Cisco Identity Services Engine (ISE) Reviews

We use Cisco ISE for network management, user access for enterprise clients, and advanced firewall support. We use Cisco ISE on domains and clients jointly with other network software utilities.

We use Cisco ISE as our main controller for the management of clients that need to join our network.

The best feature of the Cisco ISE platform is that it is compatible with Microsoft products. 

Cisco ISE is complex. The deployment and design of networks with it is so complex. If it could change it would be better. 

It needs a better solution for reduced complexity.

I think to add more people to four-thousand users is going to be hard. Cisco needs to make it easier to add more people.

The Cisco ISE platform is stable.

On our network, we use Cisco ISE as a platform utility to support three thousand users.

The initial setup of the Cisco ISE platform was complex and the deployment was also difficult.

On a scale from one to ten, I would rate Cisco ISE an eight because the server is so complex. Cisco needs to re-program or re-issue it and release a new version with more adequate sizing for small businesses. 

It's a network access manager.

After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected.

It has many valuable features. 

It has many complications from the administration perspective, it's not easy to learn. Not like other solutions that are very friendly and easy to go through. It needs to be more user-friendly. We'll see the same name on more than one tab so we need to realize why that name is there or why only the main tab is not like the other. I cannot believe that Cisco is the best case of security integration however it is easier to implement.

They are good at integration, I do not expect more from them in that regard. They could think about developing VXLAN. They have LDN switches, we need to get into contextual switches, not catalyst switches. Normal switches. I wish they could explore developing more VXLAN options.

Stability is not something absolute. 

Scalability is good. We have 60,000 users. 

Their technical support isn't good. 

The initial setup took four to six hours to do. The image between six, seven GB, is a huge image, huge process, and it takes too much time. If somebody has a solution of five, four pieces you need to re-image one or you need to incorporate the solution. It will take days to upgrade the solution. It's very complicated. The deployment will take an entire day. And if you have a complication it can take two days because of the complexity. 

We are a big organization and we can arrange for licenses because we are a big customer. We have an agreement for the security license. Licenses aren't an issue for us. We pay for licenses every five years or six years.

I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support. 

We use the solution to secure the endpoint. Before the user connects to the network, it can be investigated whether to connect.

Cisco ISE has a powerful posturing tool with security requirements. This data can be integrated with the device identity and threat intelligence surface, enabling you to create granular policies based on a device's identity. Just like we made policies based on Samsung or Lenovo, you can now do the same based on its compliance posture.

You have to restart the system to change the DNS or NTP server.

I have been using Cisco ISE as a system integrator for three years.

I rate the solution’s stability an eight out of ten.

The solution’s scalability is good. We cater the solution to medium-sized businesses.

I rate the solution’s scalability an eight out of ten.

The initial setup is easy. One engineer can deploy it in three hours.

The product has moderate pricing and comes with a subscription model.

We must check the compatibility with the other device before using Cisco ISE. Fortinet or Palo Alto provides integration to another device.

The solution has medium maintenance.

Overall, I rate the solution a nine out of ten.

We primarily use the solution in our infrastructure.

I'm very satisfied with the product. It has been excellent so far. 

From the performance perspective, it is excellent. The outcome is as expected, giving control to the network. 

There is good integration with third-party systems like antivirus patch management, MDM.

They need to simplify the processes and management more, as well as the platform. Their user experience is a bit complicated, and it's not easy to manage. They need to do something to enhance the management console and make it more simple and easier to use.

I need to see stronger integration with Cisco SDN. Instead of treating it as a separate appliance, it should be a built-in feature in the SDN solution. This is one of the things that will reduce the complexity of Cisco's architecture. Instead of having multiple appliances, and getting lost in-between, and not knowing where is the problem is, everything can just be in one place. It will be better to move this feature or this technology as a built-in technology in the SDN solutions, similar to DNA and ACI.

The pricing and licensing structure are not ideal for customers.

I've used this solution for about five years, both in my previous company and my current company as well.

The solution provides excellent stability and reliability. There are no bugs or glitches. It doesn't crash or freeze. 

We are a customer and an end-user.

Cisco, on the price, is not good now. This might entice customers or end-users to go for another cheaper solution where they can still find most of the features Cisco offers. 

They are now offering subscription licenses, and you have to pay thousands of dollars every year for maintenance and renewing support. Most users will not accept this new strategy of Cisco. It's not like HP or Dell, where, when you purchase the hardware and it's a lifetime license. It's a lifetime subscription. You don't need to renew the license every two years. Therefore, from a price perspective, no, Cisco's not good. Their strategy now seems to be pushing customers to go for other solutions.

The product is excellent and I would rate it at a nine out of ten.

I am a reseller. I provide solutions to our customers.

We used Cisco ISE for Wi-Fi implementation for one project at the International Airport.

The most valuable features of this solution are guest authentication and stop authentication.

I felt that it was quite good and well suited for us.

Overall, the features and the product are quite good. 

It has all of the features available, in fact, more than what you need.

