Try our new research platform with insights from 80,000+ expert users
Security Engineer at a energy/utilities company with 201-500 employees
Real User
Good stability and enables us to identify and isolate a machine that is infected or that is going to be infected
Pros and Cons
  • "The initial setup was easy. It took around one month. We did the installation part within half an hour to two hours but we found a couple of issues so we raised a case and once everything was resolved it was a month in total."
  • "Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product."

What is our primary use case?

We use this solution to authenticate the domain users and if someone is not the domain user to make them a guest.

How has it helped my organization?

Before, our port would be wide open, anyone could come to the network and put their laptop into the port or any device and they would be able to get the IP. Now, if someone tries to connect to our network through an IU port or internet, they will not be able to access it. Another way this solution has improved our organization is that when we integrate this with our OpenGate server we are able to identify and isolate the machine that is infected, or that is going to be infected.

Plus, we had control on which device we can block in real-time and white list, or according to the MAC address, we can send this device to get an assigned IP from a special VLAN.

What is most valuable?

The identification with McAfee DHL is the most valuable feature. It gives us full visibility to see if there's any malware or malicious activity going on in the network and will then isolate the device.

What needs improvement?

Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product.

Buyer's Guide
Cisco Identity Services Engine (ISE)
September 2024
Learn what your peers think about Cisco Identity Services Engine (ISE). Get advice and tips from experienced pros sharing their opinions. Updated: September 2024.
802,829 professionals have used our research since 2012.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Stability is very good. We haven't faced any issues and there aren't any bugs. 

What do I think about the scalability of the solution?

We currently have around 400 users and we only need two staff members for maintenance. It is being used extensively because all of the users are dependent on it. If the ISE is down no one will be able to authenticate.

How are customer service and support?

Technical support is very good because, on the user phase, it shows who was on the call with us and who helped us. 

How was the initial setup?

The initial setup was easy. It took around one month. We did the installation part within half an hour to two hours but we found a couple of issues so we raised a case and once everything was resolved it was a month in total. 

What about the implementation team?

We used an integrator. We had a good experience with them because we have already worked with them in the past couple of years

Which other solutions did I evaluate?

We researched this solution and found that it fulfills all of our requirements so we didn't look into any other solutions.

What other advice do I have?

I would rate this solution a nine out of ten. 

I would advise someone considering this solution not to enable it with MAC. They are going to be in a very bad state after enabling this with MAC because if you do it is going to isolate so many devices which do not comply with the policy.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Network Engineer with 1,001-5,000 employees
Real User
It can handle Radius and TACACS+. It is quite complex when it comes to troubleshooting.

What is most valuable?

It can handle Radius and TACACS+.

How has it helped my organization?

Authorisation and Authentication Policy creation is easier. Access right limitation is pretty easy in ISE. Context exchange feature is present.

What needs improvement?

It is quite complex when it comes to troubleshooting.

For how long have I used the solution?

2 years

What was my experience with deployment of the solution?

Upgrade was quite a pain. It doesn't exactly go according to the document.

What do I think about the stability of the solution?

On TACACS side, we see some issues. The rest is all going well.

How are customer service and technical support?

Customer Service:

It's good.

Technical Support:

Tech support is still lacking on TACACS troubleshooting on ISE.

Which solution did I use previously and why did I switch?

We were using ACS and IAS servers for radius and TACACS. ISE is one stop shop for everything with more to offer.

What about the implementation team?

Initially done with a Cisco consultant and started with Radius services. Expertise was excellent.

What's my experience with pricing, setup cost, and licensing?

Smartnet is not so cheap depending on the deployment.

What other advice do I have?

We have deployed this solution and we keep on exploring more and more. It can do wonders for authentication and limiting access with the network.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user375078 - PeerSpot reviewer
it_user375078Senior Network Engineer/Mobility Specialist at CCSI - Contemporary Computer Services, Inc.
Real User

We may have borrowed ideas from other sources, but I do not think so. More based on years of experience with ACLs, firewall rule sets and working on the ISE flow and best practices. Also creating a flow chart of ISE flow is great. If you can create it prior to configuration it will guide you. And then create or adjust after implementation. Remember that if your flow chart is clumsy or difficult to organize chances are that your logic is also clumsy or even incorrect. With that said if you are new to ISE (and Dot1x, EAP and RADIUS) a poor flow chart may not reflect an incorrect implementation but a lack of understanding of the underlying principles. GOOD LUCK again!

See all 11 comments
Buyer's Guide
Cisco Identity Services Engine (ISE)
September 2024
Learn what your peers think about Cisco Identity Services Engine (ISE). Get advice and tips from experienced pros sharing their opinions. Updated: September 2024.
802,829 professionals have used our research since 2012.
Technical Solutions Architect at a wholesaler/distributor with 201-500 employees
Reseller
Secure access that is reliable, simple to scale, and easy to install
Pros and Cons
  • "The profiling model included is the most valuable feature."
  • "The user interface could be improved to make it more user-friendly."

