Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager comparison

The compared Cisco and Broadcom solutions aren't in the same category. Cisco is ranked #2 in NAC , with an average rating of 7.6, and holds a 21.7% mindshare in the category. Broadcom is ranked #18 in PAM , with an average rating of 8.5, and holds a 1.6% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 85% of Broadcom users who would recommend it.

Cisco Identity Services Eng...

Read 144 Cisco Identity Services Engine (ISE) reviews

15,070 Views
9,796 Comparison Views

87% willing to recommend

Symantec Privileged Access ...

Read 53 Symantec Privileged Access Manager reviews

1,773 Views
1,383 Comparison Views

85% willing to recommend

Cisco Identity Services Eng...

Symantec Privileged Access ...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Hewlett Packard Enterprise, Cisco, Fortinet and others in Network Access Control (NAC).

To learn more, read our detailed Network Access Control (NAC) Report (Updated: February 2026).

Buyer's Guide

Network Access Control (NAC)

February 2026

Download the complete report

Helped 884,933 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Identity Services Eng...

Average Rating

8.2

Reviews Sentiment

6.6

Number of Reviews

144

Ranking in other categories

Network Access Control (NAC) (2nd), Cisco Security Portfolio (4th)

Symantec Privileged Access ...

Average Rating

7.8

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Privileged Access Management (PAM) (18th)

Mindshare comparison

Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 21.7%, down 27.1% compared to last year.
Symantec Privileged Access Manager, on the other hand, focuses on Privileged Access Management (PAM), holds 1.6% mindshare, up 1.5% since last year.

Network Access Control (NAC) Mindshare Distribution
Product	Mindshare (%)
Cisco Identity Services Engine (ISE)	21.7%
Aruba ClearPass	20.8%
Fortinet FortiNAC	15.0%
Other	42.5%

Network Access Control (NAC)

Privileged Access Management (PAM) Mindshare Distribution
Product	Mindshare (%)
Symantec Privileged Access Manager	1.6%
CyberArk Privileged Access Manager	11.4%
Delinea Secret Server	4.9%
Other	82.1%

Privileged Access Management (PAM)

Featured Reviews

NicolasFigaro

Network and Technology Information Manager at Akkodis

Has improved authentication management and simplified visitor network access

The log capacity in Cisco Identity Services Engine (ISE) could be enhanced because today natively on the ISE can only have a look at the logs from the day before. You cannot search into the oldest logs; you have to use another tool for that. This can be blocking if you don't have any log consolidation solution. To do a search for an issue or something that happened two days ago, you cannot search directly in there. The capacity of Cisco Identity Services Engine (ISE) could be enhanced. Something between one week and one month for the log capacity would be nice.

Read full review

Muzi Lubisi

Senior technical Consultant at CA Africa

Secure management of sensitive servers and seamless applications with direct linking

The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Assisting a larger number of users in gaining access and guiding them through the process of getting on Cisco ISE has been seamless."

"I like that Cisco ISE is easy to use."

"For device administration, all devices have multifactor authentication in collaboration with IT, so it secures access to all of our devices."

"Since migrating towards doing wired ports over ISE with 802.1X and MAB authentication, our organization's security risk has been better, and we have been able to establish better layouts so devices can move and we don't have to worry about where they need to go."

"One of the most important features is the authentication security for the individual connection to the network through their computer or laptop."

"The most important feature for us is visibility in terms of user connections. It's the ability to see what devices are online for a particular user that helps a lot with our troubleshooting."

"The interconnection with the ecosystem and the ability to force rules all over the network are the most important features."

"We were originally a Cisco shop and Cisco ISE integrated well with our other Cisco switches and networks."

More Cisco Identity Services Engine (ISE) pros

"We know we can scale up with what we have, and we probably will not need to buy any further appliances down the road."

"CA PAM has session recording, which is a very valuable feature."

"The password manager is a valuable feature."

"You can do A2A integration. You can have your own script, which can then run outside of PA to retrieve the password and perform other tasks."

"The solution has the capability to address hybrid eco-systems, both on-premises and cloud services, and integration with the AD RBAC model is also a great feature, as we can tie it to the central repository."

