Cisco Identity Services Engine (ISE) Reviews

Cisco ISE now competes with any other product in the space because of its centralized and unified highly secure access control with ISE. ISE grew out of ACS and in the process has grown up.

The learning curve is steep and the initial setup is complex.

We've had no issues with stability.

We've had no issues with scalability.

Customer Service:

Customer service is good.

Technical Support:

Technical support is very good.

Yes. I am a consultant, so I have used many competing products over the years.

The initial setup is complex, but not if you fully vet the solution and leverage the functionality.

I am the services firm that does this work and the SME for my organization.

It is hard to quantify ROI. It is more easily measured in increased mobility and security.

There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs.

Yes, we used ClearPass.

Not all features are available with base license, plus license allows for profiling and provisioning

We use Cisco ISE for authentication for VPN and network management.

The WiFi portal in Cisco ISE is very useful for WiFi customers.

In an upcoming release, it would be nice to have NAC already standard in the solution.

I have used Cisco ISE within the past 12 months.

Cisco ISE has been stable.

I have found Cisco ISE to be scalable.

We have two of the Cisco ISE devices installed.

The technical support has been good.

The solution does not require a maintenance or support team.

There is a license to use this solution and the price is reasonable.

When someone is implementing this solution the difficulty depends on where they started. We started with zero and there was a very large learning curve. However, once they understand how it works, it's straightforward. There is a sharp learning curve to start working with it.

I rate Cisco ISE an eight out of ten.

The RADIUS Server holds the most value.

The TACACS feature in ISE is good.

We also use the Posture feature to control the environment.

The product features are quite good.

One of the main issues in  Cisco ISE (Identity Services Engine) is that it lags excessively.

Sometimes Cisco ISE (Identity Services Engine) just doesn't work properly, due to misconfiguration.

I would like to see the product simplified more, especially with the configuration.

I have been working with Cisco ISE (Identity Services Engine) for approximately two years.

We are using version 2.7 Patch 2.

Cisco ISE (Identity Services Engine) is easy to scale.

I have approximately 450 Apex end-based licenses.

Currently, we don't have plans to expand.

Technical support as always is one of the best.

The initial setup was a bit complex. It took us three to four weeks to complete the setup and get it up and running. We had help from the reseller.

It was deployed by a vendor.

It was installed by a vendor.

It's a bit expensive, especially the licensed product.

The hardware is purchased one time. 

The support license is reasonable, but when compared to other products, such as ClearPass or Fortinet, the base license for users is much lower in other products. In general, Cisco is more expensive.

I would like to see one license based on one user. We do not need to use multiple licenses in order to have multiple features in the product.

One of the issues in ISE is that if you need more features you have to have multiple licenses per user. One user can have three or four licenses. 

It would be beneficial to have a single license that included all of the features.

We are currently trying to deploy Fortinet network access control. The support from Fortinet is disappointing.

We are in the testing phases, but there is a good possibility that we will go with Fortinet.

We have not used it yet. We will try the POCs this week coming.

I would suggest having an experienced engineer implement the product. If there is an error when implementing, you will experience many issues, especially lagging.

If it was well implemented I would rate it a nine out of ten, because it's good.

Cisco ISE (Identity Services Engine) is used in large enterprise companies. In our company and with our implementation, I would rate  Cisco ISE (Identity Services Engine) a four out of ten.

It can handle Radius and TACACS+.

Authorisation and Authentication Policy creation is easier. Access right limitation is pretty easy in ISE. Context exchange feature is present.

It is quite complex when it comes to troubleshooting.

2 years

Upgrade was quite a pain. It doesn't exactly go according to the document.

On TACACS side, we see some issues. The rest is all going well.

It's good.

Tech support is still lacking on TACACS troubleshooting on ISE.

We were using ACS and IAS servers for radius and TACACS. ISE is one stop shop for everything with more to offer.

Initially done with a Cisco consultant and started with Radius services. Expertise was excellent.

Smartnet is not so cheap depending on the deployment.

We have deployed this solution and we keep on exploring more and more. It can do wonders for authentication and limiting access with the network.

