Cisco Identity Services Engine (ISE) Reviews

It's mostly for authentication to our network for our end-users.

It's allowed us to create groups for different vendors and for employees in various groups in our company, without giving everyone access.

It has also given us a lot of extra security as the backbone of authentication for our VPN and wireless network.

The policy sets give us more granular groups for end-user access.

I've been using Cisco ISE (Identity Services Engine) for five years.

The stability is really great. We haven't had any issues with it. We've had it for a long time. We ran an old version for three or four years without any issues.

From what I have read, the scalability seems good. We haven't had to deal much with that. We have two nodes and about 2,000 sessions going at once.

Technical support is very good. They've always been there to answer any questions, and if they don't know the answer they make sure to find someone who can give me the answer.

Positive

Cyber security resilience has been at the top of our list since 2020 because we had so many people working from home and that increased as time went on. That opened our eyes.

I was involved when we upgraded at the beginning of this year. It was pretty straightforward, although we reached out for outsourced help.

We used a CDW consultant.

For us, the return on investment is that it gives us easy ways to divide up our end-users for authentication, especially for our VPN.

The pricing seems fair. The licensing can be confusing, but it is still pretty good.

I was asked a couple of years ago, when we were having issues with ISE, if there were alternatives, and I said I didn't want to switch because we're so embedded in this solution already.

Talk to someone outside of Cisco too, if you're thinking about ISE. That way, you can get all the information.

We wanted to outsource some of our work because I only have two years of admin experience and another of our network engineers has about a year. This way, if the system goes down, we have a quick way to get it back up.

I would tell leaders who want to add cyber security resiliency to make sure they include team members who are involved and not just make decisions on their own.

The way we can trust this solution is the most valuable. We have no issue with this product. It is a competitive product. You need to have a very good and deep knowledge of the product to take the full benefits of all the features, but it is a good product.

It is too complex. It should be easy to use. We are not such a big team. We only have three engineers to work with this, and we don't use all of the functionality of the product. Its range of functionality is too wide for us, and this is the reason why we are thinking of switching to a more simple product. We have shortlisted a Microsoft solution. We have a big footprint for Microsoft products, especially in security. As a global strategy, we try to leverage to the maximum what is possible around Microsoft.

This product was installed before I joined this company. It would be six years or something like that. We are probably two versions behind the latest one.

It is stable.

Their technical support is good. Cisco support is good.

I was not there, but I think the company had a services company that helped them in implementing it. It was easy because we only had to give them the requirements and their engineers did it for us. After they finished their mission, we started to deal with this solution, but it is too complex for a company of our size.

Its price is probably good if you use all of its features and functionalities to protect your environment. If you use only a part of the functionality, its price is too high. It is just a question of value and the functionality you use.

I would advise others to make sure that you have the knowledge of this solution to get the full benefits of all the features, and you are able to use it on a daily basis.

I would rate Cisco ISE a six out of ten. Its functionality is too wide for our company. 

We are a reseller of Cisco ISE. 

So far we have had no complaints from customers. No major complaints in terms of ISE. They do complain obviously if the ISE service stops working. Normally that happens if there's a server flaw or some problem at the data center somewhere. 

There can more integration between the wireless controller management and ISE. Consolidation or integration of the controller and ISE dashboards would be great. It's not that bad but would make for simplified support if it could be combined into one dashboard.

It's very stable. We have it in on a big car rental company. We manage and we support the Cisco ISE platform for them. It's very stable and it adds a lot of value to the network.

In terms of scalability, you need to factor in your licenses. With a virtual platform, the scalability is more than sufficient. We have over one thousand users. 

We've got two engineers that look after the ISE environment.

We have emailed tech before and their support has been very good.

The initial setup was straightforward. The time it takes to implement depends from customer to customer. The most time-consuming aspect is sitting with the customer and planning out the policies and how they understand Cisco ISE. On average, with the planning sessions with the customer and the installation of ISE, it takes approximately five days.

The licensing is too expensive. There is more complexity on the wifi environment, especially with Cisco DNA versus Cisco ONE licensing. As far as the ISE licensing is concerned, it's pretty straightforward. We normally follow the ordering guide which is quite detailed, so there's no problem there.

The advice that I would give someone considering this solution is to understand the licensing. From a design perspective, we refer to the ordering guide quite frequently. The most important thing is to have a technical planning session with the customer. A lot of the time the customer doesn't really know what they want and if you don't have that upfront planning and discussion with the customer, the deployment can take much longer.

I would rate it a ten out of ten. 

The solution is being used for authentication purposes and for sharing assessments. 

Cisco ISE has helped improve our security. 

It helps ensure that you are working in accordance with the organizational policy before you join the network. Also, the solution is very reliable. 

I would like to see better management. Integration with other platforms can also be improved. 

Cisco ISE does not recognize devices and that is an issue we faced during its integration with our existing devices.

I have been working with Cisco ISE (Identity Services Engine) for ten years. 

The stability of the solution is average. I would rate the stability of the solution a seven out of ten. 

The solution's scalability is average. I would rate the scalability a seven out of ten. 

The initial setup of Cisco ISE is complex. For the deployment, the solution needs to be installed and then it needs to be integrated with the network and certificates to get to the endpoints. 

I would like to advice that Cisco ISE is a reliable and stable solution although it is not very easy to use. They should work on integrating the solution with other platforms.

