Cisco Identity Services Engine (ISE) vs Ivanti NAC comparison

Cisco and Ivanti are both solutions in the Network Access Control (NAC) category. Cisco is ranked #1 with an average rating of 8.0, while Ivanti is ranked #14. Cisco holds a 23.8% mindshare in NAC, compared to Ivanti’s 1.5% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 100% of Ivanti users who would recommend it.

Cisco Identity Services Eng...

Read 144 Cisco Identity Services Engine (ISE) reviews

16,354 Views
10,630 Comparison Views

87% willing to recommend

Ivanti NAC

Read 3 Ivanti NAC reviews

611 Views
611 Comparison Views

100% willing to recommend

Cisco Identity Services Eng...

Ivanti NAC

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 5, 2024

Cisco Identity Services Engine and Ivanti NAC are leading network access control solutions. Cisco ISE appears to have an advantage due to its comprehensive policy enforcement and strong integration capabilities, while Ivanti NAC stands out for its simpler deployment and cost-effectiveness.

Features: Cisco ISE is recognized for its extensive policy enforcement, context-aware authentication, and strong integration with Cisco networking products. Ivanti NAC is noted for intuitive management, flexible deployment options, and superior scalability.

Ease of Deployment and Customer Service: Cisco ISE is known for extensive customer support and thorough documentation, but its deployment process can be complex. Ivanti NAC offers a simpler deployment model, emphasizing ease of installation and efficient customer service.

Pricing and ROI: Cisco ISE may entail higher upfront costs, but offers strong long-term ROI through its robust feature set and integration capabilities. Ivanti NAC provides a more cost-effective solution with quicker deployment, resulting in lower initial costs and faster ROI.

To learn more, read our detailed Cisco Identity Services Engine (ISE) vs. Ivanti NAC Report (Updated: November 2025).

Buyer's Guide

Cisco Identity Services Engine (ISE) vs. Ivanti NAC

November 2025

Download the complete report

Helped 872,846 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Identity Services Eng...

Ranking in Network Access Control (NAC)

1st

Average Rating

8.2

Reviews Sentiment

6.5

Number of Reviews

144

Ranking in other categories

Cisco Security Portfolio (2nd)

Ivanti NAC

Ranking in Network Access Control (NAC)

14th

Average Rating

7.6

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2025, in the Network Access Control (NAC) category, the mindshare of Cisco Identity Services Engine (ISE) is 23.8%, down from 29.1% compared to the previous year. The mindshare of Ivanti NAC is 1.5%, up from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Network Access Control (NAC) Market Share Distribution
Product	Market Share (%)
Cisco Identity Services Engine (ISE)	23.8%
Ivanti NAC	1.5%
Other	74.7%

Network Access Control (NAC)

Featured Reviews

SunilkumarNaganuri

Service Line Manager (Service Operations Expert) - Network Access Control at a pharma/biotech company with 10,001+ employees

Enhanced device administration hindered by complex deployment and security limitations

Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.

Read full review

Le Ban

IT Security Manager & Chief IT Engineer at JVPC

Affordable product with an easy initial setup process

Ivanti NAC's most valuable feature is reasonable pricing The product's performance needs improvement. We are doing the PoC of Ivanti NAC. I rate the platform's stability an eight out of ten. I rate Ivanti NAC's scalability an eight out of ten. We have 150 users for it. I contacted the…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"A lot of customers use a third party to manage their guest Wi-Fi. Cisco ISE presents the ability to bring that in-house so that customers can have full control over it, change the branding, and get extra telemetry from it and the user data. It works really well for our customers."

"For customers, it's great. It has a GUI, so the customers themselves can edit ACLs or even modify the policies. It's also an all-in-one solution with RADIUS and TACACS."

"We have multiple metal devices from different places that use management, so we need to know who would be accessing all those devices and what changes are being done to those metal devices. With Cisco ISE we have visibility of all the changes happening on those devices."

"It integrates with the rest of our platform, like our firewall, and helps us a lot. It also does a good job establishing trust for every access request."

"For us and our clients, the most valuable features of Identity Services Engine are really around the rich contact sharing that ISE gives you."

"It is a good product for what it does...So, it is one of the most critical systems that we have."

"I've had no issues with scalability. I started using it on two campuses, and now I'm using it across the country and scaling it across subsidiaries in other countries."

"It provides client provisions and profiling as well as guest access."

More Cisco Identity Services Engine (ISE) pros

"Integration with other vendors is possible."

"Ivanti NAC's most valuable feature is reasonable pricing."

"The profiler option allows me to see every detail in a systematic manner from a switch. I can choose the switch and I can see the port NAC address and time."

Cons

"They should improve the upgrades. It's not easy to upgrade the solution."

