Cisco Security Cloud Control vs FireMon Security Manager comparison

Cisco Security Cloud Control vs. FireMon Security Manager

Download the complete report

Helped 860,592 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Security Cloud Control

Ranking in Firewall Security Management

14th

Average Rating

8.2

Number of Reviews

Ranking in other categories

No ranking in other categories

FireMon Security Manager

Ranking in Firewall Security Management

3rd

Average Rating

8.2

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of July 2025, in the Firewall Security Management category, the mindshare of Cisco Security Cloud Control is 1.2%, down from 1.4% compared to the previous year. The mindshare of FireMon Security Manager is 17.5%, up from 15.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewall Security Management

Featured Reviews

Vivek Balaji

Technical Director - Cyber Security at a comms service provider with 1-10 employees

Useful guides, excellent support, integration could improve

Cisco Defense Orchestrator has useful guides for the steps that need to follow by users Cisco Defense Orchestrator can improve by providing more support for third-party security components. I have been using Cisco Defense Orchestrator for approximately eight months. The Cisco Defense…

Read full review

Ganesh-Khutwad

Senior Network Specialist at Tech Mahindra Limited

Rapid policy insights with robust dashboards and cross-vendor automation

FireMon Security Manager is excellent for real-time compliance management. It allows us to quickly retrieve any policy needed for testing and easily analyze it for loopholes. If a loophole exists, FireMon provides comprehensive details within the policy manager. It alerts us to firewall rule additions or changes that violate compliance policies. It supports various firewall platforms, including Checkpoint, Zscaler, Fortinet, Cisco, and AWS, and provides centralized management for all configured policies through a single console. FireMon Security Manager provides many features, like whether my firewall is compatible with required standards such as NTP and SNMP. Each compliance included in our RFPs is shown in the UI of FireMon. It gives robust and clear dashboards, making it easier to understand risks because the policies have ratings showing usage, and the number of hit attacks. It streamlines our compliance reporting processes by providing comprehensive risk and compliance assessments. It offers a range of features, including verification of firewall compatibility with protocols like NTP and SNMP, and detection of signal charges. FireMon effectively addresses all compliance requirements outlined in our RFPs. For instance, it can determine if firewalls or proxies within a stack are configured in Secure Mode or Active-Active mode. FireMon Security Manager enables us to generate reports on all these aspects, ensuring thorough compliance monitoring and documentation. FireMon Security Manager is robust and can help automate firewall policy changes across large multi-vendor enterprise environments. FireMon Security Manager helps automate firewall policy changes across various environments, including on-premises, cloud, hybrid, SASE, and SD-WAN. It also simplifies cleaning up firewall rules in our environment. The time required to accurately create, approve, and deploy firewall policy rules has been reduced. Tasks that took 30 minutes can now be completed in just five minutes using FireMon. FireMon provides immediate visibility into our policies through a robust and clear dashboard, making it easy to identify errors or misconfigurations based on the policy rating.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Cisco Defense Orchestrator has useful guides for the steps that need to follow by users."

"The most valuable feature is being able to do centralized upgrades on the ASAs. We can select all of those ASAs, and say, "Upgrade these ASAs at this scheduled time." It will copy down the ASA image, ASDM image, and then do the upgrade and failovers, and then put it all back into service as required at a scheduled time. It automates that process for us."

"If we have a firewall go down, I can hop into CDO, pull the latest configuration off and apply it. That's really good. It helps save time."

"We use a lot of image upgrades. We take some 20 devices and then we update everything at once, including the policies. We apply policies for groups. For certain groups, like anti-viruses, we send out policies and apply them to every single device. It's really easy and simple."

"The most valuable feature is the automation, as it reduces user intervention and allows us to focus on other tasks."

"For this product, they are very uncharacteristically interested in resolving whatever issue the customer reports. They're really attentive, and they address whatever we bring up as quickly as they can. That's been a very positive aspect of the product."

"I like the upgrade feature. That is pretty valuable to me because I have dual ASAs and when I go through CDO it does it for me pretty well. It's all done in the back-end and I don't really have to be involved. I just initiate, pick the image, and I pick when I want it done and it just does it, whether I have a single ASA or have a dual ASA."

"If our server is blocked, this solution shows us why it is blocked and allows us to update the network routing."

More Cisco Security Cloud Control pros

"The automation that the platform provides to create tickets reduces human error and more generally, reduces the operational overhead."

"FireMon is nice and provides 360-degree user views."

"The most valuable feature is the reporting capability because everything that we do is a result of our being able to query a report, based on our environment and our PCI compliance efforts."

"I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement."

"The Security Manager part of FireMon... gives me an eye on everything that's out there, everything that I cannot see. Because I'm not a network admin, I cannot go to a firewall itself, but at least I have FireMon so that I can go in and view everything that I want to view. And I can eliminate whatever I see that is wrong,"

"It is a good product. Previously, we were using only spreadsheets to compare the usage, but now with FireMon, we are able to clean up or review the policies to some extent. It is still a work in progress, but we are at a good stage now."

