Security Cloud Control Firewall Management (formerly Cisco Defense Orchestrator) is a cloud-based security policy manager that simplifies and unifies policy across your Cisco firewalls and other devices. The firewalls and devices are managed in Firewall, which is listed under Products in the Security Cloud Control.

It helps you optimize your security policies by identifying inconsistencies with them and by giving you tools to fix them. It provides you ways to share objects and policies, as well as make configuration templates, to promote policy consistency across devices.

Because Security Cloud Control Firewall Management coexists with local device managers such as the Adaptive Security Device Manager (ASDM), it keeps track of configuration changes made by Security Cloud Control Firewall Management and by other managers, and then reconcile the differences between managers.

Security Cloud Control Firewall Management has an intuitive user interface that allows you to manage a wide range of devices in one place. Advanced users will also find their traditional CLI interface with some new enhancements to make management even more efficient for them.

It also provides a guided "Day 0" experience helping you quickly onboard threat defense devices to your on-premises or Cloud-Delivered Firewall Management Center. It also presents you with other key features you may benefit from and helps you enable and configure them.

Cisco Online Privacy Statement

Cisco Systems, Inc. and its subsidiaries (collectively "Cisco") are committed to protecting your privacy and providing you with a positive experience on our websites and while using our products and services ("Solutions"). Please read Cisco Online Privacy Statement carefully to get a clear understanding of how we collect, use, share, and protect your personal information.

Subscriptions

Security Cloud Control Firewall Management subscriptions are term-based:

• Base - Offers subscriptions for one, three, and five years, and provides entitlement to access the Security Cloud Control Firewall Management organization and onboard adequately licensed devices.

• Device License - Offers subscriptions for one, three, and five years for any supported device you choose to manage. For example, you can choose to manage a Cisco Firepower 1010 device using Security Cloud Control Firewall Management for three years, if you purchase a three-year software subscription to the Cisco Firepower 1010 device.

When managing your firewalls with Security Cloud Control Firewall Management, you can combine Security Analytics and Logging with your Security Cloud Control Firewall Management subscription or you can obtain Security Analytics and Logging entitlement as a separate subscription. For more information about Security Analytics and Logging subscriptions, see Security Analytics and Logging Licenses.

Note	Catalyst SD-WAN doesn't require an additional license. Customers using DNA or WAN Essentials license will be able to integrate with Security Cloud Control Firewall Management.

Important

You do not require two separate device licenses to manage a high availability device pair in Security Cloud Control Firewall Management. If you have a high availability pair, purchasing one device license is sufficient, as Security Cloud Control Firewall Management considers the pair of high availability devices as one single device.

Note

You can integrate with Security Cloud Control Firewall Management leveraging your existing DNA Essentials/Advantage licensing. This will also extend to WAN Essentials/Advantage, and no other license is required. For logging into Security Analytics and Logging, you should be on the DNA Advantage (or WAN Advantage) license as well as purchase a separate Security Analytics and Logging license

Note	You cannot manage Security Cloud Control Firewall Management licensing through the Cisco smart licensing portal.

Software Subscription Support

The Security Cloud Control Firewall Management base subscription includes software subscription support that is valid for the term of the subscription and provides access to software updates, major upgrades, and Cisco Technical Assistance Center (TAC), at no extra cost. While the software support is selected by default, you can also leverage the Security Cloud Control Firewall Management solution support based on your requirement.