No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Identity Services Engine (ISE) vs Portnox vs Sophos Network Access Control comparison

Cisco and Portnox Security are both solutions in the Network Access Control (NAC) category. Cisco is ranked #2 with an average rating of 7.6, while Portnox Security is ranked #6 with an average rating of 8.0. Cisco holds a 21.7% mindshare in NAC, compared to Portnox Security’s 5.4% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 95% of Portnox Security users who would recommend it.
Cisco Identity Services Eng...
Read 144 Cisco Identity Services Engine (ISE) reviews
  • 15,070 Views
  • 9,796 Comparison Views
87% willing to recommend
Portnox
Read 29 Portnox reviews
  • 2,842 Views
  • 2,132 Comparison Views
95% willing to recommend
Sophos Network Access Control
Read 24 Sophos Network Access Control reviews
  • 1,276 Views
  • 1,238 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Cisco Identity Services Engine (ISE), Portnox, and Sophos Network Access Control based on real PeerSpot user reviews.

Find out what your peers are saying about Hewlett Packard Enterprise, Cisco, Fortinet and others in Network Access Control (NAC).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Network Access Control (NAC) Report (Updated: March 2026).
Buyer's Guide
Network Access Control (NAC)
March 2026
Download the complete report
Helped 885,728 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

As of April 2026, in the Network Access Control (NAC) category, the mindshare of Cisco Identity Services Engine (ISE) is 21.7%, down from 27.1% compared to the previous year. The mindshare of Portnox is 5.4%, up from 3.1% compared to the previous year. The mindshare of Sophos Network Access Control is 2.3%, up from 1.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Access Control (NAC) Mindshare Distribution
ProductMindshare (%)
Cisco Identity Services Engine (ISE)21.7%
Portnox5.4%
Sophos Network Access Control2.3%
Other70.6%
Network Access Control (NAC)
 