"In one report, FireMon tells us there are, say, 1,000 rules that can be taken out and it gives us the ability to disable those for a year and to track when we made our changes. After a year, we can go back and eliminate the rules, to bring the configuration down to an almost human-readable level."

"The most valuable features are the security assessments and the ability to identify unused rules or objects."

More FireMon Security Manager pros

Cons

"They need to work on the user interface. It needs to be improved to make it more user-friendly."

"Cisco Defense Orchestrator can improve by providing more support for third-party security components."

"Cisco Defense Orchestrator should be made more user-friendly overall. Currently, to use it effectively, one must be specific with the rule set that needs to be set up."

"The main thing that would useful for us would the logging and monitoring. I have to check it out, to get the beta, because I don't have access to them... I wanted CDO to be a central place so where I could do everything but right now I don't think that's possible. I really don't want to go back and forth between this and FMC. Maybe the logging portion, when I look at it, will give me some similarities."

"There could be some slight improvements to navigation. In some of the navigation you've got to go back to be able to get into where you need to be once you've made a change. If I make a change, I've then got to go back to submit and send the change."

"CDO doesn't have a report, an official report that I can check daily. It has another module called FTD, but it doesn't have that specifically for ASA. In the reporting, there are a lot of things that aren't there. There is also room for improvement in the daily monitoring."

"We had some MX devices that were blocking Windows Update from happening. We found out it was a Meraki issue, but it would have been nice if it had been flagged for us: "Hey, these updates are failing because the MX is blocking it." It wasn't a huge problem, but there was a loss of our time as well as the fact that the updates didn't get pushed out... It would have been nice if CDO had let us know that that was an issue."

"They can centralize all products and provide a correlation about an incident and the response. They can also provide an on-premises solution. Currently, Cisco Defense Orchestrator is just for cloud deployments, not for on-premises deployments. Customers have to manage it on the cloud. We are based in Vietnam, and most of the customers here prefer to have on-premises deployments. Customers, especially from banking and government sectors, do not prefer to do anything on the cloud. Some of the small enterprises use the cloud."

More Cisco Security Cloud Control cons

"We have had some stability issues that are affecting operations. We rely heavily on this solution and if it isn't working then we have to create rules manually."

"The advanced features are complex in setting up the rules."

"One area for 7.x customers that needs improvement is the migration. It is an involved process so get ready to spend some time getting your environment back to the way it was."

"A phone app would be nice. This is the reason why it is not perfect yet."

"The training for configuring new users or operators is confusing because the UI is not user-friendly and has room for improvement."

"The issue for me started with Fortinet not being able to see things correctly. It lost its appeal in terms of what it could do for me from a security standpoint, so I do not pay as much attention to it."

"The current health and monitoring of the devices is atrocious... Imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined... Out of all those categories, I only find one or two of them that are, perhaps, pertinent."

"When it comes to identifying risk in our environment and prioritizing fixes, it is really about the different priorities within the organization. FireMon is not so smart that it can tell what's important to us. It's up to us to figure that out."

More FireMon Security Manager cons

Pricing and Cost Advice

"It's around £500 per unit for a three-year license."

"If you compare to what is available on the market, they are in the same range with respect to pricing."

"I work with a lot of clients, and the price or value of the Cisco Defense Orchestrator can vary from one client to another. If you have a lot of Cisco solutions, the price of the Cisco Defense Orchestrator is justified. Whereas if you have some security components from other vendors, such as Check Point or Palo Alto. This solution would be a pretty expensive proposition considering that they don't integrate with them well."

"After our free trial was done we got a subscription for three years and it was under $3,000 or so. It's part of the EA we already paid for, so I don't know what it would be if it was a la carte."

"It is covered under the CIsco Enterprise License Agreement (ELA). So, it is licensed and ours."

"It is about a $100 per year for an ASA 5506 firewall, and from there it keeps going up if you have a bigger box. For example, the 5516 is $200 to $300 per year."

"FireMon is cheaper than AlgoSec."

"Pricing model seems fair."

"Relative to what it offers, the price is fair."

"The pricing was very good during our initial year, but they increased it this year a little bit. The price is okay. It is not cheap, but it is still average."

"Regarding additional costs, if you want things like Policy Optimizer, extra features, that's extra."

"It's a good value. From a licensing standpoint... it's very simple to understand, and gives us a good bang for the buck."

"Its pricing is good. Compared to others, it is not so expensive."

"We pay for it yearly."

More FireMon Security Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.

See recommendations

860,592 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

49%

Manufacturing Company

13%

Financial Services Firm

Legal Firm

Computer Software Company

18%

Financial Services Firm

15%

Manufacturing Company

10%

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What needs improvement with Cisco Defense Orchestrator?

