Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager comparison

The compared Cisco and Broadcom solutions aren't in the same category. Cisco is ranked #1 in NAC , with an average rating of 8.0, and holds a 24.5% mindshare in the category. Broadcom is ranked #16 in PAM , with an average rating of 8.3, and holds a 1.5% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 85% of Broadcom users who would recommend it.

Cisco Identity Services Eng...

Read 143 Cisco Identity Services Engine (ISE) reviews

17,586 Views
11,255 Comparison Views

87% willing to recommend

Symantec Privileged Access ...

Read 53 Symantec Privileged Access Manager reviews

926 Views
685 Comparison Views

85% willing to recommend

Cisco Identity Services Eng...

Symantec Privileged Access ...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC).

To learn more, read our detailed Network Access Control (NAC) Report (Updated: August 2025).

Buyer's Guide

Network Access Control (NAC)

August 2025

Download the complete report

Helped 867,370 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Identity Services Eng...

Average Rating

8.2

Reviews Sentiment

6.7

Number of Reviews

143

Ranking in other categories

Network Access Control (NAC) (1st), Cisco Security Portfolio (2nd)

Symantec Privileged Access ...

Average Rating

7.8

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Privileged Access Management (PAM) (16th)

Mindshare comparison

Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 24.5%, down 30.0% compared to last year.
Symantec Privileged Access Manager, on the other hand, focuses on Privileged Access Management (PAM), holds 1.5% mindshare, down 1.6% since last year.

Network Access Control (NAC) Market Share Distribution
Product	Market Share (%)
Cisco Identity Services Engine (ISE)	24.5%
Aruba ClearPass	23.9%
Fortinet FortiNAC	18.0%
Other	33.599999999999994%

Network Access Control (NAC)

Privileged Access Management (PAM) Market Share Distribution
Product	Market Share (%)
Symantec Privileged Access Manager	1.5%
CyberArk Privileged Access Manager	16.3%
Delinea Secret Server	7.5%
Other	74.7%

Privileged Access Management (PAM)

Featured Reviews

SunilkumarNaganuri

Service Line Manager (Service Operations Expert) - Network Access Control at a pharma/biotech company with 10,001+ employees

Enhanced device administration hindered by complex deployment and security limitations

Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.

Read full review

Muzi Lubisi

Senior technical Consultant at CA Africa

Secure management of sensitive servers and seamless applications with direct linking

The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I like the automation of the collection of information."

"Cisco ISE is a comprehensive solution that allows you to control access to network resources granularly based on policies."

"The best features are the scalability and the license structure."

"SGTs are valuable because they make it easy to enforce policies, instead of pushing them across all the other platforms."

"It integrates with the rest of our platform, like our firewall, and helps us a lot. It also does a good job establishing trust for every access request."

"We found that the most valuable features associated with this tool are posture assessment, policy management, VLAN assignments, guest assignment, and BYOD services. In addition to these services, the Cisco IOS software switch configuration feature is another very valuable aspect of the policy and compliance solution."

"Cisco ISE provides authentication for various applications. It can integrate with other applications to manage access, including Privileged Access Management for those applications. For a comprehensive environment, Cisco ISE should be able to integrate and provide asset management for an IT organization or any organization."

"Cisco ISE integrates with everything else."

More Cisco Identity Services Engine (ISE) pros

"Stability is solid as a rock."

"The two factor authentication, and the single most important capability was it supported PIV and CAC as one of the two factors. That was pretty huge for us."

"One of the key things for us about the product is around its simplicity. Being able to put in the technology that allows the business to remove complexity and also allow the security improvements."

"You can do A2A integration. You can have your own script, which can then run outside of PA to retrieve the password and perform other tasks."

"The product is very scalable in terms of concurrent sessions that it can handle at a time, number of device it can support, accounts that it can manage, or number of nodes that you can deploy in a cluster."

"It will provide us with more security."

"We can check the activities in the server for fragile files and documents in case of any issues."

"The key benefits are we improve our governance. We ensure we can build more trust in the way we run and operate our environment, and most of all is the accountability."

More Symantec Privileged Access Manager pros

Cons

"The Guest Network verification needs to add a QR code option."

"It could be more intuitive in terms of how to configure the policies."

"If you have someone taking care of it, it can be quite easy to manage the solution. Otherwise, if you don't look after it and take care of it day-to-day, then it will become more complex to run."

"The primary issue is the slowness of the application and the web interface. We have multiple admin nodes and app nodes. So when I need to get some information about a particular user, the GUI would take ten to fifteen seconds in loading when we need to know right away."

"The licensing scheme is complex and could use enhancement to provide more options."

"The one main thing that it can improve on is the GUI. As the newest addition to the team, I struggle a little bit to get around it just because it has so many features."

"There should be more visibility into TrustSec policy actions. When TrustSec blocks something or makes any kind of changes to the network, we don't always see that. We have to log into the switch itself, or we have to get some type of Syslog parsing to do that."

"The web UI should be made similar to the one in DNAC."

More Cisco Identity Services Engine (ISE) cons

"Broadcom has neglected product development since acquiring Symantec, and nothing major has been added to PAM."

