Cisco Identity Services Engine (ISE) Reviews

• I'ts compatibility with 802.1X
• Posture
• Profiling
• Guest Portal

As an integrator, I can tell that this product is mostly used for implementing wireless 802.1X with Active Directory and guest portals. It can be integrated with Active Directory and an external SMS gateway, can be used to track user authentications with Cisco WLC, can be therefore used to completely implement BYOD (considering the tight integration with leading MDM vendors). The product can be bought as a physical appliance as well a virtual appliance.

We are waiting for TACACS integration to completely replace the Cisco ACS line of products.

I've used it for about four years.

Being a product relatively young the product seems incredibly stable and not prone to system outages.

Having a Cisco consolidated experience with this type of products, the product encounters very little of no scalability problem.

Cisco has implemented a special ATC partner program to help partners and customers to have a smooth deployment. As far as I know there is also a dedicated TAC area for this product, Cisco commitment on the ISE line of product is really at a top level. I can say this with an high degree of certainty being a Cisco Gold Partner.

We use this product because we mainly sell this as a premier class NAC solution, compared to other similar products.

The initial setup is very straightforwardly done by following the product’s document guides.

I work for a vendor/system integrator.

The main advice is to seek for an accredited ATC system integrator with a large ISE portfolio.

I primarily use ISE for segregating identities, IP addresses, and ports.

ISE's most valuable feature is integration between IT and OTs.

There are still some bugs in ISE that need to be worked out.

I've been working with Cisco ISE for three years.

ISE is stable.

ISE is scalable.

Cisco's tech support could be improved.

The initial setup was straightforward.

Regardless of your industry, I would recommend Cisco ISE if you want good identity management. I would rate this solution seven out of ten.

My primary use case of this solution is for access control for authentication and for the authorization of wireless users.

For device administration, all devices have multifactor authentication in collaboration with IT, so it secures access to all of our devices. For guest and wireless access, it's a matter of a lowly manager who we give access to the portal and he can assign access to the guests, so it's a very simple process now. It keeps IT focusing on their work, and gives the business people the right access. 

Also, with BYOD mobile users can work easier and in a more secure way. For the places in public access we're securing our network socket, so now not everybody can plug in and log into our network due to this feature. It's making it more secure for headquarters.

• BYOD service
• The guest and secure wireless access
• Compliance and posture
• Wireless administration

The compliance and posture don't always work. They should make it more stable. With each upgrade, we lose some functionality. We have to wait for another upgrade.

I would like to see them develop some type of device management, like an iPad feature, just to be able to give security access to certain devices for management. Mainly for the suppliers and the third parties.

Another feature I would like to see would be for them to create the ability to integrate with other products from the start. We always search for products that integrate with us and so it would ease the management and then everybody would be entered. 

It's 99% stable. 

It's scalable. We have more than 500 users. We are planning to use more features and to integrate it with other branches that we have. It's a way to have a global solution across all branches.

Technical support is okay. Sometimes it takes a long time for them to respond. We'll usually end up solving our own issues. The response time should be shorter. 

The initial setup was complex. It took time to have a stable environment but once it stabilized, it was great. Although, we had six to seven months of an unstable system. 

We deployed through a reseller, they were good. We require two staff members for maintenance.

Our ROI is good enough. It's simplifying things for IT and for the business, so it's good for both sides. It solves a lot of issues that without the product would be costly to our organization so we see ROI in that sense. 

Licensing is very complicated and it changes a lot. I know recently it changed since we acquired the solution. It had a different licensing scheme that has changed. 

The cost is high compared to other solutions. Even so, it is better than what's on the market. The licensing model is complicated and the cost is a little bit high.

It's a great product but you should be careful to plan before deploying. Do thorough planning as not to do the same error that we did. We didn't do enough planning before deploying so it took us a long time to have a thorough plan. 

I would rate this solution a nine out of ten. 

We use the solution to secure the endpoint. Before the user connects to the network, it can be investigated whether to connect.

Cisco ISE has a powerful posturing tool with security requirements. This data can be integrated with the device identity and threat intelligence surface, enabling you to create granular policies based on a device's identity. Just like we made policies based on Samsung or Lenovo, you can now do the same based on its compliance posture.

You have to restart the system to change the DNS or NTP server.

I have been using Cisco ISE as a system integrator for three years.

I rate the solution’s stability an eight out of ten.

The solution’s scalability is good. We cater the solution to medium-sized businesses.

I rate the solution’s scalability an eight out of ten.

The initial setup is easy. One engineer can deploy it in three hours.

The product has moderate pricing and comes with a subscription model.

We must check the compatibility with the other device before using Cisco ISE. Fortinet or Palo Alto provides integration to another device.

