Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs One Identity Safeguard comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.4
Cisco Identity Services Engine enhances security and efficiency, providing cost savings and IT consolidation, making it vital for network management.
Sentiment score
7.0
One Identity Safeguard enhances security and compliance, ensuring PCI-DSS compliance, reducing risks, and improving operational efficiency with substantial ROI.
Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.
Any PAM solution, when I deploy it well and customers use it, leads to a return on investment.
 

Customer Service

Sentiment score
5.9
Cisco Identity Services Engine customer service is praised for commitment, but technical support feedback varies due to delays and complexities.
Sentiment score
6.5
One Identity Safeguard’s customer service is praised for responsiveness and efficiency, but standard support faces mixed reviews.
I rate the technical support as one out of ten.
Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.
I sometimes need escalations to reach expertise.
Sometimes, I get a very helpful response and they address issues on a call.
When I have day-to-day incidents and problems, the response is good enough in terms of time and quality.
 

Scalability Issues

Sentiment score
7.3
Cisco ISE excels in scalable environments, efficiently supporting deployments with flexibility for thousands of endpoints across various sizes.
Sentiment score
7.1
One Identity Safeguard is praised for scalability and ease of resource deployment but may affect performance and high availability.
Factors like architecture, business nature, and legal limitations such as GDPR affect it.
The scalability of One Identity Safeguard is perfect, scoring ten out of ten.
We have a cluster of SPPs and a cluster of SPSs, and we can add a node to that cluster without much fuss.
I would rate it a nine out of ten for scalability.
 

Stability Issues

Sentiment score
7.7
Cisco ISE is reliable with high user satisfaction, though some report stability issues, especially during upgrades and high capacity.
Sentiment score
7.5
One Identity Safeguard is highly stable and reliable, with minor issues promptly addressed through regular updates.
Cisco Identity Services Engine (ISE) is considered very reliable and stable.
The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication.
I would rate it a nine out of ten for stability.
In terms of stability, I rate One Identity Safeguard nine to ten out of ten.
I encounter problems primarily with the failover procedure.
 

Room For Improvement

Cisco ISE struggles with setup complexity, non-intuitive UI, integration challenges, upgrade issues, and demands for better features.
One Identity Safeguard needs improvements in integration, management, documentation, interface, support, monitoring, threat detection, and pricing.
The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE).
Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features.
They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases.
For some configurations on the SPS side, if I need to make changes, such as for DNS servers, I must redeploy the machine.
There are many steps. We are still in the onboarding phase, and it seems very manual.
Another area for improvement could be the threat detection capabilities, like those seen in other PAM vendors.
 

Setup Cost

Cisco ISE offers strong features with complex, expensive pricing, but discounts through partnerships can help alleviate costs.
One Identity Safeguard is costly but valued for flexibility and robust security, with straightforward licensing and worthwhile investment.
Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.
The license costs can range between $50,000 to $100,000 per year for enterprises.
Cloud solutions are expensive, while on-prem setups with shared environments are cheaper but not effective.
It is one of those where the more you buy, the cheaper it is.
It is cheaper than CyberArk.
It is more expensive than Secret Server but way less expensive than CyberArk.
 

Valuable Features

Cisco ISE provides comprehensive access control, seamless integration, and enhanced security with intuitive management for versatile network operations.
One Identity Safeguard enhances security with seamless user experience, extensive features, centralized access, and robust monitoring for on-prem and cloud management.
Cisco Identity Services Engine (ISE) offers authentication using RADIUS, enhancing network security by separating and segregating networks.
There is value because it helps us secure the network and prevents certain things from happening which could cause financial loss.
The solution is integrated with other Cisco devices and can offer automation for an organization, making deployments more dynamic and providing real-time visibility.
The auditing and approval mechanisms are features we did not have before and are greatly appreciated.
I think One Identity should improve its documentation because it is vast and not clear, and clear documentation on implementing the solution would be advantageous for consultants.
Compared to other PAM solutions, it is easy to implement and use from an administrator's point of view.
 

Categories and Ranking

Cisco Identity Services Eng...
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
143
Ranking in other categories
Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)
One Identity Safeguard
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
45
Ranking in other categories
User Entity Behavior Analytics (UEBA) (6th), Privileged Access Management (PAM) (3rd), Non-Human Identity Management (NHIM) (4th)
 

Mindshare comparison

Cisco Identity Services Engine (ISE) and One Identity Safeguard aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 25.1%, down 30.7% compared to last year.
One Identity Safeguard, on the other hand, focuses on Privileged Access Management (PAM), holds 3.7% mindshare, down 4.7% since last year.
Network Access Control (NAC)
Privileged Access Management (PAM)
 

Featured Reviews

SunilkumarNaganuri - PeerSpot reviewer
Enhanced device administration hindered by complex deployment and security limitations
Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.
Martin Ajayiobe - PeerSpot reviewer
Th password vault feature has proven to be most effective for managing privileged access
One Identity Safeguard now prevents unauthorized access to servers by eliminating privileged passwords and requiring all connections to go through a PAM-authorized process. This means no one, including hackers, can access servers without explicit approval, significantly enhancing overall security. One Identity Safeguard is easy to use with a good partner to support you, and it can be up and running within a few days. We have successfully integrated One Identity Safeguard with cloud targets, and the process was straightforward. One Identity Safeguard has improved our incident response time by 300 percent.
report
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Educational Organization
12%
Financial Services Firm
9%
Government
8%
Computer Software Company
23%
Financial Services Firm
10%
Comms Service Provider
6%
Energy/Utilities Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
What do you like most about One Identity Safeguard?
The identity discovery is good, and the performance is pretty good value.
What is your experience regarding pricing and costs for One Identity Safeguard?
The pricing of One Identity Safeguard is fairly priced and cheaper than other solutions of the same enterprise level. It provides a good cost-benefit ratio.
What needs improvement with One Identity Safeguard?
There is room for improvement in integration between modules. The native integration between SPP and SPS, which is currently based on a plugin, could be enhanced. Customization for lookup passwords...
 

Also Known As

Cisco ISE
No data available
 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
Cavium
Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: June 2025.
861,390 professionals have used our research since 2012.