"The setup is complex."

"I would like this solution to be simpler. It should have a one-click access that works together with AWS."

"They need to do a little bit more on the mainframe side."

"What I hope happens with the new product CA PAM is to keep all the useful features that exist in PA, but what I’ve noticed with many new products is the UI gets polished but systems lags stability and performance or it adds additional complexity instead of simplifying the user experience."

"They need to have zero tier and active-active setup with zero minimum downtime, which they are working on it. "

"We have to do a lot of manual work to automate features."

"An improvement for this solution is that it should not be constantly based on user name and password. There should be a condition to edit and update your username."

More Symantec Privileged Access Manager cons

Pricing and Cost Advice

"The solution’s pricing is okay."

"Previously, Cisco ISE had a perpetual licensing model, but now they have shifted to a subscription-based licensing system."

"The licensing is subscription-based and based on the user account."

"The solution is not that cheap."

"I am not aware of the current price for Cisco ISE, but considering it is a Cisco product, it is likely to be quite high."

"Licensing has got much simpler since Cisco moved to the DNA model because we just have the three tiers, but it could always stand to be improved upon."

"Pricing is not a problem for Cisco because it has a lot of features and not much competition, although it's more expensive than other products. But if I do a cost-benefit analysis, Cisco provides high quality."

"ISE has always been expensive compared to other products in terms of what it does on a user level."

More Cisco Identity Services Engine (ISE) pricing and cost advice

"The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution."

"It is more expensive than other solutions on the market."

"Cost-wise, CA was better compared to others in the market. "

"Pricing is fair compared to other top vendors."

"I would prefer better licensing options for the 20-100 users we have at a given time."

"The version we are using is affordable compared to BeyondTrust, which is maybe three to four times as expensive, but it depends on the features."

"Don’t go with an agent model. Don’t go with a model that has you buying a thousand different parts. Go with PAM that gives you everything, or you’ll just be paying costs of implementing another tool that PAM would have just given you up front."

"It is reasonably priced."

More Symantec Privileged Access Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.

See recommendations

867,370 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Manufacturing Company

Government

Comms Service Provider

15%

Computer Software Company

15%

Government

11%

Financial Services Firm

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	43
Midsize Enterprise	31
Large Enterprise	90

By reviewers
Company Size	Count
Small Business	14
Midsize Enterprise	6
Large Enterprise	30

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?

Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...

See all answers

What are the main differences between Cisco ISE and Forescout Platform?

OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...

See all answers

How does Cisco ISE compare with Fortinet FortiNAC?

Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...

See all answers

What do you like most about Symantec Privileged Access Manager?

We can check the activities in the server for fragile files and documents in case of any issues.

See all answers

What is your experience regarding pricing and costs for Symantec Privileged Access Manager?

Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I would rate it as an eight and a half out of ten.

See all answers

What needs improvement with Symantec Privileged Access Manager?

Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handl...

See all answers

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE)

Compared 23% of the time

Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)

Compared 22% of the time

Forescout Platform vs Cisco Identity Services Engine (ISE)

Compared 9% of the time

CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)

Compared 5% of the time

Fortinet FortiAuthenticator vs Cisco Identity Services Engine (ISE)

Compared 4% of the time

More Cisco Identity Services Engine (ISE) Competitors

CyberArk Privileged Access Manager vs Symantec Privileged Access Manager

Compared 28% of the time

ARCON Privileged Access Management vs Symantec Privileged Access Manager

Compared 17% of the time

BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager

Compared 15% of the time

Delinea Secret Server vs Symantec Privileged Access Manager

Compared 13% of the time

More Symantec Privileged Access Manager Competitors

Product Reports

Buyer's Guide

Cisco Identity Services Engine (ISE)

September 2025

Cisco Identity Services Engine (ISE) report

Download Cisco Identity Services Engine (ISE) product report

Buyer's Guide

Symantec Privileged Access Manager

August 2025

Symantec Privileged Access Manager report

Download Symantec Privileged Access Manager product report

Also Known As

Cisco ISE

CA PAM, Xceedium Xsuite, CA Privileged Access Manager

Overview

Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.

Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.

What are the key features of Cisco ISE?

802.1X Authentication: Supports network security for authorized device access.
Profiling: Identifies devices for accurate policy enforcement.
Posturing: Evaluates device compliance for access decisions.
TACACS: Streamlines network device authentication and authorization.
Guest Access: Provides secure access to visitors.
Microsoft Compatibility: Seamlessly integrates with Microsoft environments.

What benefits and ROI should be considered?

Security Enhancement: Offers strong network security policies.
Operational Efficiency: Centralized management improves operational aspects.
Improved Compliance: Ensures adherence to industry standards.
Scalability: Supports growing network demands effectively.

In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.

Cisco

CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources. It includes CA PAM Server Control (previously CA Privileged Identity Manager) for fine-grained protection of critical servers

Broadcom

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University

NEOVERA, Telesis, eSoft

Buyer's Guide

Network Access Control (NAC)

August 2025

Download Free Report

Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: August 2025.

DOWNLOAD NOW

867,370 professionals have used our research since 2012.

We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.