We performed a comparison between Cisco ISE (Identity Services Engine) and One Identity Active Roles based on real PeerSpot user reviews.
Find out what your peers are saying about Cisco, HPE Aruba Networking, Forescout and others in Network Access Control (NAC)."The solution is great for establishing trust for every access request no matter where it comes from."
"ISE's most valuable feature is integration between IT and OTs."
"I've had no issues with scalability. I started using it on two campuses, and now I'm using it across the country and scaling it across subsidiaries in other countries."
"The most valuable features are authentication, we have more granular control on the access policies for the administrators. The solution is easy to use, has a center point administration, and has a good GUI."
"The first benefit is that we can implement zero trust architecture because of Cisco ISE. I can assure my CISO in my company that my network is such that nobody can just bring in their laptop, desktop, or any sort of mobile device and can directly get connected to my network. That is a benefit that I can only allow people who I trust on the network."
"It does what it's supposed to. We use a certificate-based authentication method for corporate-managed devices. That means when a user walks in with their managed laptop and plugs it into the network, it chats with Cisco ISE in the background, allows it on the network, and away they go."
"I like the automation of the collection of information."
"It's scalable."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"Secure access is the most valuable feature."
"The solution is stable."
"Cisco ISE requires a lot of time-consuming administration."
"The primary issue is the slowness of the application and the web interface. We have multiple admin nodes and app nodes. So when I need to get some information about a particular user, the GUI would take ten to fifteen seconds in loading when we need to know right away."
"I don't see as many customers as I should adopting the onboarding feature. I think Cisco should make that process a lot easier and less intrusive on the end users' devices."
"The UI is not as intuitive as some other products, even products inside of Cisco's wheelhouse."
"The policies could be adjusted to make them more easily implementable."
"We would definitely like to see a little bit of an improvement in the web GUI navigation. Some of the things are a little bit hidden in the drop-down menu. If we could get a way to get to those quicker, it'd be much more useful."
"The interface is a little bit complex."
"A lot of people tell you the hardware requirements for ISE are pretty substantial. If you're running a virtual environment, you're going to be dedicating quite a bit of resources to an ISE VM. That is something that could be worked on."
"The way you can search groups could be better."
"The solution needs an attestation process that includes certification and recertification attestation."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 83 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 5 reviews. Cisco ISE (Identity Services Engine) is rated 8.4, while One Identity Active Roles is rated 8.0. The top reviewer of Cisco ISE (Identity Services Engine) writes "Offers rich contact sharing, many self-service features, and the ability to categorically list all the endpoints in the infrastructure". On the other hand, the top reviewer of One Identity Active Roles writes "Give us control over attributes a service desk analyst can change, and we can build in integrity rules". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Fortinet FortiAuthenticator, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager and Saviynt.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.