Try our new research platform with insights from 80,000+ expert users

Cisco Defense Orchestrator vs FireMon Security Manager comparison

Cisco and FireMon are both solutions in the Firewall Security Management category. Cisco is ranked #14 with an average rating of 8.0, while FireMon is ranked #4 with an average rating of 8.0. Cisco holds a 1.0% mindshare in Firewall Security Management, compared to FireMon’s 16.6% mindshare. Additionally, 100% of Cisco users are willing to recommend the solution, compared to 87% of FireMon users who would recommend it.
Cisco Defense Orchestrator
Read 15 Cisco Defense Orchestrator reviews
  • 706 Views
  • 234 Comparison Views
100% willing to recommend
FireMon Security Manager
Read 56 FireMon Security Manager reviews
  • 4,099 Views
  • 3,200 Comparison Views
87% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 4, 2024

FireMon Security Manager and Cisco Defense Orchestrator are competing products in the security management sector. Although FireMon is attractive due to its pricing and customer service, Cisco Defense Orchestrator has the advantage with its comprehensive feature set and cloud integration.

Features: FireMon Security Manager offers policy management, analytics capabilities, and detailed security rule assessments. Cisco Defense Orchestrator stands out with cloud integration, automation features, and a unified management interface.

Room for Improvement: FireMon could enhance its cloud capabilities, improve deployment processes, and expand integration options. Cisco would benefit from optimizing pricing strategies, expanding policy management capabilities, and improving analytics tools to match FireMon’s depth.

Ease of Deployment and Customer Service: Cisco Defense Orchestrator facilitates quick setup through cloud-based deployment and is praised for responsive customer service. FireMon offers a straightforward deployment process but may require more extensive configuration, yet provides competitive support.

Pricing and ROI: FireMon Security Manager has a lower upfront cost and offers favorable ROI, appealing to budget-conscious users. Cisco Defense Orchestrator justifies its higher setup cost with integrated capabilities and has potential for greater long-term ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cisco Defense Orchestrator vs. FireMon Security Manager Report (Updated: March 2025).
Buyer's Guide
Cisco Defense Orchestrator vs. FireMon Security Manager
March 2025
Download the complete report
Helped 845,406 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Defense Orchestrator
Ranking in Firewall Security Management
14th
Average Rating
8.2
Number of Reviews
15
Ranking in other categories
No ranking in other categories
FireMon Security Manager
Ranking in Firewall Security Management
4th
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
56
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Firewall Security Management category, the mindshare of Cisco Defense Orchestrator is 1.0%, down from 1.3% compared to the previous year. The mindshare of FireMon Security Manager is 16.6%, up from 16.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management
 

Featured Reviews

Vivek Balaji - PeerSpot reviewer
Useful guides, excellent support, integration could improve
Cisco Defense Orchestrator has useful guides for the steps that need to follow by users Cisco Defense Orchestrator can improve by providing more support for third-party security components. I have been using Cisco Defense Orchestrator for approximately eight months. The Cisco Defense…
Read full review
Ganesh-Khutwad - PeerSpot reviewer
Rapid policy insights with robust dashboards and cross-vendor automation
FireMon Security Manager is excellent for real-time compliance management. It allows us to quickly retrieve any policy needed for testing and easily analyze it for loopholes. If a loophole exists, FireMon provides comprehensive details within the policy manager. It alerts us to firewall rule additions or changes that violate compliance policies. It supports various firewall platforms, including Checkpoint, Zscaler, Fortinet, Cisco, and AWS, and provides centralized management for all configured policies through a single console. FireMon Security Manager provides many features, like whether my firewall is compatible with required standards such as NTP and SNMP. Each compliance included in our RFPs is shown in the UI of FireMon. It gives robust and clear dashboards, making it easier to understand risks because the policies have ratings showing usage, and the number of hit attacks. It streamlines our compliance reporting processes by providing comprehensive risk and compliance assessments. It offers a range of features, including verification of firewall compatibility with protocols like NTP and SNMP, and detection of signal charges. FireMon effectively addresses all compliance requirements outlined in our RFPs. For instance, it can determine if firewalls or proxies within a stack are configured in Secure Mode or Active-Active mode. FireMon Security Manager enables us to generate reports on all these aspects, ensuring thorough compliance monitoring and documentation. FireMon Security Manager is robust and can help automate firewall policy changes across large multi-vendor enterprise environments. FireMon Security Manager helps automate firewall policy changes across various environments, including on-premises, cloud, hybrid, SASE, and SD-WAN. It also simplifies cleaning up firewall rules in our environment. The time required to accurately create, approve, and deploy firewall policy rules has been reduced. Tasks that took 30 minutes can now be completed in just five minutes using FireMon. FireMon provides immediate visibility into our policies through a robust and clear dashboard, making it easy to identify errors or misconfigurations based on the policy rating.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is being able to do centralized upgrades on the ASAs. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us."
"If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing."
"If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time."
"We have quite a few Active Stone by pairs. If they fail over... I'll see that there's a change on it and I'll have a look. The only change on it is that now this one is the standby, it took over the active role. I can go into that firewall and find out what happened... and troubleshoot based on that. That's pretty cool too."
"The ability to do operations on multiple firewalls at once is valuable because it saves time and mental effort. The solution's ability to make bulk changes makes it very convenient to manage things at once on multiple targets."
"For this product, they are very uncharacteristically interested in resolving whatever issue the customer reports. They're really attentive, and they address whatever we bring up as quickly as they can. That's been a very positive aspect of the product."
"The most valuable feature is the automation, as it reduces user intervention and allows us to focus on other tasks."
"We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."
More Cisco Defense Orchestrator pros
"The automation that the platform provides to create tickets reduces human error and more generally, reduces the operational overhead."
"The firewall assessment feature is great."
"The most valuable feature is the Firewall reviews for our company compliance."
"FireMon saves us a lot of time and it's nice because if you're adding a rule that's similar to another rule, it'll tell you so sometimes you can just edit the one and add another source or destination in there without creating a duplicate rule. It enables you to consolidate and have fewer, more meaningful rules. We're saving around 30% of our time."
"Overall, I would rate this solution a nine out of ten."
"The unused objects is another nice feature, where it digs a little bit deeper into comparing the logs that it sees versus the configurations that it sees... The unused objects feature will go through in a pretty detailed way and show us which ones aren't being used. Or, if they are used, it will show us how often they're used."
"It is the single place where we go to review all of our firewall changes. The solution makes it easier for us to track all the changes made. It is a central place where we can look at all the firewall rules, because we have three different firewall vendors. It save us time and creates efficiencies by looking at the general picture."
"The most valuable features are Policy Optimizer and Firewall Manager for different brands of firewall."
More FireMon Security Manager pros
 

