Cisco Identity Services Engine (ISE) vs Fortinet FortiToken comparison

The compared Cisco and Fortinet solutions aren't in the same category. Cisco is ranked #1 in NAC , with an average rating of 8.3, and holds a 27.1% mindshare in the category. Fortinet is ranked #3 in AS , with an average rating of 8.5, and holds a 6.5% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 88% of Fortinet users who would recommend it.

Cisco Identity Services Eng...

Read 142 Cisco Identity Services Engine (ISE) reviews

16,669 Views
10,882 Comparison Views

87% willing to recommend

Fortinet FortiToken

Read 29 Fortinet FortiToken reviews

4,155 Views
3,029 Comparison Views

88% willing to recommend

Cisco Identity Services Eng...

Fortinet FortiToken

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Identity Services Engine (ISE) and Fortinet FortiToken based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC).

To learn more, read our detailed Network Access Control (NAC) Report (Updated: March 2025).

Buyer's Guide

Network Access Control (NAC)

March 2025

Download the complete report

Helped 842,690 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Identity Services Eng...

Average Rating

8.2

Reviews Sentiment

6.7

Number of Reviews

142

Ranking in other categories

Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)

Fortinet FortiToken

Average Rating

8.4

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Authentication Systems (3rd)

Mindshare comparison

Cisco Identity Services Engine (ISE) and Fortinet FortiToken aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 27.1%, down 31.6% compared to last year.
Fortinet FortiToken, on the other hand, focuses on Authentication Systems, holds 6.5% mindshare, down 7.3% since last year.

Network Access Control (NAC)

Authentication Systems

Featured Reviews

SunilkumarNaganuri

Service Line Manager (Service Operations Expert) - Network Access Control at a pharma/biotech company with 10,001+ employees

Enhanced device administration hindered by complex deployment and security limitations

Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.

Read full review

Sachin Vinay

Assistant Manager-Networks at Amrita

Facilitates secure 2FA for admins, facilitates OTP generation, and enhances security

One suggestion is to develop a more user-friendly solution that is cost-effective so that a hardware-based solution can be provided to all users using VPN services or any configuration service requiring confidentiality. This would allow for broader distribution among a larger number of system admins and software engineers, which is currently not feasible with the existing hardware-only approach.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I like the logging feature."

"It has allowed us to pull in multiple authentication databases, then centralize them into a captive portal system."

"The core point is that Cisco ISE is the same globally compared to FortiAuthenticator. Whether I deploy in China, the US, South Africa, or wherever, I'm can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability."

"After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected."

"The most valuable feature is the visibility element, the ability for customers to be able to see what devices are actually on their network. Without a solution like ISE, they would have no idea what devices are connected to their network. It offers them the ability to authenticate devices via mobile."

"For my use cases, the in-depth troubleshooting into why a client can't connect or why they failed, is very valuable. I can go back to someone and say, 'Hey, it's not my network. It's their certificates or user error,' or something else."

"TACACS and .1X security are the most valuable features. TACACS acts for user control, so no one can authenticate to our network devices, and .1X is to validate that unauthorized devices are plugged into our network."

"We have seen ROI. It has done its job. It has protected us when we needed it to."

More Cisco Identity Services Engine (ISE) pros

"Fortinet FortiToken provides security and authenticates that the right external people are working with a company's system."

"The tool's support is the best."

"I appreciate that it provides comprehensive security. It is tailored to this specific purpose, and it excels in fulfilling this purpose."

"Its ease of use is most valuable. It is simple to use and can be deployed out-of-the-box. It is quite a mature product with all the required features."

"Their resolution time is timely, and they provide solutions efficiently."

"It provides me with the token so that I can do the Multi-Factor Authentication."

"Fortinet FortiToken has a lot of RADIUS functionality."

"FortiToken is available in a soft or hard token factor, so there's some flexibility in that. Beyond that, I would say it is a stable solution that has worked for us."

More Fortinet FortiToken pros

Cons

"The initial setup was a little bit complex. It's not that simple because it requires a lot of prerequisites for the solution to get a hold on."

"I'm working from China currently and the only real issue is that, within the country, there's some concern around Cisco and its ability to offer the solution for the long term. As the United States has banned the Huawei version in their country, we feel there may be retaliation in ours and Cisco will get banned as a countermeasure from the government. The future of Cisco in China is in question. Our local partners are worried about the situation."

"I'd like to see an easier way to upgrade to larger versions, as well as more best practices that are easier to locate on their support page."

"They should improve the upgrades. It's not easy to upgrade the solution."

"There should be a single button that can be pressed to dismiss all of the alarms at once."

"I'd like to see the logging be a bit more robust in terms of what it has baked in. If I want to do any in-depth searching, I have to export all the logs to an external platform like Elastic or LogRhythm and then parse through them myself. It would be nice if I could find what I want, when I want it, on the platform itself."

"The web interface needs improvement. The new web interface that they have is not as easy to manage and we find it to be very slow."

"It is too complex. It should be easy to use. We are not such a big team. We only have three engineers to work with this, and we don't use all of the functionality of the product. Its range of functionality is too wide for us, and this is the reason why we are thinking of switching to a more simple product. We have shortlisted a Microsoft solution. We have a big footprint for Microsoft products, especially in security. As a global strategy, we try to leverage to the maximum what is possible around Microsoft."

