Cisco Identity Services Engine (ISE) Reviews

It can handle Radius and TACACS+.

Authorisation and Authentication Policy creation is easier. Access right limitation is pretty easy in ISE. Context exchange feature is present.

It is quite complex when it comes to troubleshooting.

2 years

Upgrade was quite a pain. It doesn't exactly go according to the document.

On TACACS side, we see some issues. The rest is all going well.

It's good.

Tech support is still lacking on TACACS troubleshooting on ISE.

We were using ACS and IAS servers for radius and TACACS. ISE is one stop shop for everything with more to offer.

Initially done with a Cisco consultant and started with Radius services. Expertise was excellent.

Smartnet is not so cheap depending on the deployment.

We have deployed this solution and we keep on exploring more and more. It can do wonders for authentication and limiting access with the network.

Profile Sets help organize how AAA is handled by grouping, like traffic into separate subroutines.

We implement this for customers is various verticals. Most of the time oit is in Education. It really helps secure, classify and manage users including guest and BYOD users.

The product has improved with its evolution. The initial setup, though, is extremely complex.

10 years. I have used this since it was Cisco ACS

As the product matures I encounter less and less problems.

The produt scales well.

Excellent. TACis quite knowledgable.

I have used Microsoft IAS/NPS, Funk, and Aruba ClearPass. ClearPass is the only product in the same league as Cisco ISE.

ISE is extremely complex. With the functionality and flexibility it offers that is to be expected.

I am the vendors's partner.

Licensing and pricing is a complicated calculation, so it is best to really understand your customers' needs. Also team up with the right resources at Cisco for help.

Cisco Identity Services Engine (ISE) version 1.3 has improved it's GUI margin and much easier to navigate than the previous versions. 

This technology pride itself with Trust Sec and 802.1x  feature. Trust Sec can be an advantage when an environment is nothing but a Cisco workshop.

This technology is based upon utilizing other Cisco products such as IDS, IPS, ASA and Catalyst switches. It provides the RADIUS feature for Active Directory so that 802.1x (EAP over LAN) is properly utilized for User Authentication.  

It also does MAC Address Bypass (MAB) for MAC Address verification and authentication.  

Cisco will integrate the TACACS+ feature into ISE version 2.0 and enterprises no longer need Cisco ACS for this reason.  

Many organizations and large enterprises are faced with the daunting task of keeping their security issues at bay. They also need to be in compliant with the Cyber Security's strict guidelines and orders.  

While there are many cyber attacks from the outside of the edge routers, cyber attacks can also be implemented within the organization whether it is either intentional or unintentional.  Cisco ISE can mitigate many attacks such as MAC spoofing, VLAN hopping, DHCP Starvation and ARP Snooping.

By implementing ISE, it can lighten the overhead of the Cisco Catalyst Switches by not implementing port security, Dynamic Arp Inspection, DHCP Snooping. This will also improve the switch's performance since the ISE server takes over the duty of posturing with its Policy Service Node persona.  

Cisco ISE has improved performances on Access Switches and closely monitored the daily suspicious or rogue activities within the organization.  

We've had no issues with deployment.

We've had no issues with stability.

We've been able to scale it for our needs.

• I'ts compatibility with 802.1X
• Posture
• Profiling
• Guest Portal

As an integrator, I can tell that this product is mostly used for implementing wireless 802.1X with Active Directory and guest portals. It can be integrated with Active Directory and an external SMS gateway, can be used to track user authentications with Cisco WLC, can be therefore used to completely implement BYOD (considering the tight integration with leading MDM vendors). The product can be bought as a physical appliance as well a virtual appliance.

We are waiting for TACACS integration to completely replace the Cisco ACS line of products.

I've used it for about four years.

Being a product relatively young the product seems incredibly stable and not prone to system outages.

Having a Cisco consolidated experience with this type of products, the product encounters very little of no scalability problem.

