Cisco ISE (Identity Services Engine) Reviews

Name: Cisco ISE (Identity Services Engine)
Brand: Cisco
Rating: 4 (139 reviews)

Vendor: Cisco

4.1 out of 5

139 reviews
88% willing to recommend

2,661 followers

Post review

What is Cisco ISE (Identity Services Engine)?

Cisco ISE is an all-in-one solution that streamlines security policy management and reduces operating costs. Cisco ISE delivers visibility and access control over users and devices across wired, wireless, and VPN connections.

Get the Cisco ISE (Identity Services Engine) Buyer's Guide and find out what your peers are saying about Cisco ISE (Identity Services Engine), Cisco Secure Firewall, Cisco Umbrella and more!

Cisco ISE (Identity Services Engine) is the #1 ranked solution in top Network Access Control (NAC) solutions and top Cisco Security Portfolio solutions. PeerSpot users give Cisco ISE (Identity Services Engine) an average rating of 8.2 out of 10. Cisco ISE (Identity Services Engine) is most commonly compared to Cisco Secure Firewall: Cisco ISE (Identity Services Engine) vs Cisco Secure Firewall. Cisco ISE (Identity Services Engine) is popular among the large enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a educational organization, accounting for 24% of all views.

Buyer's Guide

Cisco ISE (Identity Services Engine)

July 2024

Get the report

Helped 793,295 peers since 2012

Featured reviews

Bill Masci

Senior Network Admin at Iridium

A lot of people tell you the hardware requirements for ISE are pretty substantial. If you're running a virtual environment, you're going to be dedicating quite a bit of resources to an ISE VM. That is something that could be worked on. The upgrade process is not very simple. It's pretty time-consuming. If you follow it step by step you're probably going to have a good time, but there are still a lot of things that could be a lot more user-friendly from an administrator's perspective. [They could be] easing a lot of the issues that people have. Instead of just saying the best practice is to migrate to new nodes [what would be helpful] would be to make that upgrade process easier. The UI is a lot nicer in 3.0. It's pretty slow, but for the most part, it's easy to find what you're looking for, especially things like RADIUS live logs, TACACS live logs. From a troubleshooting perspective, it's really nice finding stuff. For setting up policies, from that perspective, it could be a little bit better looking.

Read full review

Rohit-Joshi

Head of IT Infrastructure at LTI - Larsen & Toubro Infotech

Posturing is the most valuable feature. There are other tools available that can do some of their other features, like network authentication. The posturing was something because of the nature of the industry that we are in. There are people who go outside for work. Their machines are at times not in the network, and not patched properly. We don't know when they're going to come back, whether it is in a good state, whether it has antivirus, whether it's installed on those machines. Posturing is something that we have made our baseline policy that whenever a machine comes back to our network, it should have a certain level of the operating system and a level of security and antivirus installed. We couldn't have done this posturing without Cisco ISE. This is its greatest feature. It does help me to detect and remediate my network. It enables me to detect any external threat that comes to my network and remediate. If a machine comes into my network that does not qualify per my baseline policy, I have a policy that the machine gets redirected to where it can be patched and remediated. I can ensure that it is fully patched and secure. The entire idea of having ISE is to enhance cybersecurity resilience. The zero trust architecture was coined by the cybersecurity team itself. It was a task given to us in the infrastructure space to see how we can bring resilience into the cybersecurity network and ISE was the solution.

Read full review

Brad Lossing

Manager Network Operations at RAND Corporation

We've become more secure. We see devices that lose certificates, and then they get denied. Before, we would only get to know that the network was down. Now, with the help of the solution, we can pull up reports, go through them and understand that the certificate has expired. So, the person who raised the ticket takes the certificate, and everything gets resolved. We can also understand if posturing fails because the user doesn't have the current version of the software on. The product provides us with one place to look for all of these noncompliance issues. If a port keeps locking down, we can send somebody to check the devices and remove a bad device if needed. The issue doesn’t get on the network because the product ties in and locks the network down for us on that port.

Read full review

Cisco ISE (Identity Services Engine) video interviews

Watch video interviews with real Cisco ISE (Identity Services Engine) users to learn how the Network Access Control (NAC) solution helped improve their organization. The videos include info about the challenges and benefits of implementing Cisco ISE (Identity Services Engine).

Aug 5, 2022

Brandon Pettway

Lead Network Engineer at a educational organization with 1,001-5,000 employees

Read review

Aug 3, 2023

Vergin Mansour

Network Engineer at Northrop Grumman

Read review

Aug 3, 2023

Brad Davenport

VP of Technical Architecture at Logicalis

Read review

Cisco ISE (Identity Services Engine) mindshare

Product category:

As of July 2024, the mindshare of Cisco ISE (Identity Services Engine) in the Network Access Control (NAC) category stands at 25.7%, down from 32.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Network Access Control (NAC)

Key learnings from peers

Last updated Jul 8, 2024

Valuable Features

"Cisco ISE provides authentication for various applications. It can integrate with other applications to manage access, including Privileged Access Management for those applications. For a comprehensive environment, Cisco ISE should be able to integrate and provide asset management for an IT organization or any organization."
"The solution is very reliable."
"It offers automatic profiling of phones and computers, enabling administrators to identify and categorize devices seamlessly."