Cons

"It would be a better product if it incorporated device control for third-party products easily."
"There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a change. If I make a change, I've then got to go back to submit and send the change."
"When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."
"I'd like CDO to be the one-stop-shop where we could do all the configurations easily. It would be nice, for ASA upgrades, if we could do them from a central repository and not have to reach out to Cisco. That would be a definite plus."
"The dashboard needs to be more customizable to provide better reporting for our network."
"They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."
"We had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have been nice if it had been flagged for us: "Hey, these updates are failing because the MX is blocking it." It wasn't a huge problem, but there was a loss of our time as well as the fact that the updates didn't get pushed out... It would have been nice if CDO had let us know that that was an issue."
"Cisco Defense Orchestrator should be made more user-friendly overall."
More Cisco Defense Orchestrator cons
"To my knowledge, there's no cloud component to FireMon whatsoever. We're on the hook for any updates to versioning of the operating system or the application that runs on the operating system. It would be nice if it was a little bit more automated."
"Policy Planner requirements section is good, but could use some improvement to allow flexibility to enter different types of requests (modifying an existing policy, object or service group, for example) in a structured task format that can be auto-verified."
"A phone app would be nice. This is the reason why it is not perfect yet."
"We have not used the Policy Planner but even so, we have identified areas of improvement with it during our testing. For example, it could be better when it comes to ease of integration or ease of policy automation. Another problem is that there is a console where it has too many options and is not very straightforward. Essentially, controlling it could be made more seamless."
"When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box."
"We have had some stability issues that are affecting operations. We rely heavily on this solution and if it isn't working then we have to create rules manually."
"The support response time has room for improvement."
"The training for configuring new users or operators is confusing because the UI is not user-friendly and has room for improvement."
More FireMon Security Manager cons
 

Pricing and Cost Advice

"After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."
"I work with a lot of clients, and the price or value of the Cisco Defense Orchestrator can vary from one client to another. If you have a lot of Cisco solutions, the price of the Cisco Defense Orchestrator is justified. Whereas if you have some security components from other vendors, such as Check Point or Palo Alto. This solution would be a pretty expensive proposition considering that they don't integrate with them well."
"It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year."
"It's around £500 per unit for a three-year license."
"If you compare to what is available on the market, they are in the same range with respect to pricing."
"It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."
"This is an expensive solution. The cost of three modules for three years was approximately one million."
"Pricing is reasonable."
"Regarding additional costs, if you want things like Policy Optimizer, extra features, that's extra."
"FireMon is very expensive. I think that they charge a premium. In general, they are very pricey. Compared to their competitors, they cost a little more than the other solutions that we evaluated."
"Relative to what it offers, the price is fair."
"FireMon is cheaper than AlgoSec."
"Its pricing is good. Compared to others, it is not so expensive."
"Pricing model seems fair."
More FireMon Security Manager pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
See recommendations
845,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
51%
Manufacturing Company
10%
Financial Services Firm
8%
Legal Firm
3%
Computer Software Company
19%
Financial Services Firm
16%
Manufacturing Company
9%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What needs improvement with Cisco Defense Orchestrator?
Cisco Defense Orchestrator should be made more user-friendly overall. Currently, to use it effectively, one must be specific with the rule set that needs to be set up. Additionally, I suggest impro...
See all answers
What is your primary use case for Cisco Defense Orchestrator?
Our primary use case for Cisco Defense Orchestrator is the automation of playbooks. We primarily use it for this purpose to streamline processes.
See all answers
What advice do you have for others considering Cisco Defense Orchestrator?
Those who want to use Cisco Defense Orchestrator should build their own use case and see if it fits their environment. The most significant benefit for us is the response time because it automates ...
See all answers
What do you like most about FireMon?
I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement.
See all answers
What is your experience regarding pricing and costs for FireMon?
Comparatively, FireMon has a very good price and is below the general competition in cost. I have not seen any additional fees beyond the general contract fees for the usage I have. So, I have not ...
See all answers
What needs improvement with FireMon?
For one company I work with, I use Fortinet, and FireMon is not able to understand the zones that Fortinet uses. Part of that compliance piece does not provide me with the necessary information. An...
See all answers
 