The initial setup could be simplified.

The support could be faster and the pricing could be reduced.

Cisco ISE is a stable product.

It is a scalable solution.

Technical support is fine.

It might take some time. At times, it will take two hours to come online.

Support is available as long as you have the support contract.

I have not worked on any other product.

The initial setup is a bit complex. The integration with the Active Directory is a bit involved.

The price is a bit on the high side.

The features are quite comprehensive, but it's okay. However, the pricing is on the higher side.

Feature-wise, it is a nine out of ten. Overall, I would rate Cisco ISE an eight out of ten.

We use this solution to authenticate the domain users and if someone is not the domain user to make them a guest.

Before, our port would be wide open, anyone could come to the network and put their laptop into the port or any device and they would be able to get the IP. Now, if someone tries to connect to our network through an IU port or internet, they will not be able to access it. Another way this solution has improved our organization is that when we integrate this with our OpenGate server we are able to identify and isolate the machine that is infected, or that is going to be infected.

Plus, we had control on which device we can block in real-time and white list, or according to the MAC address, we can send this device to get an assigned IP from a special VLAN.

The identification with McAfee DHL is the most valuable feature. It gives us full visibility to see if there's any malware or malicious activity going on in the network and will then isolate the device.

Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product.

Stability is very good. We haven't faced any issues and there aren't any bugs. 

We currently have around 400 users and we only need two staff members for maintenance. It is being used extensively because all of the users are dependent on it. If the ISE is down no one will be able to authenticate.

Technical support is very good because, on the user phase, it shows who was on the call with us and who helped us. 

The initial setup was easy. It took around one month. We did the installation part within half an hour to two hours but we found a couple of issues so we raised a case and once everything was resolved it was a month in total. 

We used an integrator. We had a good experience with them because we have already worked with them in the past couple of years

We researched this solution and found that it fulfills all of our requirements so we didn't look into any other solutions.

I would rate this solution a nine out of ten. 

I would advise someone considering this solution not to enable it with MAC. They are going to be in a very bad state after enabling this with MAC because if you do it is going to isolate so many devices which do not comply with the policy.

The solution is primarily used for Network management and Network Access Controls.

The general usefulness of the product is not specific to a particular feature. This is a comprehensive solution covering access to network to create a zero trust environment. It covers Network Access Control, Network Segmentation & policy control

The solution integrates well with other Cisco solutions. It works both from a single-vendor perspective and in cases where the client might have a hybrid network and multiple security solutions.

The product offers very good functionality.

From a configuration point of view, it's simple. It's not very complex. I don't see any major challenges when using the product.

The solution is reliable.

The scalability is good.

We haven't had any issues with technical support. They have been helpful. 

I have not come across any missing features. 

It would be ideal if Cisco could provide some short training videos or documentation to customers to help them understand how to use the product. 

We have not used this solution for ourselves but implemented it for various organisation's.

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. The performance is good. 

This solution can work well for large enterprises that have a larger environment, such as a distributed environment. Mostly, from my organization's perspective, we deal with SMEs.

The solution is quite scalable. 

I've been in touch with technical support in the past. They are quite good. I am satisfied with the level of support they provide. I don't have any complaints. 

Positive

The initial setup is not very complex. All similar solutions will have a similar type of configuration as well, so it's pretty simple to figure things out. 

In terms of how long a deployment takes, it primarily depends upon the environment the customer has. Customers might have a very basic environment wherein it might get done in a couple of hours or so. If it is a very complex environment and they have multiple policies to be deployed, then it could definitely take more time.

There aren't any challenges when it comes to maintenance. It's pretty simple. 

I don't handle the licensing aspect of the product. I can't speak to the exact costs involved. 

We have not faced any major challenges in terms of getting a good price point from our customer's perspective. That said, the pricing would depend upon the perceived value of the solution rather than the actual cost of the product. If the solution is able to help the customer in mitigating its challenges many customers don't see any point in discussing the price point if POC is successful

We are a system integrator.

The version of ISE we are using depends on the customer. 

We primarily have the solution set up on premise. 

In terms of advice, from a security standpoint, it is paramount for any organisation, to be secure, no matter its size (large or small). Having secure network access control will always make it safer & help organisation in attaining a zero trust environment 

I'd rate the solution at an eight out of ten. 

Our primary use case is to grant access to users, we deploy the bring your own device policy.

Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement for our network.

The flexibility to grant anyone access to the network easily and in a secure way is its most valuable feature.

There should be an easier way to do the upgrades. Customers were having issues going from one version to the next. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade. 

It's very stable. We have around 200 users and only four people are required for maintenance. 

As Cisco partners, the point is that we provide our own support. We prefer our own engineers to be ready to support the solution to provide the service to our customers.

We have seen ROI from using this solution. 

We plan to increase usage by around 20 to 30%.

It gives people the peace of mind that they have the possibility to grant access to the people that visit their premises and ensures that they are working in a safe environment that is pure and clear when they use the posture services of the solution.

I would rate it a nine out of ten.