"Monitoring privileged users’ actions is valuable because of the high level of trust and wide-ranging access insiders typically enjoy."

"It gives you list of servers, so you can see which users have access to which servers. This is really useful, so we can make sure nobody is getting extra access than what is needed."

"The interface is very friendly, colorful, and bold."

More Symantec Privileged Access Manager pros

Cons

"We do tend to run into a lot of issues with ISE when it comes to bugs."

"In order to make it a ten, it should be more user-friendly; you need somebody who is knowledgeable about it to use it, and it's not easy to use so we have to rely heavily on technical support."

"Migration could be better. Right now, we back up with the new version, and it requires a lot of licensing and other things. Whenever we choose a product, it's very difficult because we have to meet the requirements of each feature. There is no standard feature, so the best system that we bought may not fit the solution. We have to look at every feature that the customer uses. If you compare it with other products like Aruba, it's not the same. With Cisco, I have to read all about the features on this version and the licensing required for the product. In Aruba, that thing is covered when you get one license because it covers almost everything. It could also be more scalable."

"On the network services devices, when you click on filter, the filter comes up. However, when I type in a search and I want to click on something it defaults back to the main page. I keep having an issue with that, and I'm not doing anything wrong."

"The compliance and posture don't always work. They should make it more stable. With each upgrade, we lose some functionality. We have to wait for another upgrade."

"This solution has problems in terms of stability."

"An area that could be improved is the agent. The challenge now is that agent and most of the computers have changed. They could think about agent-less deployment."

"The initial setup is not simple. I don't consider our deployment to be complete because we were unsuccessful at trying to use the majority of the features."

More Cisco Identity Services Engine (ISE) cons

"Recent releases need improvement in webpage management."

"Now, the reporting feature on CA PAM only shows the basic information in white-black table format."

"I wish it could create local accounts on desktops."

"The product has not improved our organization."

"They should include some assignments in the test environment to explore the product's features."

"Evaluations are not just about features and functions of this specific product, but it is taking that holistic view around what else we can get out of it in the next three to five years."

"Technical support is average. They took a long time to provide good answers, only recommended to upgrade SW version which in some environments is not an option and they don’t even know if that will fix the problem."

"They need to do a little bit more on the mainframe side."

More Symantec Privileged Access Manager cons

Pricing and Cost Advice

"In terms of the licensing and the pricing structure of the Cisco Identity Services Engine, there's been a huge advantage to our clients recently with the advent of the enterprise agreement."

"It's an expensive solution when compared to other vendors."

"The technology is good, but to use some of the other features, and capabilities, they request that we purchase the Cisco DNA Center. As a result, the bundled price is a little high."

"I get very good pricing from Cisco, so I don't have a problem with that. I also don't have a problem with licensing because we get enterprise or global licensing."

"Cisco is moving towards a subscription service, which would mean additional costs."

"Previously, Cisco ISE had a perpetual licensing model, but now they have shifted to a subscription-based licensing system."

"Its price is probably good if you use all of its features and functionalities to protect your environment. If you use only a part of the functionality, its price is too high. It is just a question of value and the functionality you use."

"It is difficult to measure security breaches, but since we have not been attacked so far, it has paid for itself over the years."

More Cisco Identity Services Engine (ISE) pricing and cost advice

"They offer per-device, per-user, or monthly and yearly licensing models."

"The version we are using is affordable compared to BeyondTrust, which is maybe three to four times as expensive, but it depends on the features."

"Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload."

"I would prefer better licensing options for the 20-100 users we have at a given time."

"It is more expensive than other solutions on the market."

"Cost-wise, CA was better compared to others in the market. "

"It is reasonably priced."

"The licensing is simple and scalable."

More Symantec Privileged Access Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.

See recommendations

884,933 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

11%

Computer Software Company

Financial Services Firm

Government

Marketing Services Firm

10%

Comms Service Provider

10%

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	45
Midsize Enterprise	32
Large Enterprise	91

By reviewers
Company Size	Count
Small Business	14
Midsize Enterprise	6
Large Enterprise	30

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?

Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...

See all answers

What are the main differences between Cisco ISE and Forescout Platform?

OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...

See all answers

How does Cisco ISE compare with Fortinet FortiNAC?

Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...

See all answers

What is your experience regarding pricing and costs for Symantec Privileged Access Manager?

Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I would rate it as an eight and a half out of ten.

See all answers

What needs improvement with Symantec Privileged Access Manager?

Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handl...

See all answers

What is your primary use case for Symantec Privileged Access Manager?

With the customers that I have so far, I help them broker RDP sessions to sensitive servers, particularly those that manage aspects like physical access. I have also done it for backend databases, ...

See all answers

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE)

Compared 25% of the time

Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)

Compared 17% of the time

Forescout Platform vs Cisco Identity Services Engine (ISE)

Compared 7% of the time

CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)

Compared 3% of the time

Portnox vs Cisco Identity Services Engine (ISE)

Compared 3% of the time

More Cisco Identity Services Engine (ISE) Competitors

CyberArk Privileged Access Manager vs Symantec Privileged Access Manager

Compared 24% of the time

ARCON Privileged Access Management vs Symantec Privileged Access Manager

Compared 15% of the time

BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager

Compared 10% of the time

Delinea Secret Server vs Symantec Privileged Access Manager

Compared 10% of the time

One Identity Safeguard vs Symantec Privileged Access Manager

Compared 8% of the time

More Symantec Privileged Access Manager Competitors

Product Reports

Buyer's Guide

Cisco Identity Services Engine (ISE)

March 2026

Cisco Identity Services Engine (ISE) report

Download Cisco Identity Services Engine (ISE) product report

Buyer's Guide

Symantec Privileged Access Manager

February 2026

Symantec Privileged Access Manager report

Download Symantec Privileged Access Manager product report

Also Known As

Cisco ISE

CA PAM, Xceedium Xsuite, CA Privileged Access Manager

Overview

Cisco Identity Services Engine offers robust authentication, posture profiling, guest and secure access, and dynamic policy management. Known for its seamless integration with Cisco tools and network access control features, it ensures secure device and user authentication across networks.

Cisco Identity Services Engine is renowned for its capabilities in managing authentication, guest access, and policy management through segmentation. Its TrustSec functionality, alongside RADIUS and TACACS+ support, provides enhanced security, further augmented by its ability to operate in diverse environments. Its scalability and integration with Cisco solutions aid in maintaining network visibility and access control. Challenges include the complexity of initial deployments, somewhat cumbersome documentation, and limited integration in multi-vendor environments. While encountering issues in stability and updates, the demand for better analytics and straightforward troubleshooting alongside cost-effective licensing is notable.

What are the key features of Cisco Identity Services Engine?

Authentication: Secures user and device access to networks using robust authentication protocols.
Posture Profiling: Provides in-depth analysis of device compliance with security policies.
Guest Access Management: Allows controlled network access for guest users through streamlined processes.
Dynamic Policy Management: Enables automatic adjustment of security policies based on real-time data.
Segmentation via TrustSec: Enhances security levels by segmenting network traffic based on identity.

What benefits or ROI should users expect from Cisco Identity Services Engine?

Comprehensive Security: Ensures enforceable security policies across network access points.
Enhanced Integration: Facilitates seamless collaboration with existing Cisco infrastructures.
Improved Compliance: Helps meet industry security standards for network access and user rights.
Increased Visibility: Provides detailed insights into network traffic and user activities.
Device Management Efficiency: Streamlines the process of managing diverse devices within a single framework.

Industries implement Cisco Identity Services Engine primarily for network access control, ensuring secure authentication and segmentation in both wired and wireless environments. Supporting policies like bring-your-own-device and compliance standards, ISE manages identity-based access control, especially beneficial for entities that require detailed user rights management and integration within enterprise networks.

Cisco

CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources. It includes CA PAM Server Control (previously CA Privileged Identity Manager) for fine-grained protection of critical servers

Broadcom

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University

NEOVERA, Telesis, eSoft

Buyer's Guide

Network Access Control (NAC)

February 2026

Download Free Report

Find out what your peers are saying about Hewlett Packard Enterprise, Cisco, Fortinet and others in Network Access Control (NAC). Updated: February 2026.

DOWNLOAD NOW

884,933 professionals have used our research since 2012.

We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.