What is our primary use case?

I am a reseller. We also implement solutions for our clients. Currently, we have a client who is doing a proof of concept with different clients of their own.

We sell this product to many different clients here in Mexico for both retail and manufacturing plants.

Our clients use Cisco ISE (Identity Services Engine) to secure the access of the users. It's a great tool for access control functions.

What is most valuable?

The profiling model included is the most valuable feature.

What needs improvement?

The user interface could be improved to make it more user-friendly.

For how long have I used the solution?

I have been selling Cisco ISE (Identity Services Engine) for eight years.

What do I think about the stability of the solution?

Cisco ISE (Identity Services Engine) is very stable.

What do I think about the scalability of the solution?

It is very scalable. Cisco ISE (Identity Services Engine) is a nice solution.

How are customer service and support?

I have not had any contact with technical support.

How was the initial setup?

The initial setup is easy.

It can take three days for a basic configuration.

Which other solutions did I evaluate?

As resellers, we frequently evaluate solutions for our customers.

What other advice do I have?

After the deployment, I would recommend completing a proof of concept.

I would rate Cisco ISE (Identity Services Engine) a nine out often.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Network Administrator at a government with 51-200 employees
Real User
Has many valuable features but it needs more support for the customer
Pros and Cons
  • "After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected."
  • "I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support."

What is our primary use case?

It's a network access manager.

How has it helped my organization?

After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected.

What is most valuable?

It has many valuable features. 

What needs improvement?

It has many complications from the administration perspective, it's not easy to learn. Not like other solutions that are very friendly and easy to go through. It needs to be more user-friendly. We'll see the same name on more than one tab so we need to realize why that name is there or why only the main tab is not like the other. I cannot believe that Cisco is the best case of security integration however it is easier to implement.

They are good at integration, I do not expect more from them in that regard. They could think about developing VXLAN. They have LDN switches, we need to get into contextual switches, not catalyst switches. Normal switches. I wish they could explore developing more VXLAN options.

What do I think about the stability of the solution?

Stability is not something absolute. 

What do I think about the scalability of the solution?

Scalability is good. We have 60,000 users. 

How are customer service and technical support?

Their technical support isn't good. 

How was the initial setup?

The initial setup took four to six hours to do. The image between six, seven GB, is a huge image, huge process, and it takes too much time. If somebody has a solution of five, four pieces you need to re-image one or you need to incorporate the solution. It will take days to upgrade the solution. It's very complicated. The deployment will take an entire day. And if you have a complication it can take two days because of the complexity. 

What's my experience with pricing, setup cost, and licensing?

We are a big organization and we can arrange for licenses because we are a big customer. We have an agreement for the security license. Licenses aren't an issue for us. We pay for licenses every five years or six years.

What other advice do I have?

I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Network Engineer/Mobility Specialist at CCSI - Contemporary Computer Services, Inc.
Real User
It has a centralized and unified highly secure access control with ISE, which grew out of ACS.
Pros and Cons
  • "Cisco ISE now competes with any other product in the space because of its centralized and unified highly secure access control with ISE."
  • "The learning curve is steep and the initial setup is complex."

What is most valuable?

Cisco ISE now competes with any other product in the space because of its centralized and unified highly secure access control with ISE. ISE grew out of ACS and in the process has grown up.

What needs improvement?

The learning curve is steep and the initial setup is complex.

What do I think about the stability of the solution?

We've had no issues with stability.

What do I think about the scalability of the solution?

We've had no issues with scalability.

How are customer service and technical support?

Customer Service:

Customer service is good.

Technical Support:

Technical support is very good.

Which solution did I use previously and why did I switch?

Yes. I am a consultant, so I have used many competing products over the years.

How was the initial setup?

The initial setup is complex, but not if you fully vet the solution and leverage the functionality.

What about the implementation team?

I am the services firm that does this work and the SME for my organization.

What was our ROI?

It is hard to quantify ROI. It is more easily measured in increased mobility and security.

What's my experience with pricing, setup cost, and licensing?

There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs.

Which other solutions did I evaluate?

Yes, we used ClearPass.

What other advice do I have?

Not all features are available with base license, plus license allows for profiling and provisioning

Disclosure: My company has a business relationship with this vendor other than being a customer: We resell Cisco.
PeerSpot user
it_user517461 - PeerSpot reviewer
it_user517461Works at a tech company with 51-200 employees
Vendor

It is a great product

See all 3 comments
PeerSpot user
Senior Network Engineer/Mobility Specialist at CCSI - Contemporary Computer Services, Inc.
Real User
Profile Sets help organize how AAA is handled by grouping, like traffic into separate subroutines.

