We performed a comparison between Cisco ISE (Identity Services Engine) and CyberArk Endpoint Privilege Manager based on real PeerSpot user reviews.
Find out what your peers are saying about Cisco, HPE Aruba Networking, Fortinet and others in Network Access Control (NAC)."After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected."
"The solution enables us to do everything from one interface."
"One of the most important features is the authentication security for the individual connection to the network through their computer or laptop."
"The first benefit is that we can implement zero trust architecture because of Cisco ISE. I can assure my CISO in my company that my network is such that nobody can just bring in their laptop, desktop, or any sort of mobile device and can directly get connected to my network. That is a benefit that I can only allow people who I trust on the network."
"The authorization and accounts inside of ISE are very useful for us."
"The endpoint profiling feature is among the most valuable because it keeps me from having to manually maintain a MAC address bypass list to track endpoints. I can have ISE profile them for me and then put them in the right bucket."
"For us and our clients, the most valuable features of Identity Services Engine are really around the rich contact sharing that ISE gives you."
"The policy sets give us more granular groups for end-user access."
"CyberArk Endpoint Privilege Manager is very easy to manage, which I like. The solution also has a dashboard where you can see which software is suspicious, which I find valuable."
"The product is stable."
"It offers great performance."
"The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically."
"The solution is scalable."
"Users can scale the solution."
"It has drastically reduced the attack surface for local administrative rights and the chance of escalation of privilege. We've removed, at this point, close to 98 percent of the local administrative accounts on workstations. If there were an incident, it would stop at that point and we'd be able to know."
"What sets CyberArk apart is its continuous innovation, staying ahead of the competition."
"They should improve the upgrades. It's not easy to upgrade the solution."
"There should be more visibility into TrustSec policy actions. When TrustSec blocks something or makes any kind of changes to the network, we don't always see that. We have to log into the switch itself, or we have to get some type of Syslog parsing to do that."
"The interface is a little bit complex."
"I'd like to see the logging be a bit more robust in terms of what it has baked in. If I want to do any in-depth searching, I have to export all the logs to an external platform like Elastic or LogRhythm and then parse through them myself. It would be nice if I could find what I want, when I want it, on the platform itself."
"There can be a little bit more integration between the controller management and ISE. There are two dashboards, you have the controller dashboards, and you have the ISE dashboard it would is a way to maybe integrate that into one. That would be great. It's not that bad. It would be easier if it could be combined into one dashboard."
"Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product."
"Cisco ISE can become quite complex, especially with policy sets, the entire authentication process, and everything involved."
"Whenever we see the authentication logs, we can't see what device we're logging into... We can see who logged in, but we can't see the IP address of the device... I'm sure that's available. We just haven't figured out how to properly deploy it."
"Technical support is slow to respond when we run into issues."
"Compared to other tools like Linux, this solution isn't as user-friendly."
"The solution's pricing could be better."
"We have had some major issues with the tool, but we have worked with the R&D teams and we have worked with support. There is room for improvement, especially on response times. But they're working on it and they're doing the best they can."
"CyberArk Endpoint Privilege Manager is a perfect solution, but CyberArk Endpoint Privilege Manager for Linux has many issues. Another area for improvement in CyberArk Endpoint Privilege Manager, specifically for Windows, is that there's no way for you to check credential theft from a text file, such as a notepad file."
"It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."
"The price of the product is an area of concern where improvements are required. The product's price should be made more flexible."
"The solution is very expensive."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 138 reviews while CyberArk Endpoint Privilege Manager is ranked 6th in Privileged Access Management (PAM) with 28 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while CyberArk Endpoint Privilege Manager is rated 8.2. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Fortinet FortiAuthenticator, whereas CyberArk Endpoint Privilege Manager is most compared with Microsoft Defender for Endpoint, BeyondTrust Endpoint Privilege Management, CrowdStrike Falcon, CyberArk Privileged Access Manager and Symantec Endpoint Security.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.