Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs Cisco Secure Firewall comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Identity Services Eng...
Ranking in Cisco Security Portfolio
1st
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
142
Ranking in other categories
Network Access Control (NAC) (1st)
Cisco Secure Firewall
Ranking in Cisco Security Portfolio
4th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
409
Ranking in other categories
Firewalls (7th)
 

Mindshare comparison

As of April 2025, in the Cisco Security Portfolio category, the mindshare of Cisco Identity Services Engine (ISE) is 23.5%, up from 19.1% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.6%, up from 5.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cisco Security Portfolio
 

Featured Reviews

SunilkumarNaganuri - PeerSpot reviewer
Enhanced device administration hindered by complex deployment and security limitations
Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Profiling is one of the most valuable features. We have a lot of different devices between cameras, access points, and laptops that get plugged in."
"When you push out the policy, it is able to populate the entire network at one time."
"A lot of customers use a third party to manage their guest Wi-Fi. Cisco ISE presents the ability to bring that in-house so that customers can have full control over it, change the branding, and get extra telemetry from it and the user data. It works really well for our customers."
"I really enjoy the live log section. Sometimes, you will have someone who is having issues connecting to the network, and then you have to ask them the dreaded question of, "Did you type a password wrong?" They will probably tell you, "No," but the live log can help sort that out. It gives us that extra ability to assist the end user and make sure that we are making them happy."
"The most valuable feature is the flexibility of the policy sets."
"The most valuable feature of Cisco ISE is its seamless integration with the switches and the entire suite, enabling wireless access and smooth client information retrieval."
"We have seen ROI. It has done its job. It has protected us when we needed it to."
"The policy sets give us more granular groups for end-user access."
"The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team."
"The features I've found most valuable are the packet captures and packet traces because they help me debug connections. I like the logs because they help me see what's going on."
"The user interface is easy to navigate."
"Filtering is the best feature."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"Cisco's technical support is the best and that's why everybody implements their products."
"The product is easy to manage and simple. It works with the rest of our Cisco products. You can drop in new ones if you need more performance. The training and documentation provided are good."
"The VPN functionality is consistent, and the performance is good."
 

Cons

"When I work with customers to do my knowledge transfer, they're really overwhelmed with the navigation of the product and the number of things you can do with it. From a user interface standpoint, Cisco could focus on making certain tasks a bit more guided and easier for customers to walk through. That is, a user-friendly interface and streamlined workflows would be great."
"The user interface can be improved."
"The customer server was great but it would have been better for me if they had support in other languages such as Spanish."
"I would like to see integration with other vendors, and the RADIUS integration needs to be improved a little bit."
"The intuitiveness of the user interface could be improved."
"Cisco ISE's real-time data analytics for database logging could be improved."
"In an upcoming release, it would be nice to have NAC already standard in the solution."
"The solution is not so user-friendly."
"They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product."
"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be."
"If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own."
"Multiple WAN connections: Even though you can implement more than one interface to outside connections, it is lacking on load balances, etc."
"The most valuable features of the product are the VPN and the NextGen firewall features such as application control, URL filtering, etc."
"It is not easy to configure."
"The overall licensing structure could improve to make the solution better."
"One of my main concerns, an area that could use improvement is in adjusting the need to buy a license to enable features."
 

Pricing and Cost Advice

"For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."
"The licensing is subscription-based and based on the user account."
"The solution is not that cheap."
"Its price is probably good if you use all of its features and functionalities to protect your environment. If you use only a part of the functionality, its price is too high. It is just a question of value and the functionality you use."
"Cybersecurity resilience has been very important to our organization and has been a big factor. We've had issues in the past, but one of the things I like about ISE is its logging features. Security wise or information wise, it really has been a powerful tool."
"The price for Cisco ISE itself is very low, however, Cisco professional services are quite expensive. Subscription amount is dependent on number of users."
"The price is a bit on the high side."
"If you're not going through an agreement, it's very expensive."
"Once you know what the product is, it is not that bad. Yes, it is expensive. When you try to get a license, it is like, "Well, I don't know which one of these I need. And, if I don't buy it now, then I will probably be back later. Now, I have to justify the money." Typically, you end up just buying everything that you don't use most of the time. It is one of those solutions where you get what you pay for. If you don't know what you need, just buy everything. We have additional licenses that we don't use."
"This product is expensive."
"The Cisco licensing agreement in Bangladesh is different than the one in India and in Dubai. It is not a problem, but if you want to subscribe to the yearly subscription, the original cost is really high. Also, if you go for an anti-virus, you pay for an additional yearly subscription."
"It is a great solution for medium or big enterprises, not so much for small businesses, mainly due to the financial costs."
"Cisco's prices are more or less comparable to those of other products."
"I bought a license for three years and it was really affordable."
"Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
"The cost is a bit higher than other competitive solutions on the market."
report
Use our free recommendation engine to learn which Cisco Security Portfolio solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Computer Software Company
14%
Financial Services Firm
8%
Government
7%
Educational Organization
42%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use Fortinet too...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the e...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection ...
 

Also Known As

Cisco ISE
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Find out what your peers are saying about Cisco Identity Services Engine (ISE) vs. Cisco Secure Firewall and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.