CDO
    Tufin SecureCloud
    Learn More
    Cisco
    Video Not Available
    Tufin
    Interactive Demo
    Cisco
    Watch a demo
    Tufin
    Demo Not Available
    Overview

    Cisco Defense Orchestrator (CDO) is a cloud-based management solution designed to ensure streamlined and consistent security policies across the Cisco security portfolio. Specifically tailored to manage all Cisco Secure Firewall form factors (running either ASA or Firepower Threat Defense (FTD) software), CDO offers real-time visibility and troubleshooting capabilities, effectively enhancing overall network security.

    CDO addresses the challenges of migration, supporting transitions from on-premises to cloud environments and facilitating the shift from ASA to FTD configurations. As organizations embark on their cloud adoption journey, CDO simplifies provisioning workflows for remote branches, reduces operational expenditures related to inventory management, and offers scalability for multi-cloud deployments.

    Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines. 

    Sample Customers
    Insurance Company of British Columbia, Shawmut
    3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
    Top Industries
    REVIEWERS
    Manufacturing Company38%
    Computer Software Company13%
    University13%
    Consumer Goods Company13%
    VISITORS READING REVIEWS
    Computer Software Company44%
    Manufacturing Company7%
    Financial Services Firm6%
    Government5%
    REVIEWERS
    Financial Services Firm26%
    Comms Service Provider11%
    Healthcare Company7%
    Insurance Company7%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company17%
    Manufacturing Company7%
    Retailer6%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise21%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business11%
    Midsize Enterprise5%
    Large Enterprise84%
    REVIEWERS
    Small Business14%
    Midsize Enterprise7%
    Large Enterprise79%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise15%
    Large Enterprise69%
    Buyer's Guide
    Cisco Defense Orchestrator vs. Tufin Orchestration Suite
    May 2024
    Free Report: Cisco Defense Orchestrator vs. Tufin Orchestration Suite
    Find out what your peers are saying about Cisco Defense Orchestrator vs. Tufin Orchestration Suite and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Cisco Defense Orchestrator is ranked 14th in Firewall Security Management while Tufin Orchestration Suite is ranked 2nd in Firewall Security Management with 180 reviews. Cisco Defense Orchestrator is rated 8.2, while Tufin Orchestration Suite is rated 8.0. The top reviewer of Cisco Defense Orchestrator writes "Provides visibility into entire infrastructure and bulk changes save time and resources". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". Cisco Defense Orchestrator is most compared with AlgoSec, Palo Alto Networks Panorama and Azure Firewall Manager, whereas Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Skybox Security Suite, Palo Alto Networks Panorama and Opinnate. See our Cisco Defense Orchestrator vs. Tufin Orchestration Suite report.

    See our list of best Firewall Security Management vendors.

    We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.