Cisco Identity Services Engine (ISE) Reviews

The solution is primarily used for Network management and Network Access Controls.

The general usefulness of the product is not specific to a particular feature. This is a comprehensive solution covering access to network to create a zero trust environment. It covers Network Access Control, Network Segmentation & policy control

The solution integrates well with other Cisco solutions. It works both from a single-vendor perspective and in cases where the client might have a hybrid network and multiple security solutions.

The product offers very good functionality.

From a configuration point of view, it's simple. It's not very complex. I don't see any major challenges when using the product.

The solution is reliable.

The scalability is good.

We haven't had any issues with technical support. They have been helpful. 

I have not come across any missing features. 

It would be ideal if Cisco could provide some short training videos or documentation to customers to help them understand how to use the product. 

We have not used this solution for ourselves but implemented it for various organisation's.

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. The performance is good. 

This solution can work well for large enterprises that have a larger environment, such as a distributed environment. Mostly, from my organization's perspective, we deal with SMEs.

The solution is quite scalable. 

I've been in touch with technical support in the past. They are quite good. I am satisfied with the level of support they provide. I don't have any complaints. 

Positive

The initial setup is not very complex. All similar solutions will have a similar type of configuration as well, so it's pretty simple to figure things out. 

In terms of how long a deployment takes, it primarily depends upon the environment the customer has. Customers might have a very basic environment wherein it might get done in a couple of hours or so. If it is a very complex environment and they have multiple policies to be deployed, then it could definitely take more time.

There aren't any challenges when it comes to maintenance. It's pretty simple. 

I don't handle the licensing aspect of the product. I can't speak to the exact costs involved. 

We have not faced any major challenges in terms of getting a good price point from our customer's perspective. That said, the pricing would depend upon the perceived value of the solution rather than the actual cost of the product. If the solution is able to help the customer in mitigating its challenges many customers don't see any point in discussing the price point if POC is successful

We are a system integrator.

The version of ISE we are using depends on the customer. 

We primarily have the solution set up on premise. 

In terms of advice, from a security standpoint, it is paramount for any organisation, to be secure, no matter its size (large or small). Having secure network access control will always make it safer & help organisation in attaining a zero trust environment 

I'd rate the solution at an eight out of ten. 

We primarily use the solution for network admission control.

Previously, what used to happen is that we use to have anyone - any user, a staff member or a non-staff member, consultant contractors, etc. able to connect to our line without authentication, which I think posed a security risk. We felt that whoever connected to our network should be authenticated. We should know the person. We should have visibility to see who was connecting to our network so that we can detect anomalies. Now, we have different profiles, of different users and staff and for contractors or others. So, depending on the profile, there's control on the access that you can get.

An area that could be improved is the agent. The challenge now is that agent and most of the computers have changed. They could think about agent-less deployment. Also, I've not explored MDM but if it should be integrated. 

In terms of scalability, I think it's scalable. Quite scalable and very intricate. Easy to use and provides good support. 

We've had many issues with technical support but from the local vendor, we do get a lot of support which is good. The fact that we also did some training helped. We normally don't have so much trouble when we rescale. We see that we can fix it and then if there are issues, with the vendors and their help, we can rescale it.

Initially, the setup is a bit complex but that depends on the vendor. Maybe because of the complexities around it. Sometimes I think it's about how the best project team really does it.

The person who was put in place to implement it couldn't. So we got another vendor who was good and was a lot more experienced. It's a very new feature so we're hopeful here in Uganda. My country only has about maybe 2 or 3 clients. Those are the ones I know about, our team being one of them.

The deployment strategy was faster than the pilot. We had to see how it works and then we had to, in a transparent manner, see how it works. Deployment took about six months. But the rollout is on-going because we keep opening branches all the time, so we just keep adding them into the solution. For deployment, we used the front liner support but for documentation, we had professional staff. For deployment and maintenance, we have a small team of maybe about five to ten. 

I would give the solution 5.5 out of 10.

We use it to aid the tools that we make and to sponsor and get flow.

We distribute internet access to guests. It's the product to our environment.

The profiling option is the most valuable feature. 

They should improve the upgrades. It's not easy to upgrade the solution. 

It's stable. 

It is scalable because we use a network load balancer at the front of the PSN. It can be extended as we want to multiply. It's scalable to our environment. We have around 8,000 users and we are planning to expand it. 

I opened some tickets with them and I had no problems. They are engineers from India and the U.S and they perform well.

The initial setup was complex. The deployment took around one year. 

We used an integrator for the deployment. They didn't know a lot about the solution so we had to learn about it ourselves and helped them.

We have seen ROI from this solution. 

We use a virtual machine so in terms of pricing, we can extend it as much as we need. The licensing; we had to renew twice and in my opinion, it's good.

We also looked at ForeScout but we preferred Cisco ISE. 

I would rate this solution a ten out of ten. 

• I'ts compatibility with 802.1X
• Posture
• Profiling
• Guest Portal

As an integrator, I can tell that this product is mostly used for implementing wireless 802.1X with Active Directory and guest portals. It can be integrated with Active Directory and an external SMS gateway, can be used to track user authentications with Cisco WLC, can be therefore used to completely implement BYOD (considering the tight integration with leading MDM vendors). The product can be bought as a physical appliance as well a virtual appliance.

