Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs Cisco Secure Firewall comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.4
Cisco Identity Services Engine enhances security, reduces breaches, ensures compliance, simplifies management, and consolidates systems for cost savings and efficiency.
Sentiment score
5.8
Cisco Secure Firewall offers ROI through reliability, preventing costly incidents, improving efficiency, and easy integration despite ROI quantification challenges.
Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.
 

Customer Service

Sentiment score
5.9
Cisco ISE support is praised for knowledge and responsiveness, yet occasionally inconsistent with integration and follow-up challenges.
Sentiment score
6.4
Cisco Secure Firewall users praise efficient customer service but note occasional inconsistency; direct contracts improve support quality.
I rate the technical support as one out of ten.
Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.
I have to provide many logs, yet problems remain unresolved, often requiring workarounds rather than solutions.
I have been working with them on firewalls, wireless, switching, and routing, and the support is the best.
If I have a priority one case, I am able to call the manager to raise the severity.
 

Scalability Issues

Sentiment score
7.3
Cisco Identity Services Engine (ISE) offers high scalability, supporting large deployments and enterprise expansions despite hardware and setup challenges.
Sentiment score
6.6
Cisco Secure Firewall is scalable and flexible for businesses, but costs and hardware vary, requiring careful needs assessment.
Factors like architecture, business nature, and legal limitations such as GDPR affect it.
Scalability presents a challenge.
Compared to FortiGate and Palo Alto, it lags in configuration and other aspects.
 

Stability Issues

Sentiment score
7.7
Cisco ISE is highly reliable and stable, though larger deployments may experience occasional performance and configuration challenges.
Sentiment score
8.9
Cisco Secure Firewall is praised for stability, reliability, minimal issues, rapid updates for bugs, and exceptional performance under pressure.
Cisco Identity Services Engine (ISE) is considered very reliable and stable.
The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication.
Cisco Secure Firewall offers exceptional performance and stability.
 

Room For Improvement

Cisco Identity Services Engine requires improved integration, user interface, documentation, compatibility, and management efficiency to enhance user experience.
Cisco Secure Firewall users seek improvements in routing support, cost efficiency, UI design, integration, and performance enhancements.
The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE).
Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features.
They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases.
Firepower Management Center is quite out of date compared to other vendors.
The integration between Cisco products themselves presents difficulties, such as SD-WAN configuration.
Cisco Firewalls require FMC for management.
 

Setup Cost

Cisco ISE offers three pricing tiers, with high costs and complex licensing, but provides extensive features and potential discounts.
Cisco Secure Firewall is costly but valued for performance, support, and discounts, appealing to security-focused enterprises.
Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.
The license costs can range between $50,000 to $100,000 per year for enterprises.
Cloud solutions are expensive, while on-prem setups with shared environments are cheaper but not effective.
It's considered a premium, but people pay that price for Cisco.
The licensing process for Cisco Secure Firewall is convoluted, involving many steps to request and enter a license key.
 

Valuable Features

Cisco ISE enhances network security with integration, 802.1X authentication, policy management, ease of use, and strong access control.
Cisco Secure Firewall offers robust security, easy management, and integration with high availability, scalability, and centralized policy creation.
Cisco Identity Services Engine (ISE) offers authentication using RADIUS, enhancing network security by separating and segregating networks.
The solution is integrated with other Cisco devices and can offer automation for an organization, making deployments more dynamic and providing real-time visibility.
Cisco Identity Services Engine (ISE) is very good at device administration.
It includes features like IPS, malware protection, and other security features.
Cisco Firewall has very good features, like trusted applications and restricted access for users based on keywords.
The most valuable features of Cisco Secure Firewall include the next-generation firewall and its strong anti-malware capabilities.
 

Categories and Ranking

Cisco Identity Services Eng...
Ranking in Cisco Security Portfolio
1st
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
142
Ranking in other categories
Network Access Control (NAC) (1st)
Cisco Secure Firewall
Ranking in Cisco Security Portfolio
4th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
411
Ranking in other categories
Firewalls (7th)
 

Mindshare comparison

As of April 2025, in the Cisco Security Portfolio category, the mindshare of Cisco Identity Services Engine (ISE) is 23.5%, up from 19.1% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.6%, up from 5.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cisco Security Portfolio
 

Featured Reviews

SunilkumarNaganuri - PeerSpot reviewer
Enhanced device administration hindered by complex deployment and security limitations
Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
report
Use our free recommendation engine to learn which Cisco Security Portfolio solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
25%
Computer Software Company
14%
Financial Services Firm
8%
Government
7%
Educational Organization
41%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use Fortinet too...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the e...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection ...
 

Also Known As

Cisco ISE
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Find out what your peers are saying about Cisco Identity Services Engine (ISE) vs. Cisco Secure Firewall and other solutions. Updated: March 2025.
849,190 professionals have used our research since 2012.