We performed a comparison between Cisco ISE (Identity Services Engine) and CyberArk Endpoint Privilege Manager based on real PeerSpot user reviews.
Find out what your peers are saying about Cisco, HPE Aruba Networking, Fortinet and others in Network Access Control (NAC)."For customers, it's great. It has a GUI, so the customers themselves can edit ACLs or even modify the policies. It's also an all-in-one solution with RADIUS and TACACS."
"After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected."
"The biggest value of ISE is that it can get so granular with gaming systems, versus IoT and BYOD."
"Among the most valuable features is TACACS."
"Authentication is the most valuable feature because it puts our company at another level of security."
"Our clients like Cisco ISE because they already use various Cisco solutions. It's easy for them to use this solution because they have an engineer with Cisco certifications."
"It does what it's supposed to. We use a certificate-based authentication method for corporate-managed devices. That means when a user walks in with their managed laptop and plugs it into the network, it chats with Cisco ISE in the background, allows it on the network, and away they go."
"Cisco ISE integrates with everything else."
"It offers great performance."
"The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically."
"The solution's technical support is good."
"Users can scale the solution."
"I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them."
"The department management aspect of the solution is the most valuable aspect."
"CyberArk Endpoint Privilege Manager is very easy to manage, which I like. The solution also has a dashboard where you can see which software is suspicious, which I find valuable."
"CyberArk Endpoint Privilege Manager (EPM) 's most valuable feature is its ability to manage user application privileges and protect against ransomware attacks by controlling access to specific files and applications."
"Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product."
"There is room for improvement in its ability to allow end users to self-enroll their devices. Instead, you should be able to assign that permission by AD group, which is currently not available."
"Segmentation can be improved."
"Sometimes, there are instances when Cisco ISE simply fails to function without any apparent reason, and regardless of the investigation we undertake, the logs indicate that everything is functioning properly, making it somewhat inexplicable."
"In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support."
"ISE is a little clunky. The front-end feels like it is from the 1980s."
"There are issues with respect to the posture assessment function. It's been observed that customers are not receiving total access to the network because the assessment agent is glitchy and malfunctions from time-to-time. I would like to see refining of the compliance assessment and adding more detailed compliance of endpoints on the user end."
"I'd like to see the logging be a bit more robust in terms of what it has baked in. If I want to do any in-depth searching, I have to export all the logs to an external platform like Elastic or LogRhythm and then parse through them myself. It would be nice if I could find what I want, when I want it, on the platform itself."
"The solution is very expensive."
"It is hard to deal with technical support if you are not certified."
"The tool should be more user-friendly."
"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link."
"The product's threat protection and defense capabilities need enhancement."
"Technical support is slow to respond when we run into issues."
"It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."
"The installation process is pretty difficult."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 135 reviews while CyberArk Endpoint Privilege Manager is ranked 6th in Privileged Access Management (PAM) with 26 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while CyberArk Endpoint Privilege Manager is rated 8.0. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Fortinet FortiAuthenticator, whereas CyberArk Endpoint Privilege Manager is most compared with Microsoft Defender for Endpoint, BeyondTrust Endpoint Privilege Management, CrowdStrike Falcon, CyberArk Privileged Access Manager and Trellix Endpoint Security.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.