Cisco has implemented a special ATC partner program to help partners and customers to have a smooth deployment. As far as I know there is also a dedicated TAC area for this product, Cisco commitment on the ISE line of product is really at a top level. I can say this with an high degree of certainty being a Cisco Gold Partner.

We use this product because we mainly sell this as a premier class NAC solution, compared to other similar products.

The initial setup is very straightforwardly done by following the product’s document guides.

I work for a vendor/system integrator.

The main advice is to seek for an accredited ATC system integrator with a large ISE portfolio.

We use the solution to secure the endpoint. Before the user connects to the network, it can be investigated whether to connect.

Cisco ISE has a powerful posturing tool with security requirements. This data can be integrated with the device identity and threat intelligence surface, enabling you to create granular policies based on a device's identity. Just like we made policies based on Samsung or Lenovo, you can now do the same based on its compliance posture.

You have to restart the system to change the DNS or NTP server.

I have been using Cisco ISE as a system integrator for three years.

I rate the solution’s stability an eight out of ten.

The solution’s scalability is good. We cater the solution to medium-sized businesses.

I rate the solution’s scalability an eight out of ten.

The initial setup is easy. One engineer can deploy it in three hours.

The product has moderate pricing and comes with a subscription model.

We must check the compatibility with the other device before using Cisco ISE. Fortinet or Palo Alto provides integration to another device.

The solution has medium maintenance.

Overall, I rate the solution a nine out of ten.

Our clients use Cisco ISE for security, especially in the finance industry.

Our clients like Cisco ISE because they already use various Cisco solutions. It's easy for them to use this solution because they have an engineer with Cisco certifications.

The price could be better. I would like to see more integration with third-party solutions in the next release. This is because many of my clients don't have Cisco.

We have been a partner dealing with Cisco ISE for about 14 years.

Cisco ISE is very stable.

Scalability is good.

I think Cisco has already improved its support for this solution.

On a scale from one to five, I would give technical support a five.

Neutral

The initial setup is easy. We have two engineers who implement this solution.

On a scale from one to five, I would give the initial setup a four.

Cisco is expensive, but it's the cost for all the functions and value it brings. Functions like internet solutions, integrations, security, and many more features are important, but it's expensive for some clients.

I would tell potential users that this is a good solution.

On a scale from one to ten, I would give  Cisco ISE a ten.

We are a solution provider and we provide Cisco products, including ISE, to our customers.

This product is used to facilitate the connection of a local network to wireless access. This allows us to restrict users and their access.

This product allows them to see the traffic that is going through the network.

It is stable and easy to use.

The user interface can be improved.

I have been using Cisco ISE for approximately three years.

Cisco ISE is stable.

This is a scalable solution. There are more than 500 users in my client's organization.

The technical support from Cisco is very good

ISE is very easy to configure, although it takes time because we have to take input from the customer. It will take about two days to implement and deploy.

We have a consultant to assist with deployment. A team of four engineers is required for deployment and maintenance.

The price is okay.

As of now, this product is working fine.

I would rate this solution a ten out of ten.

The solution is being used for authentication purposes and for sharing assessments. 

Cisco ISE has helped improve our security. 

It helps ensure that you are working in accordance with the organizational policy before you join the network. Also, the solution is very reliable. 

I would like to see better management. Integration with other platforms can also be improved. 

Cisco ISE does not recognize devices and that is an issue we faced during its integration with our existing devices.

I have been working with Cisco ISE (Identity Services Engine) for ten years. 

The stability of the solution is average. I would rate the stability of the solution a seven out of ten. 

The solution's scalability is average. I would rate the scalability a seven out of ten. 

The initial setup of Cisco ISE is complex. For the deployment, the solution needs to be installed and then it needs to be integrated with the network and certificates to get to the endpoints. 

I would like to advice that Cisco ISE is a reliable and stable solution although it is not very easy to use. They should work on integrating the solution with other platforms.

Overall, I will rate the solution an eight out of ten.