We are waiting for TACACS integration to completely replace the Cisco ACS line of products.

I've used it for about four years.

Being a product relatively young the product seems incredibly stable and not prone to system outages.

Having a Cisco consolidated experience with this type of products, the product encounters very little of no scalability problem.

Cisco has implemented a special ATC partner program to help partners and customers to have a smooth deployment. As far as I know there is also a dedicated TAC area for this product, Cisco commitment on the ISE line of product is really at a top level. I can say this with an high degree of certainty being a Cisco Gold Partner.

We use this product because we mainly sell this as a premier class NAC solution, compared to other similar products.

The initial setup is very straightforwardly done by following the product’s document guides.

I work for a vendor/system integrator.

The main advice is to seek for an accredited ATC system integrator with a large ISE portfolio.

I primarily use ISE for segregating identities, IP addresses, and ports.

ISE's most valuable feature is integration between IT and OTs.

There are still some bugs in ISE that need to be worked out.

I've been working with Cisco ISE for three years.

ISE is stable.

ISE is scalable.

Cisco's tech support could be improved.

The initial setup was straightforward.

Regardless of your industry, I would recommend Cisco ISE if you want good identity management. I would rate this solution seven out of ten.

My primary use case of this solution is for access control for authentication and for the authorization of wireless users.

For device administration, all devices have multifactor authentication in collaboration with IT, so it secures access to all of our devices. For guest and wireless access, it's a matter of a lowly manager who we give access to the portal and he can assign access to the guests, so it's a very simple process now. It keeps IT focusing on their work, and gives the business people the right access. 

Also, with BYOD mobile users can work easier and in a more secure way. For the places in public access we're securing our network socket, so now not everybody can plug in and log into our network due to this feature. It's making it more secure for headquarters.

• BYOD service
• The guest and secure wireless access
• Compliance and posture
• Wireless administration

The compliance and posture don't always work. They should make it more stable. With each upgrade, we lose some functionality. We have to wait for another upgrade.

I would like to see them develop some type of device management, like an iPad feature, just to be able to give security access to certain devices for management. Mainly for the suppliers and the third parties.

Another feature I would like to see would be for them to create the ability to integrate with other products from the start. We always search for products that integrate with us and so it would ease the management and then everybody would be entered. 

It's 99% stable. 

It's scalable. We have more than 500 users. We are planning to use more features and to integrate it with other branches that we have. It's a way to have a global solution across all branches.

Technical support is okay. Sometimes it takes a long time for them to respond. We'll usually end up solving our own issues. The response time should be shorter. 

The initial setup was complex. It took time to have a stable environment but once it stabilized, it was great. Although, we had six to seven months of an unstable system. 

We deployed through a reseller, they were good. We require two staff members for maintenance.

Our ROI is good enough. It's simplifying things for IT and for the business, so it's good for both sides. It solves a lot of issues that without the product would be costly to our organization so we see ROI in that sense. 

Licensing is very complicated and it changes a lot. I know recently it changed since we acquired the solution. It had a different licensing scheme that has changed. 

The cost is high compared to other solutions. Even so, it is better than what's on the market. The licensing model is complicated and the cost is a little bit high.

It's a great product but you should be careful to plan before deploying. Do thorough planning as not to do the same error that we did. We didn't do enough planning before deploying so it took us a long time to have a thorough plan. 

I would rate this solution a nine out of ten. 

Our clients use Cisco ISE for security, especially in the finance industry.

Our clients like Cisco ISE because they already use various Cisco solutions. It's easy for them to use this solution because they have an engineer with Cisco certifications.

The price could be better. I would like to see more integration with third-party solutions in the next release. This is because many of my clients don't have Cisco.

We have been a partner dealing with Cisco ISE for about 14 years.

Cisco ISE is very stable.

Scalability is good.

I think Cisco has already improved its support for this solution.

On a scale from one to five, I would give technical support a five.

Neutral

The initial setup is easy. We have two engineers who implement this solution.

On a scale from one to five, I would give the initial setup a four.

Cisco is expensive, but it's the cost for all the functions and value it brings. Functions like internet solutions, integrations, security, and many more features are important, but it's expensive for some clients.

I would tell potential users that this is a good solution.

On a scale from one to ten, I would give  Cisco ISE a ten.

We use Cisco ISE for authentication for VPN and network management.

The WiFi portal in Cisco ISE is very useful for WiFi customers.

In an upcoming release, it would be nice to have NAC already standard in the solution.

I have used Cisco ISE within the past 12 months.

Cisco ISE has been stable.

I have found Cisco ISE to be scalable.

We have two of the Cisco ISE devices installed.

The technical support has been good.

The solution does not require a maintenance or support team.

There is a license to use this solution and the price is reasonable.

When someone is implementing this solution the difficulty depends on where they started. We started with zero and there was a very large learning curve. However, once they understand how it works, it's straightforward. There is a sharp learning curve to start working with it.

I rate Cisco ISE an eight out of ten.