Featured Reviews

NF
NicolasFigaro
Network and Technology Information Manager at Akkodis
Has improved authentication management and simplified visitor network access
The log capacity in Cisco Identity Services Engine (ISE) could be enhanced because today natively on the ISE can only have a look at the logs from the day before. You cannot search into the oldest logs; you have to use another tool for that. This can be blocking if you don't have any log consolidation solution. To do a search for an issue or something that happened two days ago, you cannot search directly in there. The capacity of Cisco Identity Services Engine (ISE) could be enhanced. Something between one week and one month for the log capacity would be nice.
Read full review
Maurice Mwaura - PeerSpot reviewer
Maurice Mwaura
Product Manager at Applied Principles Limited
Unified access control has improved compliance visibility and simplified passwordless access
There is work to be done when it comes to making the solution more seamless. For example, when a user is denied access, they would need a way to maybe self-resolve themselves, perhaps a way to generate a ticket on their own, something around resolutions. When it comes to users using the product, that is where good products are differentiated from products that are a bit of a challenge. Portnox has much to do in terms of their reporting. The generated reports need improvement. Things that other tools would say are normal are usually not present. For example, there is a page called NAS devices or NAS network that is able to show the switches that have been managed. Currently, there is no way of generating an easy report or an easy way of just generating something to tell the customer what they have been able to achieve so far. This is not done yet and is still very manual. I think there is work to be done there. More integrations around the various products being used would be beneficial. So far I have not encountered any major challenge. Where there was a challenge, I think support came in and helped us resolve. In fact, most of the challenges are not with the product; they are with the customer environment. I think that is just to update their documentation where they have come across a new vendor for easier integrations in the future.
Read full review
HirenPatel2 - PeerSpot reviewer
HirenPatel2
Manager at rspl
Have faced delays in support despite strong multi-layer policy configuration
I have observed some disadvantages as we have experienced one particular problem. We were facing an issue of synchronization of the endpoint with our firewall with help on a cloud for heartbeat syncing. However, it was not syncing as per our requirement. The user has to connect our firewall with the help of VPN. We were supposed to assume a solution on a cloud, which has good synchronization on a cloud with Sophos Central. It will sync with our firewall as well with the help of Sophos Central. Endpoint and firewall synchronization is not as smooth as we are expecting from Sophos Network Access Control. We have to connect with VPN. We are expecting that if we have already installed an endpoint on our system and it is connected to the internet, then it must be synchronized on a cloud with Sophos Central. Through Sophos Central, it must connect with our firewall. If the endpoint is configured on Sophos Central and the firewall is also configured in Sophos Central, then there should be no need to connect to VPN.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Use ISE if you want to build more resilience within your organization."
"I'm very satisfied with the product; it has been excellent so far, with excellent performance, expected outcomes that give control to the network, and good integration with third-party systems like antivirus, patch management, and MDM."
"Cisco ISE has enabled my customers to deploy secure wireless and secure wired networks and gave them a lot of flexibility to do security enforcement."
"The RADIUS Server holds the most value."
"This product allows them to see the traffic that is going through the network; it is stable and easy to use."
"Regardless of your industry, I would recommend Cisco ISE if you want good identity management."
"After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected."
"[One of the most valuable features] is just the ease of use. It's pretty simple to set up certs that we can add to our clients to make sure that they connect properly, [as is] whitelisting Mac addresses."
More Cisco Identity Services Engine (ISE) pros
"It's a stable product."
"For the information security team, the security level was improved because it helped to manage and prevent rogue devices from connecting to the corporate network."
"For a network access control solution, Portnox is a very good solution."
"The minute people have issues on their network, we can see what is happening right away."
"Portnox saves me about fifty percent of my time."
"The most important of all is that we are aware of situations the minute anyone on the network has issues, with a very good graphical interface that shows us exactly where the issue is and what ports it is occurring at, making it a lot easier for us to troubleshoot network issues and helping with uptime and productivity."
"We are very satisfied with this solution; we like it because it is agentless."
"This product has helped us tremendously during the years in locating all kind of issues that we had on the network, very quickly, and I recommend it."
More Portnox pros
"The solution offers very good visibility."
"The platform's most valuable features include robust reporting and analytics capabilities, which provide deep insights into our sales performance and customer behavior."
"The pricing is very reasonable and you can negotiate on the price."
"We get full visibility into the network as a product, which is one of the key features of the product because recently they have acquired another product called Secure Wave, which is integrated into Sophos Network Access Control and provides advanced capabilities for managed detection and remediation, MDR, a major plus for customers."
"The return on our investment was huge, mostly due to the time saved in managing thousands of physical endpoints."
"The solution offers very good visibility."
"The wifi control is fantastic and makes it very easy to administer."
"The system right now covers all my needs and it's very comfortable to work with."
More Sophos Network Access Control pros
 

Cons

"Also, the menus could have been much simpler. There are many redundant things. That's a problem with all Cisco solutions. There are too many menus and redundant things on all of them."
"Setup wasn't easy, especially if you haven’t worked with it intensively."
"There are always some things that I would request."
"There should be an easier way to do the upgrades."
"The pricing and licensing structure are not ideal for customers."
"An issue with the product is it tends to have a lot of bugs whenever they release a new release."
"Support and integration for the active devices needs to be worked on. Their features mainly work well with Mac devices. If we use an HP the Mac functionalities may no longer be able to deliver."
"Cisco ISE could be simplified somewhat. I would also prefer certificate-based authentication over confirmation-based authentication for all the processes. It's possible for us to do a workaround, but the process needs to be simplified."
More Cisco Identity Services Engine (ISE) cons
"The product should consider more integration with vendors like Huawei. It should also improve visibility. The solution should offer a partner portal that can provide customers training on the in and out of the solution."
"In terms of operational efficiency, things are more complicated now. It takes more time to get devices on the network, but we increased security quite a bit."
"I believe there are some difficulties with the removal of devices that could be improved."
"I think while Portnox provides wonderful technology, the support and maintenance agreements are problematic."
"The Wi-Fi integration could be done better from their end. If there is an improvement, it should be around having more functions on the integration with the Wi-Fi controller I used, which was a UniFi controller, also on-prem."
"Ideally, we should be able to search for any MAC address in the database, regardless of its authentication status, to see all its associated groups and potential conflicts."
"Portnox has design considerations that limit its applicability."
"It can't work fully redundant."
More Portnox cons
"The user interface, in terms of managing the product, could be better."
"I'd like to see them include direct integration with Active Directory."
"In Indonesia, there are a lot of false positives. For example, many websites from our government and local industries are blocked by the IPS."
"Sophos Network Access Control needs improvement regarding its slow interface, loading time, and reporting."
"The interface on the cloud could be a bit better - just to give more performance on it."
"Users are not controlled by role-based access; it's basically device-based control. The definition of role-based control is a little vague here because on the cloud level, it regulates access rather than tasks."
"Sometimes we encounter intermediate-level support staff who use trial-and-error approaches, but sometimes we receive support from excellent staff members who resolve issues within seconds."
"In order to provide better management, it would be ideal with they offered better plugins for their firewall."
More Sophos Network Access Control cons
 