Cisco Defense Orchestrator should be made more user-friendly overall. Currently, to use it effectively, one must be specific with the rule set that needs to be set up. Additionally, I suggest impro...

What is your primary use case for Cisco Defense Orchestrator?

Our primary use case for Cisco Defense Orchestrator is the automation of playbooks. We primarily use it for this purpose to streamline processes.

What advice do you have for others considering Cisco Defense Orchestrator?

Those who want to use Cisco Defense Orchestrator should build their own use case and see if it fits their environment. The most significant benefit for us is the response time because it automates ...

What do you like most about FireMon?

I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement.

What is your experience regarding pricing and costs for FireMon?

Comparatively, FireMon has a very good price and is below the general competition in cost. I have not seen any additional fees beyond the general contract fees for the usage I have. So, I have not ...

What needs improvement with FireMon?

For one company I work with, I use Fortinet, and FireMon is not able to understand the zones that Fortinet uses. Part of that compliance piece does not provide me with the necessary information. An...

Palo Alto Networks Panorama vs Cisco Security Cloud Control

Comparisons

Compared 40% of the time

Tufin Orchestration Suite vs Cisco Security Cloud Control

Compared 31% of the time

AlgoSec vs Cisco Security Cloud Control

Compared 29% of the time

More Cisco Security Cloud Control Competitors

Tufin Orchestration Suite vs FireMon Security Manager

Compared 44% of the time

AlgoSec vs FireMon Security Manager

Compared 37% of the time

Skybox Security Suite vs FireMon Security Manager

Compared 9% of the time

Palo Alto Networks Panorama vs FireMon Security Manager

Compared 4% of the time

ManageEngine Firewall Analyzer vs FireMon Security Manager

Compared 3% of the time

More FireMon Security Manager Competitors

Product Reports

Cisco Security Cloud Control

Download Cisco Security Cloud Control product report

FireMon Security Manager

Download FireMon Security Manager product report

Also Known As

Cisco Defense Orchestrator, CDO

No data available

Interactive Demo

Cisco

Demo not available

FireMon

Overview

Cisco Security Cloud Control offers centralized management, real-time visibility, and AI-driven automation for on-premises and cloud environments, simplifying scalability and deployment.

With a unified approach, Cisco Security Cloud Control enhances security posture by providing cross-platform insights across Cisco's ecosystem. It accelerates threat detection and optimizes policy enforcement through a blend of AI automation and natural language querying capabilities. The intuitive platform serves multiple devices, enabling comprehensive management of Secure Firewall, Secure Access, and other services with guidance from the Cisco AI Assistant. It also includes an AI Operations feature that identifies critical issues and provides real-time insights, enhancing response times while a policy analyzer improves security hygiene by detecting and closing security gaps. Its automation minimizes manual tasks, secures cloud-stored configurations, and supports two-factor authentication. However, it could benefit from improvements in navigation clarity, bulk change handling, and expanded third-party integrations.

What are the key features of Cisco Security Cloud Control?

Centralized Device Control: Streamlines management with bulk policy upgrades and automation.
AI-Driven Automation: Reduces manual tasks and enhances threat detection.
Network Visibility: Provides insights with valuable reporting and intrusion prevention.
Intuitive Configuration: Enables easy policy adjustments and restoration of secure connections.

What benefits can users anticipate?

Increased Efficiency: Reduces operational overhead with centralized management.
Improved Security: Enhances protection through automated policy enforcement and AI insights.
Time Savings: Simplifies management of multiple devices in cloud and on-premises environments.
Scalability: Supports growth with ease of deployment and policy consistency.

Industries implementing Cisco Security Cloud Control leverage its capabilities for tasks ranging from firewall management to intrusion prevention. Enterprises use it to streamline policy management, automate configurations, and integrate Cisco devices with cloud strategies, benefiting from simplified security orchestration and network segmentation.

Cisco

The increasing complexity of networks, driven by the constant influx of new devices, applications, and cloud services, presents a daunting challenge for managing firewall policies and rules. A typical enterprise environment has millions of rules, and just one simple misconfiguration can lead to devastating consequences like compliance violations, outages, and data breaches.

FireMon’s Security Manager is a purpose-built network security policy management (NSPM) platform that automates the management of firewall and cloud security policies to eliminate policy-related risk, accurately and quickly change rules, and meet internal and external compliance requirements.

Reduce Risk Manage risk with real-time visibility and control
Manage Change Avoid misconfigurations, accelerate business, and improve security
Enforce and Maintain Compliance Avoid violations, avoid risk, and avoid fines

FireMon

Sample Customers

Insurance Company of British Columbia, Shawmut

Convey, MGM Resorts International, Southwest Airlines, Alkami, Costco, Aetna, IBM, Verizon, Wells Fargo

Cisco Security Cloud Control vs. FireMon Security Manager