Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager comparison

The compared Cisco and Broadcom solutions aren't in the same category. Cisco is ranked #1 in NAC , with an average rating of 8.1, and holds a 22.8% mindshare in the category. Broadcom is ranked #16 in PAM , with an average rating of 8.5, and holds a 1.8% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 85% of Broadcom users who would recommend it.

Cisco Identity Services Eng...

Read 145 Cisco Identity Services Engine (ISE) reviews

15,318 Views
9,957 Comparison Views

87% willing to recommend

Symantec Privileged Access ...

Read 53 Symantec Privileged Access Manager reviews

1,119 Views
862 Comparison Views

85% willing to recommend

Cisco Identity Services Eng...

Symantec Privileged Access ...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC).

To learn more, read our detailed Network Access Control (NAC) Report (Updated: December 2025).

Buyer's Guide

Network Access Control (NAC)

December 2025

Download the complete report

Helped 879,310 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Identity Services Eng...

Average Rating

8.2

Reviews Sentiment

6.6

Number of Reviews

145

Ranking in other categories

Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)

Symantec Privileged Access ...

Average Rating

7.8

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Privileged Access Management (PAM) (16th)

Mindshare comparison

Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 22.8%, down 28.7% compared to last year.
Symantec Privileged Access Manager, on the other hand, focuses on Privileged Access Management (PAM), holds 1.8% mindshare, up 1.4% since last year.

Network Access Control (NAC) Market Share Distribution
Product	Market Share (%)
Cisco Identity Services Engine (ISE)	22.8%
Aruba ClearPass	22.2%
Fortinet FortiNAC	16.5%
Other	38.5%

Network Access Control (NAC)

Privileged Access Management (PAM) Market Share Distribution
Product	Market Share (%)
Symantec Privileged Access Manager	1.8%
CyberArk Privileged Access Manager	12.8%
WALLIX Bastion	5.9%
Other	79.5%

Privileged Access Management (PAM)

Featured Reviews

NicolasFigaro

Network and Technology Information Manager at Akkodis

Has improved authentication management and simplified visitor network access

The log capacity in Cisco Identity Services Engine (ISE) could be enhanced because today natively on the ISE can only have a look at the logs from the day before. You cannot search into the oldest logs; you have to use another tool for that. This can be blocking if you don't have any log consolidation solution. To do a search for an issue or something that happened two days ago, you cannot search directly in there. The capacity of Cisco Identity Services Engine (ISE) could be enhanced. Something between one week and one month for the log capacity would be nice.

Read full review

Muzi Lubisi

Senior technical Consultant at CA Africa

Secure management of sensitive servers and seamless applications with direct linking

The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"We were originally a Cisco shop and Cisco ISE integrated well with our other Cisco switches and networks."

"The interface is pretty easy to use."

"I like that Cisco ISE is easy to use."

"It's scalable."

"The solution offers automation and real-time visibility, which aids in monitoring and troubleshooting issues with endpoints."

"The endpoint profiling feature is among the most valuable because it keeps me from having to manually maintain a MAC address bypass list to track endpoints. I can have ISE profile them for me and then put them in the right bucket."

"Cisco ISE's profiling and posturing features ensure that all devices are compliant with regulatory authorities."

"The initial setup was easy. It took around one month. We did the installation part within half an hour to two hours but we found a couple of issues so we raised a case and once everything was resolved it was a month in total."

More Cisco Identity Services Engine (ISE) pros

"The interface is very friendly, colorful, and bold."

"Symantec PAM is easier to deploy compared to its competitors, such as BeyondTrust."

"It is simple to implement and is suitable for medium to large-scale enterprises."

"The system is very stable."

"The agent-based credential management solution allows clients to programmatically use the agent to collect passwords during runtime from Symantec Privileged Access Manager."

"The RDP-gateway: For limiting which server an operator can access."

"We found that the architecture is scalable and very resilient."

"It gives you list of servers, so you can see which users have access to which servers. This is really useful, so we can make sure nobody is getting extra access than what is needed."

More Symantec Privileged Access Manager pros

Cons

"The log capacity in Cisco Identity Services Engine (ISE) could be enhanced because today natively on the ISE can only have a look at the logs from the day before."

"Deploying to a machine, as opposed to a dedicated appliance, can be a bit difficult."

"Cisco ISE has almost all the features we are looking for now, but sometimes the configuration, such as the conditions, is a little difficult to understand and not so easy to navigate."

"The opinion of my coworkers, and it's mine as well, is that the user interface could use some tender loving care. It seems counterintuitive sometimes. If you go to the logs, it's hard to figure out which one you need to look at."

"Cisco ISE is complex. The deployment and design of networks with it is so complex. If it could change it would be better."

"We do tend to run into a lot of issues with ISE when it comes to bugs."

"The knocks I have against the product are the number of bugs that we encounter, constantly, and the amount of upgrading that we have to do."

"Automation [is an area for improvement]. It seems like everywhere I look, automation is super important. Automation and integrations. That's the area it could be improved..."

More Cisco Identity Services Engine (ISE) cons

"Instead of just giving passwords to the user based on job function, from auditing perspective, turn that cycle around. That would really help from an auditing standpoint."

"Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handled well by the system."

"They need to do a little bit more on the mainframe side."