Pricing and Cost Advice

"The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution."
"Its licensing could be improved. It used to be perpetual, but now they are moving away from that."
"The SMARTnet technical support is available at an additional cost."
"I don't know too much about the actual pricing on it. The licensing part is pretty straightforward. It's a lot more simple than some of the other Cisco licensing models. In that aspect, it's great."
"The price is okay."
"Being fully honest, the Cisco licensing model right now is really confusing. We don't know what licenses we have where. We have Smart licensing, but the different levels are way confusing."
"The pricing is fair for what it does."
"I have complaints. I don't enjoy the licensing model. Once we moved from 2.7 to 3.1, switching from Base, Plus, and Apex to Essential and Advantage in Premier, we went from a perpetual, with our base licenses, to now a subscription-base. So, we will have to renew those licenses every year, and I'm not a fan of that for our base licenses. Apex/Premier, we already expected, which is fine, but for basic connectivity, I am not a fan of that."
More Cisco Identity Services Engine (ISE) pricing and cost advice
"Pricing is quite reasonable."
"Pricing is not cheap. It is based on licenses per port. After licensing is purchased, you only pay for support."
"The solution is very expensive and I would rate it 10 out of 10."
"The licensing module should be reviewed to count the number of devices instead of port numbers of total switches. There is a case for this where not all ports for a switch are used by devices. Unused ports are calculated in the license, then the customer pays for license for those unused ports."
"The vendor price is fair."
"It's not cheap. It's not expensive. It's in the middle."
"The pricing is a bit high, possibly due to the cloud features and running instances across regions like the US, Asia, and Europe."
"The users are not very happy with the new licensing option where there is only a subscription license. There is no perpetual license."
More Portnox pricing and cost advice
"It provides a moderate pricing option for all of its features and benefits."
"It is quite expensive."
"Sophos Network Access Control is costly but has a similar price range as CrowdStrike and Check Point. The product can get more market share if Sophos can play around with Sophos Network Access Control pricing and improve it."
"Sophos Network Access Control is very cheap compared to other solutions like Cisco, Barracuda, and Palo Alto."
"I rate the price of Sophos Network Access Control a five out of ten."
"Sophos Network Access Control is an expensive solution."
report
See which vendors are best for you
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
See recommendations
885,728 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
11%
Computer Software Company
8%
Financial Services Firm
8%
Government
8%
Manufacturing Company
16%
Financial Services Firm
12%
Healthcare Company
9%
Computer Software Company
5%
Healthcare Company
9%
Manufacturing Company
8%
Government
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise32
Large Enterprise91
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise5
Large Enterprise9
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise3
Large Enterprise3
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can...
See all answers
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cann...
See all answers
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if some...
See all answers
What is your experience regarding pricing and costs for Portnox Clear?
Portnox's pricing is very conservative and offers great value for money. If I compare it with any other solution, pri...
See all answers
What needs improvement with Portnox Clear?
In Portnox, the area that has room for improvement is that older data is not fetching correctly. For an older switch,...
See all answers
What is your primary use case for Portnox Clear?
My use case for Portnox is for whitelisting ports and adding policies. We are using two modes: enforce mode and monit...
See all answers
What is your experience regarding pricing and costs for Sophos Network Access Control?
The pricing of Sophos Network Access Control is good, but it is somewhat high.
See all answers
What needs improvement with Sophos Network Access Control?
In my opinion, one feature that should be added is the ability to trace emails from individuals who change their IP a...
See all answers
What is your primary use case for Sophos Network Access Control?
Sophos Network Access Control serves primary use cases for both networking purposes and security purposes.
See all answers
 