Room for Improvement

"The product is expensive. It would also be a good add-on to have some machine learning."
"Cisco ISE does not recognize devices and that is an issue we faced during its integration with our existing devices."
"They could incorporate some AI features."

ROI

Cisco ISE offers significant returns by enhancing security, preventing costly breaches, and integrating smoothly with other systems. Customers report cost savings through streamlined troubleshooting and reduced need for additional IT staff. Compliance with regulatory standards further prevents fines. Longevity and robust support for Cisco apparatus ensure prolonged effective use, minimizing replacement frequency. Overall, organizations find that avoiding potential ransomware threats and integrating technology across platforms justifies initial investment costs.

Pricing

"If you consider money only, Cisco ISE is not a cheap solution."
"The solution is not that cheap."
"I would rate the pricing an eight out of ten, one being cheap and ten being expensive."

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Cisco ISE (Identity Services Engine) Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Educational Organization

24%

Computer Software Company

16%

Government

Financial Services Firm

Manufacturing Company

Healthcare Company

Retailer

University

Energy/Utilities Company

Comms Service Provider

Construction Company

Insurance Company

Non Profit

Real Estate/Law Firm

Media Company

Hospitality Company

Legal Firm

Wholesaler/Distributor

Transportation Company

Recreational Facilities/Services Company

Outsourcing Company

Aerospace/Defense Firm

Performing Arts

Logistics Company

Pharma/Biotech Company

Consumer Goods Company

Compare Cisco ISE (Identity Services Engine) with alternative products

Learn more about Cisco ISE (Identity Services Engine)

Identity Services Engine enables enterprises to deliver secure network access to users and devices. It shares contextual data, such as threats and vulnerabilities, with integrated solutions from Cisco technology partners. You can see what is happening in your network, which applications are running, and more.

Features of Cisco ISE

Centralized management helps administrators configure and manage user profile characteristics - a single pane of glass for integrated management services.
Contextual identity and business policy: The rule-based attribute is a driven policy model. The goal is to provide flexible access control policies.
Wide range of access control options, including Virtual LAN (VLAN) URL redirections, and access control lists.
Supplicant-less network access: You can roll out secure network access by deriving authentication from login information across application layers.
Guest lifecycle management streamlines the experience for implementing and customizing network access for guests.
Built-in AAA services: The platform uses standard RADIUS protocol for authentication, authorization, and accounting.
Device auditing, administration, and access control provide users with access on a need-to-know and need-to-act basis. It keeps audit trails for every change in the network.
Device profiling: ISE features predefined device templates for different types of endpoints.
Internal certificate authority: Qn easy-to-deploy single console to manage endpoints and certificates.

Benefits of Cisco ISE

Cisco’s holistic approach to network access security has several advantages:

Context-based access based on your company policies. ISE creates a complete contextual identity, including attributes such as user, time, location, threat, access type, and vulnerability. This contextual identity is used to enforce a secure access policy. Administrators can apply strict control over how and when endpoints are allowed in the network.
Better network visibility via an easy-to-use, simple console. In addition, visibility is improved by storing a detailed attribute history of all endpoints connected to the network.
Comprehensive policy enforcement. ISE sets easy and flexible access rules. These rules are controlled from a central console that enforces them across the network and security infrastructure. You can define policies that differentiate between registered users and guests. The system uses group tags that enable access control on business rules instead of IP addresses.
Self-service device onboarding enables the enterprise to implement a Bring-Your-Own-Device (BYOD) policy securely. Users can manage their devices according to the policies defined by IT administrators. (IT remains in charge of provisioning and posturing to comply with security policies.)
Consistent guest experiences: You can provide guests with different levels of access from different connections. You can customize guest portals via a cloud-delivered portal editor with dynamic visual tools.

Support

You can get ISE as a physical or virtual appliance. Both deployments can create ISE clusters that create scale, redundancy, and requirements.

Licensing

Cisco ISE has four primary licences. Evaluation for up to 100 endpoints with full platform functionality. The higher tiers are Partner, Advantage and Essential.

Reviews from Real Users

"The user experience of the solution is great. It's a very transparent system. according to a PeerSpot user in Cyber Security at a manufacturing company.

Omar Z., Network & Security Engineer at an engineering company, feels that "The RADIUS Server holds the most value."

“Whether I deploy in China, the US, South Africa, or wherever, I can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability," says Rammohan M., Senior Consultant at a tech services company.

Hassan A.,Technology Manager at Advanced Integrated Systems, says that "The most valuable feature is the integration with StealthWatch and DNA as one fabric."

Cisco ISE (Identity Services Engine) was previously known as Cisco ISE.

Product Video

Cisco ISE (Identity Services Engine) customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University