The primary use case is to have network access control and automation to integrate with the enterprise network. It also helps provide a method to make segmentations between users and enable access control.

Cisco ISE has provided more mobility for the organization while controlling access no matter how the users connect to the network.

I like the guest access feature, which has been important for us. The BYOD feature is also good. 

Segmentation can be improved. They can also improve security policies for each group of users, and automation can also be better. The software interface could be better. They should make it easier for users to find features.

I have been working with Cisco ISE for more than three years, but in general, I have more than 20 years of experience working with Cisco.

Cisco ISE is a stable solution.

Cisco ISE is very scalable.

Cisco technical support is very good.

The initial setup is complex, and you can't easily find the features you want.

If we're talking about a medium enterprise and there is a greenfield, it can take between one or two weeks.

I think the price is okay.

I advise new users to go through the admin guides for implementation and follow the script very carefully.

On a scale from one to ten, I would give Cisco ISE an eight.

The interconnection with the ecosystem and the ability to force rules all over the network are the most important features.

It is a good product, but in order to use all of the functions of the product, you must have a good understanding of the product. You must know how to use and manage it. It is a little bit complicated to configure and manage. It must be simplified to make it easy to manage for end users. In the initial stage, we found ISE complicated for end users. It was not easy to manage it or to write authentication and authorization protocol. They must improve its management and make it easy for end users. 

The monitoring and reporting capabilities can be improved because end users want to quickly see what is happening in their network. There were some restrictions in working with other vendors. It should also have a better and easy integration with other vendors. 

I have been using this solution for five or six years.

It is a stable product.

It is scalable.

It has good technical support. We also have local support now, which is better. There is no problem with their technical support. 

People who are experts should deploy such products. In order to preserve the reputation, a product must be set up with the help of a talented or expert person because when you set up, deploy, or install the product in a wrong way, it gives negative feedback to customers.

The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution.

I would rate Cisco ISE an eight out of ten.

We use Cisco ISE to develop products for other people. We don't really use it in our system. We just buy it and implement it when our customers require ISE.

I like that Cisco ISE is easy to use.

Migration could be better. Right now, we back up with the new version, and it requires a lot of licensing and other things. Whenever we choose a product, it's very difficult because we have to meet the requirements of each feature. There is no standard feature, so the best system that we bought may not fit the solution. 

We have to look at every feature that the customer uses. If you compare it with other products like Aruba, it's not the same. With Cisco, I have to read all about the features on this version and the licensing required for the product. In Aruba, that thing is covered when you get one license because it covers almost everything. It could also be more scalable.

We have been using Cisco ISE for 20 to 30 years.

It could be more scalable. It's easy to scale initially, but it will become very difficult at a certain point. In the beginning, it's in the previous environment, and it's pretty easy. But after we integrate it, we need to do a couple more to scale the product, which is more difficult.

We have less than 300 people using it worldwide. We deal with an airline company, so people who come to use it aren't many, but it's available to everyone from everywhere around the world.

We deal with a local Cisco partner for technical support. I haven't dealt with Cisco directly in Bangkok. 

I think Cisco takes around six months to complete the migration from the old one to the new one. This is because we have compliance and a lot of other things here.

Our in-house team implements this solution. It takes about three people to maintain this solution.

It costs around 50,000 baht in the first year, but I'm unsure about the second year.

On a scale from one to ten, I would give Cisco ISE a seven.

My primary use case is network address translation and layer 4 filtering.

Without this product, we wouldn't be able to use our public ID the way we need to.

The most valuable feature is the ASDM - the user interface makes it very easy to configure the firewall.

I would like the product to include support for OSVS version three.

I've been using this solution for about five years.

This is a stable product.

The scalability is good - currently, we don't have an internet bandwidth greater than 10GB, so it's efficient for us.

The initial setup was straightforward, and deployment was done in one night.

I implemented using an in-house team.

This product has helped us protect our infrastructure.

I considered some open source solutions, but those are usually difficult to set up.

I would recommend this solution as it is very easy to set up and has a very easy user interface. I would rate this solution as eight out of ten.