Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Identity Services Eng...
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
143
Ranking in other categories
Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)
Symantec Privileged Access ...
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
53
Ranking in other categories
Privileged Access Management (PAM) (18th)
 

Mindshare comparison

Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 25.1%, down 30.7% compared to last year.
Symantec Privileged Access Manager, on the other hand, focuses on Privileged Access Management (PAM), holds 1.6% mindshare, up 1.6% since last year.
Network Access Control (NAC)
Privileged Access Management (PAM)
 

Featured Reviews

SunilkumarNaganuri - PeerSpot reviewer
Enhanced device administration hindered by complex deployment and security limitations
Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.
Muzi Lubisi - PeerSpot reviewer
Secure management of sensitive servers and seamless applications with direct linking
The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"For me, the TACACS feature is the most valuable. I have also used Cisco ISE with LDAP, not with Active Directory. That works for me because I prefer LDAP versus Active Directory."
"Cisco offers automation, visibility, and control as well as third party integration capabilities."
"The profiling model included is the most valuable feature."
"RADIUS is the best feature because it supplies authentication to our entire campus."
"The integration with Active Directory is the most valuable feature for us."
"It's easy to change and add policies."
"Cisco Identity Services Engine (ISE) is very good at device administration."
"I like the guest access feature, which has been important for us."
"The product is very scalable in terms of concurrent sessions that it can handle at a time, number of device it can support, accounts that it can manage, or number of nodes that you can deploy in a cluster."
"We have received good support from the tech support team."
"The agent-based credential management solution allows clients to programmatically use the agent to collect passwords during runtime from Symantec Privileged Access Manager."
"It is simple to implement and is suitable for medium to large-scale enterprises."
"It's easy to use and easy to configure."
"The key benefits are we improve our governance. We ensure we can build more trust in the way we run and operate our environment, and most of all is the accountability."
"The interface is very friendly, colorful, and bold."
"The DB clustering is a really good benefit of using CA PAM."
 

Cons

"The primary issue is the slowness of the application and the web interface. We have multiple admin nodes and app nodes. So when I need to get some information about a particular user, the GUI would take ten to fifteen seconds in loading when we need to know right away."
"The user interface could be more user-friendly."
"The compliance and posture don't always work. They should make it more stable. With each upgrade, we lose some functionality. We have to wait for another upgrade."
"The solution lacks properly knowledgeable support, especially internationally, and this is why I am exploring other applications."
"If Cisco could grant more control, the features could be more focused on network and security administration, reducing the need for integration with other components."
"I would say they need to expand the hardware compatibility. The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE)."
"The licensing documentation needs to be better."
"Cisco ISE has almost all the features we are looking for now, but sometimes the configuration, such as the conditions, is a little difficult to understand and not so easy to navigate."
"Instead of just giving passwords to the user based on job function, from auditing perspective, turn that cycle around. That would really help from an auditing standpoint."
"We have to do a lot of manual work to automate features."
"We experience stability issues after every patch upgrade. This is a place where CA needs to improve drastically."
"Recent releases need improvement in webpage management."
"It's difficult to locate the reports, there are limits on what reports can be run from the GUI, and the report formats are lacking."
"I wish it could create local accounts on desktops."
"They need to do a little bit more on the mainframe side.​"
"They should include some assignments in the test environment to explore the product's features."
 

Pricing and Cost Advice

"The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution."
"ISE has always been expensive compared to other products in terms of what it does on a user level."
"Pricing and licensing are not my expertise. As far as budgeting is concerned, we run an ELA with Cisco. It's a part of our ELA."
"Being fully honest, the Cisco licensing model right now is really confusing. We don't know what licenses we have where. We have Smart licensing, but the different levels are way confusing."
"The price for Cisco ISE is high."
"That's where things got a bit more complicated. Previously, it was a one-time purchase and we just had to renew support. These days, there's a subscription model, which is supposed to be easier and cheaper as well, but it's more pricey"
"The technology is good, but to use some of the other features, and capabilities, they request that we purchase the Cisco DNA Center. As a result, the bundled price is a little high."
"The solution’s pricing is reasonable."
"It is more expensive than other solutions on the market."
"I would prefer better licensing options for the 20-100 users we have at a given time."
"They offer per-device, per-user, or monthly and yearly licensing models."
"Cost-wise, CA was better compared to others in the market. ​"
"It is reasonably priced."
"Pricing is fair compared to other top vendors."
"The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution."
"Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload."
report
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
861,803 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Educational Organization
10%
Financial Services Firm
10%
Government
9%
Computer Software Company
16%
Comms Service Provider
13%
Financial Services Firm
13%
Manufacturing Company
11%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
What do you like most about Symantec Privileged Access Manager?
We can check the activities in the server for fragile files and documents in case of any issues.
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I would rate it as an eight and a half out of ten.
What needs improvement with Symantec Privileged Access Manager?
Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handl...
 

Also Known As

Cisco ISE
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
NEOVERA, Telesis, eSoft
Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: June 2025.
861,803 professionals have used our research since 2012.