The solution has medium maintenance.

Overall, I rate the solution a nine out of ten.

Our clients use Cisco ISE for security, especially in the finance industry.

Our clients like Cisco ISE because they already use various Cisco solutions. It's easy for them to use this solution because they have an engineer with Cisco certifications.

The price could be better. I would like to see more integration with third-party solutions in the next release. This is because many of my clients don't have Cisco.

We have been a partner dealing with Cisco ISE for about 14 years.

Cisco ISE is very stable.

Scalability is good.

I think Cisco has already improved its support for this solution.

On a scale from one to five, I would give technical support a five.

Neutral

The initial setup is easy. We have two engineers who implement this solution.

On a scale from one to five, I would give the initial setup a four.

Cisco is expensive, but it's the cost for all the functions and value it brings. Functions like internet solutions, integrations, security, and many more features are important, but it's expensive for some clients.

I would tell potential users that this is a good solution.

On a scale from one to ten, I would give  Cisco ISE a ten.

We use Cisco ISE for authentication for VPN and network management.

The WiFi portal in Cisco ISE is very useful for WiFi customers.

In an upcoming release, it would be nice to have NAC already standard in the solution.

I have used Cisco ISE within the past 12 months.

Cisco ISE has been stable.

I have found Cisco ISE to be scalable.

We have two of the Cisco ISE devices installed.

The technical support has been good.

The solution does not require a maintenance or support team.

There is a license to use this solution and the price is reasonable.

When someone is implementing this solution the difficulty depends on where they started. We started with zero and there was a very large learning curve. However, once they understand how it works, it's straightforward. There is a sharp learning curve to start working with it.

I rate Cisco ISE an eight out of ten.

We primarily use the solution in our infrastructure.

I'm very satisfied with the product. It has been excellent so far. 

From the performance perspective, it is excellent. The outcome is as expected, giving control to the network. 

There is good integration with third-party systems like antivirus patch management, MDM.

They need to simplify the processes and management more, as well as the platform. Their user experience is a bit complicated, and it's not easy to manage. They need to do something to enhance the management console and make it more simple and easier to use.

I need to see stronger integration with Cisco SDN. Instead of treating it as a separate appliance, it should be a built-in feature in the SDN solution. This is one of the things that will reduce the complexity of Cisco's architecture. Instead of having multiple appliances, and getting lost in-between, and not knowing where is the problem is, everything can just be in one place. It will be better to move this feature or this technology as a built-in technology in the SDN solutions, similar to DNA and ACI.

The pricing and licensing structure are not ideal for customers.

I've used this solution for about five years, both in my previous company and my current company as well.

The solution provides excellent stability and reliability. There are no bugs or glitches. It doesn't crash or freeze. 

We are a customer and an end-user.

Cisco, on the price, is not good now. This might entice customers or end-users to go for another cheaper solution where they can still find most of the features Cisco offers. 

They are now offering subscription licenses, and you have to pay thousands of dollars every year for maintenance and renewing support. Most users will not accept this new strategy of Cisco. It's not like HP or Dell, where, when you purchase the hardware and it's a lifetime license. It's a lifetime subscription. You don't need to renew the license every two years. Therefore, from a price perspective, no, Cisco's not good. Their strategy now seems to be pushing customers to go for other solutions.

The product is excellent and I would rate it at a nine out of ten.

We use this solution for both wired and wireless network access control. We have deployed it in a bank, government offices, and some universities.

I have found that all of the features are valuable.

It is very easy to deploy because we are able to port users directly from Active Directory (AD) and LDAP.

In an upcoming release, the solution needs to be more agentless and more independent. Additionally, there could be improved integration with other next-generation solutions, such as Palo Alto, Fortinet, or Check Point.

I have been using this solution for approximately nine years.

The solution takes a while to get up and running before it becomes stable. There is a lot of fine-tuning that needs to be done to make sure that users are authenticated properly and not denied access. I have had the experience of redeploying the ISE several times because of false denial of services or access to services but once it is configured correctly the stability is fine.

I have found this solution is scalable, especially the latest versions. The older versions, have to have some additions in order to make them scalable. However, I think they have resolved this issue.

We have had customers of all business sizes using this solution, from small to enterprise companies.

The community support is satisfactory, it is very easy to get support. You can find any documentation and support within the community. 

The deployment takes a long time. Additionally, if you want to integrate the solution with AD and LDAP you will need someone that is very experienced. It is a good feature to have but it is complex to integrate.

We have had experience deploying this solution to small, medium, and enterprise size companies.

This solution requires an annual license and it is a bit expensive than competitors.

I rate Cisco ISE (Identity Services Engine) an eight out of ten.