Welcome to Cisco Defense Orchestrator
About Cisco Defense Orchestrator
Cisco Defense Orchestrator (CDO) is a cloud-based multi-device manager that facilitates management of security policies in highly distributed environments to achieve consistent policy implementation.
CDO helps you optimize your security policies by identifying inconsistencies with them and by giving you tools to fix them. CDO gives you ways to share objects and policies, as well as make configuration templates, to promote policy consistency across devices.
Because CDO coexists with local device managers such as the Adaptive Security Device Manager (ASDM), Firepower Device Manager (FDM), and SSH connections, it keeps track of configuration changes made by CDO and by other managers. It then helps you compare changes so you are confident that you are implementing the changes you want.
CDO has an intuitive user interface that allows you to manage a wide range of devices in one place. Advanced users will also find their traditional CLI interface with some new enhancements to make management even more efficient for them.
The CDO Dashboard
The CDO dashboards gives you a quick overview of your tenant.
Connecting CDO to Your Devices
CDO can connect directly to your devices if they have direct access to the internet. If they do not, or you want to onboard the devices using device credentials, it is considered a best practice to install a Secure Device Connector within your network for CDO to communicate with your devices. See Connect Cisco Defense Orchestrator to Your Managed Devices for more connectivity information.
Getting Started
Request a CDO Account
Contact us at cdosales@cisco.com. We'll ask you to complete the CDO Account Request Form so that we can learn about you and why you want to use CDO. We'll create a CDO tenant for you and you can onboard your devices. You may be able to onboard devices directly to CDO or you may need to install a Secure Device Connector.
See How To Request a CDO Account for more information.
Onboard Devices
Before you onboard a device, make sure that you have successfully installed and configured your device and that you have the proper licensing. You can then onboard your device using CDO's onboarding wizard. See Onboard Devices and Services for more information.
Manage your Devices with CDO
Learn how CDO can manage these devices:
- Adaptive Security Appliance (ASA)
- Secure Firewall Cloud Native
- Firepower Threat Defense (FTD)
- Firepower Management Center (FMC)
- Cisco IOS devices
- SSH devices
- Meraki devices
- AWS Environment
For a complete list of devices that CDO supports and manages, see Software and Hardware Supported by CDO.
- What's New for Cisco Defense Orchestrator
- Learn about new and updated features in Cisco Defense Orchestrator.
- Signing in to CDO
- Explains the roles of Cisco Secure Sign-On, a SAML 2.0 compliant identity provider (IdP), Duo Security, a multi-factor authenticator, and a CDO user record when signing in to CDO.
- Managing ASA with Cisco Defense Orchestrator
- Provide customers new to Cisco Defense Orchestrator (CDO) with an outline of activities you can use to standardize objects and policies, upgrade managed devices, and manage VPN policies on your ASA.
- Managing FTD with Cisco Defense Orchestrator
- Provides an overview of all the features that CDO manages for a Firepower Threat Defense (FTD) device.
- Managing Cisco IOS with Cisco Defense Orchestrator
- Describes the methods by which CDO can manage Cisco IOS.
- Managing AWS with Cisco Defense Orchestrator
- CDO can manage AWS VPCs. This article describes that support and provides links to procedures and other conceptual information.
- Managing SSH Devices with Cisco Defense Orchestrator
- Describes the various ways that CDO can manage an SSH device.
- Managing Meraki with Cisco Defense Orchestrator
- Meraki devices can be managed by both the Meraki dashboard and CDO. The following documentation addresses how to onboard and modify policies in CDO.
- Managing FMC with Cisco Defense Orchestrator
- Article describes the level of support CDO offers for FMC appliances.
- Managing Umbrella with Cisco Defense Orchestrator
- This guide details the level of support CDO offers for ASA devices associated with the Umbrella Cloud.
- SecureX and CDO Integration
- This article describes how SecureX and CDO function as a joint operation.
Cisco Online Privacy Statement
Cisco Systems, Inc. and its subsidiaries (collectively "Cisco") are committed to protecting your privacy and providing you with a positive experience on our websites and while using our products and services ("Solutions"). Please read Cisco Online Privacy Statement carefully to get a clear understanding of how we collect, use, share, and protect your personal information.