"Cisco ISE could be simplified somewhat. I would also prefer certificate-based authentication over confirmation-based authentication for all the processes. It's possible for us to do a workaround, but the process needs to be simplified."

"If I was going to improve anything, it would be the ease of migration. It's really difficult at the moment if you're looking to upgrade ISE 2.1 and you want to go to ISE 3.1 or 3.2, that whole upgrade path and, particularly, the licensing is quite a minefield to sort out."

"I would definitely improve the deployment and maybe a little bit of the support. Our first exposure to ISE had a lot of issues."

"Cisco ISE is complex. The deployment and design of networks with it is so complex. If it could change it would be better."

"Profiling is a really good feature. However, it sometimes is a challenge for customers when there are issues with the remediation part. I would add a built-in remediation solution. That would be a very nice feature."

"Segmentation can be improved."

"One of the issues that we used to have was with profiling because we're working with a service provider that uses a lot of bring your own devices."

More Cisco Identity Services Engine (ISE) cons

"The product's performance needs improvement."

"The documentation needs to be improved. There are a lot of details that are missed which makes it confusing."

"At some point, the server got cached and we faced several issues that impacted our customers. We would like to have this resolved."

Pricing and Cost Advice

"Licensing is a disaster. It's a mess and I hope they fix it soon."

"The price of Cisco ISE (Identity Services Engine) is expensive and we are thinking about changing to FortiGate."

"It is not that pricey."

"It is fairly expensive and that's part of why we have implemented it in the type of 'hack' that we did, to service multiple clients."

"Cisco has actually transitioned to a lot of subscription models, fees, and licenses."

"Licensing has got much simpler since Cisco moved to the DNA model because we just have the three tiers, but it could always stand to be improved upon."

"If you consider money only, Cisco ISE is not a cheap solution."

"The price for Cisco ISE is high."

More Cisco Identity Services Engine (ISE) pricing and cost advice

"The product is cost-effective."

See which vendors are best for you

Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.

See recommendations

872,846 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Manufacturing Company

10%

Financial Services Firm

Government

Financial Services Firm

16%

Computer Software Company

11%

Retailer

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	44
Midsize Enterprise	31
Large Enterprise	91

No data available

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?

Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...

See all answers

What are the main differences between Cisco ISE and Forescout Platform?

OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...

See all answers

How does Cisco ISE compare with Fortinet FortiNAC?

Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...

See all answers

Ask a question

Earn 20 points

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE)

Compared 22% of the time

Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)

Compared 20% of the time

Forescout Platform vs Cisco Identity Services Engine (ISE)

Compared 8% of the time

CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)

Compared 4% of the time

Portnox vs Cisco Identity Services Engine (ISE)

Compared 4% of the time

More Cisco Identity Services Engine (ISE) Competitors

Aruba ClearPass vs Ivanti NAC

Compared 26% of the time

Fortinet FortiNAC vs Ivanti NAC

Compared 21% of the time

Forescout Platform vs Ivanti NAC

Compared 13% of the time

Genian NAC vs Ivanti NAC

Compared 10% of the time

More Ivanti NAC Competitors

Product Reports

Buyer's Guide

Cisco Identity Services Engine (ISE)

November 2025

Cisco Identity Services Engine (ISE) report

Download Cisco Identity Services Engine (ISE) product report

Buyer's Guide

Network Access Control (NAC)

October 2025

Download Ivanti NAC product report

Also Known As

Cisco ISE

Pulse Policy Secure

Overview

Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.

Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.

What are the key features of Cisco ISE?

802.1X Authentication: Supports network security for authorized device access.
Profiling: Identifies devices for accurate policy enforcement.
Posturing: Evaluates device compliance for access decisions.
TACACS: Streamlines network device authentication and authorization.
Guest Access: Provides secure access to visitors.
Microsoft Compatibility: Seamlessly integrates with Microsoft environments.

What benefits and ROI should be considered?

Security Enhancement: Offers strong network security policies.
Operational Efficiency: Centralized management improves operational aspects.
Improved Compliance: Ensures adherence to industry standards.
Scalability: Supports growing network demands effectively.

In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.

Cisco

Dynamic endpoint policy enforcement and access control, seamless roaming from VPN to on-premises and more.

Ivanti

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University

Entegrus

Buyer's Guide

Cisco Identity Services Engine (ISE) vs. Ivanti NAC

November 2025

Free Report: Cisco Identity Services Engine (ISE) vs. Ivanti NAC

Find out what your peers are saying about Cisco Identity Services Engine (ISE) vs. Ivanti NAC and other solutions. Updated: November 2025.

DOWNLOAD NOW

872,846 professionals have used our research since 2012.

See our Cisco Identity Services Engine (ISE) vs. Ivanti NAC report.

See our list of best Network Access Control (NAC) vendors.

We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.