Cisco Identity Services Engine and Fortinet FortiAuthenticator compete in the network security and access control category. Cisco ISE seems to have the upper hand due to its extensive integration capabilities and complex policy management, which are valuable in large-scale, Cisco-heavy environments.
Features: Cisco Identity Services Engine provides features like TrustSec for secure network segmentation, 802.1X authentication, and comprehensive endpoint compliance management. Its ability to integrate seamlessly with Cisco products enhances its effectiveness. Fortinet FortiAuthenticator focuses on user management with integration options such as LDAP, RADIUS, and two-factor authentication using tokens, providing centralized user identity management and secure access control.
Room for Improvement: Cisco ISE could improve its setup and management complexity, simplify the user interface, and streamline the upgrade process. Enhancing compatibility with products from different vendors and revising its complex licensing model would also be beneficial. FortiAuthenticator's improvements could focus on better GUI updates and enhanced integration capabilities. Providing advanced analytics and AI features would enhance automation and support documentation should be improved for better user guidance.
Ease of Deployment and Customer Service: Deploying Cisco ISE can be complex, especially for hybrid cloud scenarios, requiring specialized expertise, but Cisco's dedicated support and resource availability via its partner program are strengths. FortiAuthenticator offers simpler deployment, especially in on-premises settings, with positive feedback on licensing simplicity and technical support effectiveness, though response time improvements would be beneficial.
Pricing and ROI: Cisco ISE is typically costlier, with a sophisticated licensing structure and high initial investment, justified by its extensive functionality enhancing network security and infrastructure protection. FortiAuthenticator offers a more cost-effective approach with straightforward pricing and licensing models, appealing to budget-conscious organizations while providing comprehensive security features.
Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.
It enhances security by ensuring only the right person can access systems, even if their login credentials are compromised.
I rate the technical support as one out of ten.
Cisco support has pretty good teams for support and every time we had good answers and we could somehow solve the issues we had.
Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.
At times, some technical staff lack knowledge, which delays issue resolution.
Customer service and support are excellent.
Technical support from Fortinet deserves a rating of 10.
Factors like architecture, business nature, and legal limitations such as GDPR affect it.
However, you can have some latency issues depending on where your devices are.
The scalability of FortiAuthenticator is good, and I would rate it an eight on a scale of one to ten.
I find Fortinet FortiAuthenticator to be highly scalable, and I would rate it an eight out of ten for scalability.
Fortinet FortiAuthenticator should be sufficiently scalable.
Cisco Identity Services Engine (ISE) is considered very reliable and stable.
The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication.
Sometimes when we have upgrades or failovers with Cisco Identity Services Engine (ISE), we had some minor issues.
It remains stable even when the number of concurrent users increases.
The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE).
Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features.
They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases.
For example, authentication for wireless users expires after 24 hours, requiring re-authentication daily.
I recommend Fortinet make its images migratable between environments.
The technical support could be improved as some staff lacks the necessary knowledge to assist effectively.
Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.
The license costs can range between $50,000 to $100,000 per year for enterprises.
Cloud solutions are expensive, while on-prem setups with shared environments are cheaper but not effective.
Fortinet FortiAuthenticator is not overly expensive compared to other Fortinet subscriptions.
Cisco Identity Services Engine (ISE) offers authentication using RADIUS, enhancing network security by separating and segregating networks.
There is value because it helps us secure the network and prevents certain things from happening which could cause financial loss.
The adaptability of Cisco Identity Services Engine (ISE) policy enforcement can fit to the site we have depending on which kind of devices we have on site and then the needs for authentication, granting access and then assigning each device into its correct network for segmentation.
The integration with FortiToken is outstanding, adding a layer of security for authentication.
We use multi-factor authentication for enhancing security.
The most valuable feature I find in FortiAuthenticator is web filtering.
| Product | Market Share (%) |
|---|---|
| Cisco Identity Services Engine (ISE) | 23.8% |
| Aruba ClearPass | 22.7% |
| Fortinet FortiNAC | 17.3% |
| Other | 36.2% |
| Product | Market Share (%) |
|---|---|
| Fortinet FortiAuthenticator | 4.9% |
| Microsoft Entra ID | 17.0% |
| Okta Workforce Identity | 7.6% |
| Other | 70.5% |
| Company Size | Count |
|---|---|
| Small Business | 44 |
| Midsize Enterprise | 31 |
| Large Enterprise | 91 |
| Company Size | Count |
|---|---|
| Small Business | 38 |
| Midsize Enterprise | 17 |
| Large Enterprise | 10 |
Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.
Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.
What are the key features of Cisco ISE?In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.
Fortinet FortiAuthenticator is the primary secure point of approved access into the Fortinet network, authorizing users, reviewing access permissions, and relaying the information to all Fortigate devices for comparison with identity-based protocols. Fortinet FortiAuthenticator is a top-ranked authorization and SSO solution.
Appropriate secure access is fundamental to every role in an enterprise ecosystem. It is an integral function of every organization to ensure that every access and privilege is secure and to mitigate any possible risk to an organization. Approved users should only have access to the necessary information when they need it, from the appropriate location(s) to safeguard an organization's security at all times.
Fortinet FortiAuthenticator is available as an appliance, virtual machine, or in the cloud.
Fortinet FortiAuthenticator Methods
Reviews from Real Users
Ernesto C., Presales Engineer at a comms service provider, shares,
”Key Features and Benefits
Ibrahim M., Senior Network & Security Engineer at a tech services company, relates, "The initial setup is a valuable point on Fortinet products. Most of the time, putting the theory into practice on the devices is quite friendly and straightforward. As long as you can read English you can find your way around the solution and make it work. This is a high value point on Fortinet - the way everything is laid out in the web UI is user-friendly and quite straightforward. The UI is quite simple."
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