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE) Logo
Aruba ClearPass vs Cisco Identity Services Engine (ISE)
Compared 25% of the time
Fortinet FortiNAC vs Cisco Identity Services Engine (ISE) Logo
Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)
Compared 16% of the time
Forescout Platform vs Cisco Identity Services Engine (ISE) Logo
Forescout Platform vs Cisco Identity Services Engine (ISE)
Compared 7% of the time
CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE) Logo
CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)
Compared 3% of the time
Fortinet FortiAuthenticator vs Cisco Identity Services Engine (ISE) Logo
Fortinet FortiAuthenticator vs Cisco Identity Services Engine (ISE)
Compared 2% of the time
More Cisco Identity Services Engine (ISE) Competitors
Fortinet FortiNAC vs Portnox Logo
Fortinet FortiNAC vs Portnox
Compared 13% of the time
Aruba ClearPass vs Portnox Logo
Aruba ClearPass vs Portnox
Compared 12% of the time
Symantec Zero Trust Network Access (ZTNA) vs Portnox Logo
Symantec Zero Trust Network Access (ZTNA) vs Portnox
Compared 9% of the time
Forescout Platform vs Portnox Logo
Forescout Platform vs Portnox
Compared 7% of the time
Google Cloud Identity-Aware Proxy vs Portnox Logo
Google Cloud Identity-Aware Proxy vs Portnox
Compared 3% of the time
More Portnox Competitors
Aruba ClearPass vs Sophos Network Access Control Logo
Aruba ClearPass vs Sophos Network Access Control
Compared 18% of the time
Fortinet FortiNAC vs Sophos Network Access Control Logo
Fortinet FortiNAC vs Sophos Network Access Control
Compared 14% of the time
Twingate vs Sophos Network Access Control Logo
Twingate vs Sophos Network Access Control
Compared 8% of the time
macmon Network Access Control vs Sophos Network Access Control Logo
macmon Network Access Control vs Sophos Network Access Control
Compared 7% of the time
ExtremeCloud IQ vs Sophos Network Access Control Logo
ExtremeCloud IQ vs Sophos Network Access Control
Compared 6% of the time
More Sophos Network Access Control Competitors
 

Product Reports

Buyer's Guide
Cisco Identity Services Engine (ISE)
March 2026
Cisco Identity Services Engine (ISE) reportDownload Cisco Identity Services Engine (ISE) product report
Buyer's Guide
Portnox
March 2026
Portnox reportDownload Portnox product report
Buyer's Guide
Sophos Network Access Control
March 2026
Sophos Network Access Control reportDownload Sophos Network Access Control product report
 

Also Known As

Cisco ISE
Access Layers Portnox, Portnox CLEAR
No data available
 

Interactive Demo

Demo not available
Cisco
Portnox Security
Demo not available
Sophos
 

Overview

Cisco Identity Services Engine offers robust authentication, posture profiling, guest and secure access, and dynamic policy management. Known for its seamless integration with Cisco tools and network access control features, it ensures secure device and user authentication across networks.

Cisco Identity Services Engine is renowned for its capabilities in managing authentication, guest access, and policy management through segmentation. Its TrustSec functionality, alongside RADIUS and TACACS+ support, provides enhanced security, further augmented by its ability to operate in diverse environments. Its scalability and integration with Cisco solutions aid in maintaining network visibility and access control. Challenges include the complexity of initial deployments, somewhat cumbersome documentation, and limited integration in multi-vendor environments. While encountering issues in stability and updates, the demand for better analytics and straightforward troubleshooting alongside cost-effective licensing is notable.