What is most valuable?

Profile Sets help organize how AAA is handled by grouping, like traffic into separate subroutines.

How has it helped my organization?

We implement this for customers is various verticals. Most of the time oit is in Education. It really helps secure, classify and manage users including guest and BYOD users.

What needs improvement?

The product has improved with its evolution. The initial setup, though, is extremely complex.

For how long have I used the solution?

10 years. I have used this since it was Cisco ACS

What was my experience with deployment of the solution?

As the product matures I encounter less and less problems.

What do I think about the scalability of the solution?

The produt scales well.

How are customer service and technical support?

Excellent. TACis quite knowledgable.

Which solution did I use previously and why did I switch?

I have used Microsoft IAS/NPS, Funk, and Aruba ClearPass. ClearPass is the only product in the same league as Cisco ISE.

How was the initial setup?

ISE is extremely complex. With the functionality and flexibility it offers that is to be expected.

What about the implementation team?

I am the vendors's partner.

What's my experience with pricing, setup cost, and licensing?

Licensing and pricing is a complicated calculation, so it is best to really understand your customers' needs. Also team up with the right resources at Cisco for help.

Disclosure: My company has a business relationship with this vendor other than being a customer: We resell this product and the services associated with it. I have used several other RADIUS/security products from various vendors.
PeerSpot user
Senior Solutions Manager at a computer software company with 1,001-5,000 employees
Real User
Good support, stability, and interconnection with the ecosystem
Pros and Cons
  • "The interconnection with the ecosystem and the ability to force rules all over the network are the most important features."
  • "It is a good product, but in order to use all of the functions of the product, you must have a good understanding of the product. You must know how to use and manage it. It is a little bit complicated to configure and manage. It must be simplified to make it easy to manage for end users. In the initial stage, we found ISE complicated for end users. It was not easy to manage it or to write authentication and authorization protocol. They must improve its management and make it easy for end users. The monitoring and reporting capabilities can be improved because end users want to quickly see what is happening in their network. There were some restrictions in working with other vendors. It should also have a better and easy integration with other vendors."

What is most valuable?

The interconnection with the ecosystem and the ability to force rules all over the network are the most important features.

What needs improvement?

It is a good product, but in order to use all of the functions of the product, you must have a good understanding of the product. You must know how to use and manage it. It is a little bit complicated to configure and manage. It must be simplified to make it easy to manage for end users. In the initial stage, we found ISE complicated for end users. It was not easy to manage it or to write authentication and authorization protocol. They must improve its management and make it easy for end users. 

The monitoring and reporting capabilities can be improved because end users want to quickly see what is happening in their network. There were some restrictions in working with other vendors. It should also have a better and easy integration with other vendors. 

For how long have I used the solution?

I have been using this solution for five or six years.

What do I think about the stability of the solution?

It is a stable product.

What do I think about the scalability of the solution?

It is scalable.

How are customer service and technical support?

It has good technical support. We also have local support now, which is better. There is no problem with their technical support. 

How was the initial setup?

People who are experts should deploy such products. In order to preserve the reputation, a product must be set up with the help of a talented or expert person because when you set up, deploy, or install the product in a wrong way, it gives negative feedback to customers.

What's my experience with pricing, setup cost, and licensing?

The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution.

What other advice do I have?

I would rate Cisco ISE an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
it_user735732 - PeerSpot reviewer
Unified Networks at a program development consultancy with 11-50 employees
Reseller
Enables us to grant access to users in a secure and easy way
Pros and Cons
  • "Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement in our network."
  • "There should be an easier way to do the upgrades. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade."

What is our primary use case?

Our primary use case is to grant access to users, we deploy the bring your own device policy.

How has it helped my organization?

Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement for our network.

What is most valuable?

The flexibility to grant anyone access to the network easily and in a secure way is its most valuable feature.

What needs improvement?

There should be an easier way to do the upgrades. Customers were having issues going from one version to the next. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade. 

What do I think about the stability of the solution?

It's very stable. We have around 200 users and only four people are required for maintenance. 

How are customer service and technical support?

As Cisco partners, the point is that we provide our own support. We prefer our own engineers to be ready to support the solution to provide the service to our customers.

What was our ROI?

We have seen ROI from using this solution. 

What other advice do I have?

We plan to increase usage by around 20 to 30%.

It gives people the peace of mind that they have the possibility to grant access to the people that visit their premises and ensures that they are working in a safe environment that is pure and clear when they use the posture services of the solution.

I would rate it a nine out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Buyer's Guide
Download our free Cisco Identity Services Engine (ISE) Report and get advice and tips from experienced pros sharing their opinions.
Updated: September 2024
Buyer's Guide
Download our free Cisco Identity Services Engine (ISE) Report and get advice and tips from experienced pros sharing their opinions.