Overall, I will rate the solution an eight out of ten. 

Our use case is managing access to network devices for IT as well as end-users. Making that seamless is the challenge we were looking to handle.

ISE made implementation and connecting things easy.

It does a good job of establishing trust for each access request, no matter the source. It's also very effective at helping with the distributed network and at securing access.

The UI and UX could be more seamless and easier to use.

I've been using Cisco ISE (Identity Services Engine) for six years.

The stability of the solution is pretty good. I've only had a couple of issues.

I've never tried to scale it up.

We have it deployed in multiple locations with users across the US and Canada.

I have never used the technical support.

It's done the job that we put it in place to do.

Our customers use Cisco ISE (Identity Services Engine) as a network access control solution. Before they can get network access, you can do posture check, e.g. in the Windows version, or another version, then it is only after this posture check that the clients can enter the network.

Compatibility with other vendors is what needs to be improved in Cisco ISE (Identity Services Engine). We should be able to use it with other vendors, for all specifications. There should be integration with different vendors, e.g. Cisco ISE (Identity Services Engine) working with AccuPoint networks.

I've worked in my current company in product pre-sales for one year, and prior, I worked for a different partner company in Turkey, so my total usage of Cisco ISE (Identity Services Engine) spans eight years.

Cisco ISE (Identity Services Engine) is a stable solution. It has good performance.

If we need support from the vendor side, we can open a case, then the vendor replies to us as soon as possible. Support for Cisco ISE (Identity Services Engine) is fast.

The installation of Cisco ISE (Identity Services Engine) was easy.

Our customers pay for the license of Cisco ISE (Identity Services Engine). They have an annual subscription, rather than a monthly subscription.

I evaluated Fortinet.

I'm a technical person, and I've worked for a company that does system integrations, including network pre-sales. My company sells Cisco ISE (Identity Services Engine) and Fortinet products in Turkey. I can also sell these products. My company is a gold partner of Cisco.

I've sold the on-premises version of Cisco ISE (Identity Services Engine).

Cisco ISE (Identity Services Engine) is the best solution for Cisco network customers. It is the best solution for Cisco network devices. As for network products from other vendors, we can use, or we could offer other network access control (NAC) solutions, e.g. Fortinet NAC, or Aruba Secure NAC, etc.

I'm part of the pre-sales team at our company. There are other people who are responsible for installing Cisco ISE (Identity Services Engine) post-sales, e.g. they install the solution for the customers. For this reason, I am unable to give information on how long it takes to install the solution.

We currently have over 30 users of Cisco ISE (Identity Services Engine).

I can recommend Cisco ISE (Identity Services Engine) to other users.

My rating for Cisco ISE (Identity Services Engine) is eight out of ten.

We primarily use the solution for network admission control.

Previously, what used to happen is that we use to have anyone - any user, a staff member or a non-staff member, consultant contractors, etc. able to connect to our line without authentication, which I think posed a security risk. We felt that whoever connected to our network should be authenticated. We should know the person. We should have visibility to see who was connecting to our network so that we can detect anomalies. Now, we have different profiles, of different users and staff and for contractors or others. So, depending on the profile, there's control on the access that you can get.

An area that could be improved is the agent. The challenge now is that agent and most of the computers have changed. They could think about agent-less deployment. Also, I've not explored MDM but if it should be integrated. 

In terms of scalability, I think it's scalable. Quite scalable and very intricate. Easy to use and provides good support. 

We've had many issues with technical support but from the local vendor, we do get a lot of support which is good. The fact that we also did some training helped. We normally don't have so much trouble when we rescale. We see that we can fix it and then if there are issues, with the vendors and their help, we can rescale it.

Initially, the setup is a bit complex but that depends on the vendor. Maybe because of the complexities around it. Sometimes I think it's about how the best project team really does it.

The person who was put in place to implement it couldn't. So we got another vendor who was good and was a lot more experienced. It's a very new feature so we're hopeful here in Uganda. My country only has about maybe 2 or 3 clients. Those are the ones I know about, our team being one of them.

The deployment strategy was faster than the pilot. We had to see how it works and then we had to, in a transparent manner, see how it works. Deployment took about six months. But the rollout is on-going because we keep opening branches all the time, so we just keep adding them into the solution. For deployment, we used the front liner support but for documentation, we had professional staff. For deployment and maintenance, we have a small team of maybe about five to ten. 

I would give the solution 5.5 out of 10.

We use it to aid the tools that we make and to sponsor and get flow.

We distribute internet access to guests. It's the product to our environment.

The profiling option is the most valuable feature. 

They should improve the upgrades. It's not easy to upgrade the solution. 

It's stable. 

It is scalable because we use a network load balancer at the front of the PSN. It can be extended as we want to multiply. It's scalable to our environment. We have around 8,000 users and we are planning to expand it. 

I opened some tickets with them and I had no problems. They are engineers from India and the U.S and they perform well.

The initial setup was complex. The deployment took around one year. 

We used an integrator for the deployment. They didn't know a lot about the solution so we had to learn about it ourselves and helped them.

We have seen ROI from this solution. 

We use a virtual machine so in terms of pricing, we can extend it as much as we need. The licensing; we had to renew twice and in my opinion, it's good.

We also looked at ForeScout but we preferred Cisco ISE. 

I would rate this solution a ten out of ten.