What are the key features of Cisco Identity Services Engine?
  • Authentication: Secures user and device access to networks using robust authentication protocols.
  • Posture Profiling: Provides in-depth analysis of device compliance with security policies.
  • Guest Access Management: Allows controlled network access for guest users through streamlined processes.
  • Dynamic Policy Management: Enables automatic adjustment of security policies based on real-time data.
  • Segmentation via TrustSec: Enhances security levels by segmenting network traffic based on identity.
What benefits or ROI should users expect from Cisco Identity Services Engine?
  • Comprehensive Security: Ensures enforceable security policies across network access points.
  • Enhanced Integration: Facilitates seamless collaboration with existing Cisco infrastructures.
  • Improved Compliance: Helps meet industry security standards for network access and user rights.
  • Increased Visibility: Provides detailed insights into network traffic and user activities.
  • Device Management Efficiency: Streamlines the process of managing diverse devices within a single framework.

Industries implement Cisco Identity Services Engine primarily for network access control, ensuring secure authentication and segmentation in both wired and wireless environments. Supporting policies like bring-your-own-device and compliance standards, ISE manages identity-based access control, especially beneficial for entities that require detailed user rights management and integration within enterprise networks.

Cisco

Portnox provides advanced network visibility and proactive security without complexity, ensuring easy setup and scalability. Its agentless nature and intuitive design enable seamless device management and system integration, promoting efficient network operations and endpoint security.

Portnox is known for offering comprehensive network access control, providing firms with vital tools for managing authentication and securing endpoint devices. It's praised for ease of use in integrating with systems such as RADIUS servers and offering detailed analytical capabilities to ensure compliance and control unauthorized access. While users appreciate the intuitive interface and device management, improvements have been suggested in the areas of better GUI, integration with firewalls, and enhanced configuration methods. Portnox aids in handling dynamic VLAN assignments and securing access in both wired and wireless networks, proving particularly valuable for on-premises and remote environments.

What are the key features of Portnox?
  • Network Visibility: Offers comprehensive oversight of network activities.
  • Agentless Setup: Ensures easy implementation with minimal disruption.
  • Compliance Checks: Provides tools for compliance verification and incident reporting.
  • Integration: Seamlessly connects with existing IT systems for efficient management.
What benefits should users look for?
  • Enhanced Security: Prioritizes proactive measures to secure endpoints.
  • Easy Management: Facilitates straightforward device handling and network control.
  • Efficiency: Streamlines network operations for better performance.
  • Scalability: Adapts to organizational growth without complexities.

In industries where network security is paramount, such as finance and healthcare, Portnox is implemented to fortify access control and manage endpoint connections effectively. Its ability to secure both on-premises and remote environments makes it a versatile choice across sectors that require stringent access management, particularly where unauthorized device connections pose significant risks.

Portnox Security
Sophos NAC Provides comprehensive, easy-to-deploy network access control that protects enterprise networks from the threats posed by non-compliant, compromised, or misconfigured endpoint computers. The software solution is vendor-neutral and works with existing network infrastructure and security applications. Computers are permitted or denied access to the network, based on a centrally defined, policy-driven assessment - and isolated, quarantined for remediation, automatically remediated, or sent alerts. Administrators can define and manage policies uniquely for managed and guest computers, including checking their security status and ensuring that no unwanted applications are run.
Sophos
 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
Data Realty, Royal London, Wales Millennium Centre, McLaren Construction Group, EL AL Israeli Airlines, 
Rushmoor Borough Council
Buyer's Guide
Network Access Control (NAC)
March 2026
Download Free Report
Find out what your peers are saying about Hewlett Packard Enterprise, Cisco, Fortinet and others in Network Access Control (NAC). Updated: March 2026.
DOWNLOAD NOW
885,728 professionals have used our research since 2012.