"The service account management functionality needs to be extended to application pools, SQL database, PowerShell scripts, service account discovery, etc."

"They should include some assignments in the test environment to explore the product's features."

"The response time for support could be faster. Some features should be added: cloud-based, VPN-less, more secure, and it should be adjusted in a hybrid environment."

"We have to do a lot of manual work to automate features."

"What I hope happens with the new product CA PAM is to keep all the useful features that exist in PA, but what I’ve noticed with many new products is the UI gets polished but systems lags stability and performance or it adds additional complexity instead of simplifying the user experience."

More Symantec Privileged Access Manager cons

Pricing and Cost Advice

"Licensing has got much simpler since Cisco moved to the DNA model because we just have the three tiers, but it could always stand to be improved upon."

"It's damn expensive and the licensing is terrible... If you have perpetual licenses on 2.7 and you upgrade to 3, you are forced to go with Essentials. That is one of the issues that I'm seeing with my clients now."

"The recent changes in the licensing model have caused some issues with the team."

"It has a fair price. It is better than it was before."

"The solution’s pricing is okay."

"It costs around 50,000 baht in the first year, but I'm unsure about the second year."

"We are running Version 2.9 because Version 2.9 of the ISE has a persistent license — it's a one-time payment. The latest version (3.1) is only available if you do a yearly subscription."

"If you go directly with Cisco for the implementation it's very, very expensive."

More Cisco Identity Services Engine (ISE) pricing and cost advice

"The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution."

"I would prefer better licensing options for the 20-100 users we have at a given time."

"Don’t go with an agent model. Don’t go with a model that has you buying a thousand different parts. Go with PAM that gives you everything, or you’ll just be paying costs of implementing another tool that PAM would have just given you up front."

"The licensing is simple and scalable."

"It is more expensive than other solutions on the market."

"Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload."

"They offer per-device, per-user, or monthly and yearly licensing models."

"It is reasonably priced."

More Symantec Privileged Access Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.

See recommendations

879,310 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

12%

Manufacturing Company

11%

Financial Services Firm

Government

Comms Service Provider

15%

Computer Software Company

13%

Government

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	44
Midsize Enterprise	32
Large Enterprise	91

By reviewers
Company Size	Count
Small Business	14
Midsize Enterprise	6
Large Enterprise	30

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?

Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...

See all answers

What are the main differences between Cisco ISE and Forescout Platform?

OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...

See all answers

How does Cisco ISE compare with Fortinet FortiNAC?

Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...

See all answers

What is your experience regarding pricing and costs for Symantec Privileged Access Manager?

Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I would rate it as an eight and a half out of ten.

See all answers

What needs improvement with Symantec Privileged Access Manager?

Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handl...

See all answers

What is your primary use case for Symantec Privileged Access Manager?

With the customers that I have so far, I help them broker RDP sessions to sensitive servers, particularly those that manage aspects like physical access. I have also done it for backend databases, ...

See all answers

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE)

Compared 23% of the time

Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)

Compared 20% of the time

Forescout Platform vs Cisco Identity Services Engine (ISE)

Compared 8% of the time

CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)

Compared 4% of the time

Fortinet FortiAuthenticator vs Cisco Identity Services Engine (ISE)

Compared 3% of the time

More Cisco Identity Services Engine (ISE) Competitors

CyberArk Privileged Access Manager vs Symantec Privileged Access Manager

Compared 25% of the time

ARCON Privileged Access Management vs Symantec Privileged Access Manager

Compared 13% of the time

BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager

Compared 13% of the time

Delinea Secret Server vs Symantec Privileged Access Manager

Compared 13% of the time

One Identity Safeguard vs Symantec Privileged Access Manager

Compared 6% of the time

More Symantec Privileged Access Manager Competitors

Product Reports

Buyer's Guide

Cisco Identity Services Engine (ISE)

December 2025

Cisco Identity Services Engine (ISE) report

Download Cisco Identity Services Engine (ISE) product report

Buyer's Guide

Symantec Privileged Access Manager

December 2025

Symantec Privileged Access Manager report

Download Symantec Privileged Access Manager product report

Also Known As

Cisco ISE

CA PAM, Xceedium Xsuite, CA Privileged Access Manager

Overview

Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.

Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.

What are the key features of Cisco ISE?

802.1X Authentication: Supports network security for authorized device access.
Profiling: Identifies devices for accurate policy enforcement.
Posturing: Evaluates device compliance for access decisions.
TACACS: Streamlines network device authentication and authorization.
Guest Access: Provides secure access to visitors.
Microsoft Compatibility: Seamlessly integrates with Microsoft environments.

What benefits and ROI should be considered?

Security Enhancement: Offers strong network security policies.
Operational Efficiency: Centralized management improves operational aspects.
Improved Compliance: Ensures adherence to industry standards.
Scalability: Supports growing network demands effectively.

In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.

Cisco

CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources. It includes CA PAM Server Control (previously CA Privileged Identity Manager) for fine-grained protection of critical servers

Broadcom

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University

NEOVERA, Telesis, eSoft

Buyer's Guide

Network Access Control (NAC)

December 2025

Download Free Report

Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: December 2025.

DOWNLOAD NOW

879,310 professionals have used our research since 2012.

We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.