Comparisons

Tufin Orchestration Suite vs Cisco Defense Orchestrator Logo
Tufin Orchestration Suite vs Cisco Defense Orchestrator
Compared 36% of the time
Palo Alto Networks Panorama vs Cisco Defense Orchestrator Logo
Palo Alto Networks Panorama vs Cisco Defense Orchestrator
Compared 36% of the time
AlgoSec vs Cisco Defense Orchestrator Logo
AlgoSec vs Cisco Defense Orchestrator
Compared 28% of the time
More Cisco Defense Orchestrator Competitors
Tufin Orchestration Suite vs FireMon Security Manager Logo
Tufin Orchestration Suite vs FireMon Security Manager
Compared 40% of the time
AlgoSec vs FireMon Security Manager Logo
AlgoSec vs FireMon Security Manager
Compared 38% of the time
Skybox Security Suite vs FireMon Security Manager Logo
Skybox Security Suite vs FireMon Security Manager
Compared 11% of the time
Palo Alto Networks Panorama vs FireMon Security Manager Logo
Palo Alto Networks Panorama vs FireMon Security Manager
Compared 4% of the time
ManageEngine Firewall Analyzer vs FireMon Security Manager Logo
ManageEngine Firewall Analyzer vs FireMon Security Manager
Compared 3% of the time
More FireMon Security Manager Competitors
 

Product Reports

Buyer's Guide
Cisco Defense Orchestrator
March 2025
Cisco Defense Orchestrator reportDownload Cisco Defense Orchestrator product report
Buyer's Guide
FireMon Security Manager
March 2025
FireMon Security Manager reportDownload FireMon Security Manager product report
 

Also Known As

CDO
No data available
 

Interactive Demo

Cisco
Demo not available
FireMon
 

Overview

Cisco Defense Orchestrator (CDO) is a cloud-based management solution designed to ensure streamlined and consistent security policies across the Cisco security portfolio. Specifically tailored to manage all Cisco Secure Firewall form factors (running either ASA or Firepower Threat Defense (FTD) software), CDO offers real-time visibility and troubleshooting capabilities, effectively enhancing overall network security.

CDO addresses the challenges of migration, supporting transitions from on-premises to cloud environments and facilitating the shift from ASA to FTD configurations. As organizations embark on their cloud adoption journey, CDO simplifies provisioning workflows for remote branches, reduces operational expenditures related to inventory management, and offers scalability for multi-cloud deployments.

Cisco

The increasing complexity of networks, driven by the constant influx of new devices, applications, and cloud services, presents a daunting challenge for managing firewall policies and rules. A typical enterprise environment has millions of rules, and just one simple misconfiguration can lead to devastating consequences like compliance violations, outages, and data breaches. 

FireMon’s Security Manager is a purpose-built network security policy management (NSPM) platform that automates the management of firewall and cloud security policies to eliminate policy-related risk, accurately and quickly change rules, and meet internal and external compliance requirements.

  • Reduce Risk Manage risk with real-time visibility and control
  • Manage Change Avoid misconfigurations, accelerate business, and improve security
  • Enforce and Maintain Compliance Avoid violations, avoid risk, and avoid fines
FireMon
 

Sample Customers

Insurance Company of British Columbia, Shawmut
Convey, MGM Resorts International, Southwest Airlines, Alkami, Costco, Aetna, IBM, Verizon, Wells Fargo
Buyer's Guide
Cisco Defense Orchestrator vs. FireMon Security Manager
March 2025
Free Report: Cisco Defense Orchestrator vs. FireMon Security Manager
Find out what your peers are saying about Cisco Defense Orchestrator vs. FireMon Security Manager and other solutions. Updated: March 2025.
DOWNLOAD NOW
845,406 professionals have used our research since 2012.
See our Cisco Defense Orchestrator vs. FireMon Security Manager report.
See our list of best Firewall Security Management vendors.

We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.