Cisco Identity Services Engine ISE and Fortinet FortiAuthenticator are leading solutions in the network access control market. Cisco ISE seems to have an upper hand due to its extensive integration with Cisco products, while FortiAuthenticator is noted for its straightforward and cost-effective authentication management within the Fortinet ecosystem.
Features: Cisco ISE offers centralized policy management, posture profiling, and scalable deployment options. Its TrustSec technology and broad RADIUS support are invaluable for Cisco-centric networks. Conversely, Fortinet FortiAuthenticator excels in robust authentication with two-factor capabilities, leveraging multiple credential sources like LDAP and RADIUS, enhancing its appeal in Fortinet environments.
Room for Improvement: Cisco ISE users highlight challenges with initial setup complexity, requiring improved documentation and enhanced integration with non-Cisco environments. FortiAuthenticator would benefit from better third-party application integration, more intuitive user interfaces, and expanded services beyond authentication.
Ease of Deployment and Customer Service: Cisco ISE supports both hybrid and on-premises deployment, integrating well within Cisco offerings, though complexities arise during product integration, affecting support timeliness. Fortinet FortiAuthenticator is praised for its diverse deployment methods and competitive licensing, yet broader integration could be refined.
Pricing and ROI: Perceived as costly, Cisco ISE offers substantial features, with a complex licensing model shifting towards subscription, raising cost concerns for smaller entities but justified by enterprises for its benefits. FortiAuthenticator presents a simpler, cost-effective pricing approach, appealing to businesses seeking reliable authentication without additional costs; its competitive pricing is advantageous for ongoing cost savings.
Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.
It enhances security by ensuring only the right person can access systems, even if their login credentials are compromised.
I rate the technical support as one out of ten.
Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.
Customer service and support are excellent.
At times, some technical staff lack knowledge, which delays issue resolution.
When we send a ticket to Fortinet, they go into research mode as if they are hearing the problem for the first time.
Factors like architecture, business nature, and legal limitations such as GDPR affect it.
The scalability of FortiAuthenticator is good, and I would rate it an eight on a scale of one to ten.
I find Fortinet FortiAuthenticator to be highly scalable, and I would rate it an eight out of ten for scalability.
Cisco Identity Services Engine (ISE) is considered very reliable and stable.
The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication.
It remains stable even when the number of concurrent users increases.
The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE).
Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features.
Additionally, the product is vulnerable and has many bugs.
For example, authentication for wireless users expires after 24 hours, requiring re-authentication daily.
I recommend Fortinet make its images migratable between environments.
I would like to see more integration and inclusion of features for ransomware protection directly within the FortiAuthenticator without requiring additional devices.
The license costs can range between $50,000 to $100,000 per year for enterprises.
Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.
Making large organizational costs significant.
Fortinet FortiAuthenticator is not overly expensive compared to other Fortinet subscriptions.
Cisco Identity Services Engine (ISE) offers authentication using RADIUS, enhancing network security by separating and segregating networks.
Cisco Identity Services Engine (ISE) is very good at device administration.
The solution is integrated with other Cisco devices and can offer automation for an organization, making deployments more dynamic and providing real-time visibility.
The integration with FortiToken is outstanding, adding a layer of security for authentication.
We use multi-factor authentication for enhancing security.
The most valuable feature I find in FortiAuthenticator is web filtering.
Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.
Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.
What are the key features of Cisco ISE?In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.
Fortinet FortiAuthenticator is the primary secure point of approved access into the Fortinet network, authorizing users, reviewing access permissions, and relaying the information to all Fortigate devices for comparison with identity-based protocols. Fortinet FortiAuthenticator is a top-ranked authorization and SSO solution.
Appropriate secure access is fundamental to every role in an enterprise ecosystem. It is an integral function of every organization to ensure that every access and privilege is secure and to mitigate any possible risk to an organization. Approved users should only have access to the necessary information when they need it, from the appropriate location(s) to safeguard an organization's security at all times.
Fortinet FortiAuthenticator is available as an appliance, virtual machine, or in the cloud.
Fortinet FortiAuthenticator Methods
Reviews from Real Users
Ernesto C., Presales Engineer at a comms service provider, shares,
”Key Features and Benefits
Ibrahim M., Senior Network & Security Engineer at a tech services company, relates, "The initial setup is a valuable point on Fortinet products. Most of the time, putting the theory into practice on the devices is quite friendly and straightforward. As long as you can read English you can find your way around the solution and make it work. This is a high value point on Fortinet - the way everything is laid out in the web UI is user-friendly and quite straightforward. The UI is quite simple."
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