More Cisco Identity Services Engine (ISE) cons

"Maybe the price could be improved, and the integration could be better. But the integration is different from the authenticator side."

"The app could be improved so that you don't have to actually type in the code. It would be great if you can just do a prompt or push similar to the way Duo does."

"The solution could introduce a mobile application instead of a physical product."

"I'm not sure if it's already available, however, I wonder if there's an option to have it sent to my email address instead of having it on the mobile app."

"Fortinet support has some room for improvement. It has taken a long time to resolve some issues or find a workaround."

"It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality. They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer."

"The solution comes with two firewalls as a bundle. In that bundle, most of the individual users can be assigned to mobile users. However, in cases of technical difficulties, users may accidentally remove the mobile application. In normal scenarios, we get back to the activation key and assign it again."

More Fortinet FortiToken cons

Pricing and Cost Advice

"Hardware appliances are expensive...Now moving to DNA-styled licensing, we have subscription-based licensing for everything. I hope it will continue to be fair, but we will have to wait and see."

"I have complaints. I don't enjoy the licensing model. Once we moved from 2.7 to 3.1, switching from Base, Plus, and Apex to Essential and Advantage in Premier, we went from a perpetual, with our base licenses, to now a subscription-base. So, we will have to renew those licenses every year, and I'm not a fan of that for our base licenses. Apex/Premier, we already expected, which is fine, but for basic connectivity, I am not a fan of that."

"Standard licensing gives backup access and very few features, and then there's VM licensing - each VM we use needs to be licensed."

"It is fairly expensive and that's part of why we have implemented it in the type of 'hack' that we did, to service multiple clients."

"It is not that pricey."

"For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."

"Its price is probably good if you use all of its features and functionalities to protect your environment. If you use only a part of the functionality, its price is too high. It is just a question of value and the functionality you use."

"It has a fair price. It is better than it was before."

More Cisco Identity Services Engine (ISE) pricing and cost advice

"On a scale of one to ten, where one is the cheapest, and ten is the highest, I rate the pricing an eight."

"Although the platform is relatively expensive, it offers significant value. I rate the pricing a nine out of ten."

"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a six out of ten."

"Overall, it's cheaper than other solutions. Of course, we evaluated it five years back, and I haven't checked to see its current market position, but one reason we adopted FortiToken is its lower cost of ownership relative to other solutions we evaluated."

"I rate the tool's pricing a five out of ten."

"The solution’s pricing is moderate and reasonable."

"I would rate the pricing as an eight out of ten. We purchased the solution at a reasonable price in 2019."

"The platform's licensing cost is reasonable for our organization."

More Fortinet FortiToken pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.

See recommendations

842,690 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

27%

Computer Software Company

14%

Financial Services Firm

Government

Computer Software Company

18%

Financial Services Firm

Government

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?

Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...

See all answers

What are the main differences between Cisco ISE and Forescout Platform?

OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...

See all answers

How does Cisco ISE compare with Fortinet FortiNAC?

Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...

See all answers

What do you like most about Fortinet FortiToken?

The solution is simple and similar to Google Authenticator. It follows time-based authentication. We use it for hardware and software in one environment. The tool offers simple and fast authenticat...

See all answers

What needs improvement with Fortinet FortiToken?

I do not have any notes for improvement.

See all answers

What is your primary use case for Fortinet FortiToken?

I am using FortiToken for logging into the Fortinet hardware. I have four FortiGate hardware units. I am connected through a simulator on FortiToken.

See all answers

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE)

Compared 24% of the time

Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)

Compared 22% of the time

Forescout Platform vs Cisco Identity Services Engine (ISE)

Compared 11% of the time

CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)

Compared 6% of the time

Fortinet FortiAuthenticator vs Cisco Identity Services Engine (ISE)

Compared 4% of the time

More Cisco Identity Services Engine (ISE) Competitors

Fortinet FortiAuthenticator vs Fortinet FortiToken

Compared 26% of the time

Cisco Duo vs Fortinet FortiToken

Compared 23% of the time

Microsoft Entra ID vs Fortinet FortiToken

Compared 18% of the time

Yubico YubiKey vs Fortinet FortiToken

Compared 17% of the time

CyberArk Privileged Access Manager vs Fortinet FortiToken

Compared 2% of the time

More Fortinet FortiToken Competitors

Product Reports

Buyer's Guide

Cisco Identity Services Engine (ISE)

March 2025

Cisco Identity Services Engine (ISE) report

Download Cisco Identity Services Engine (ISE) product report

Buyer's Guide

Fortinet FortiToken

March 2025

Download Fortinet FortiToken product report

Also Known As

Cisco ISE

No data available

Overview

Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.

Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.

What are the key features of Cisco ISE?

802.1X Authentication: Supports network security for authorized device access.
Profiling: Identifies devices for accurate policy enforcement.
Posturing: Evaluates device compliance for access decisions.
TACACS: Streamlines network device authentication and authorization.
Guest Access: Provides secure access to visitors.
Microsoft Compatibility: Seamlessly integrates with Microsoft environments.

What benefits and ROI should be considered?

Security Enhancement: Offers strong network security policies.
Operational Efficiency: Centralized management improves operational aspects.
Improved Compliance: Ensures adherence to industry standards.
Scalability: Supports growing network demands effectively.

In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.

Cisco

As we've seen, passwords alone don't keep unwanted guests out of your network. Password-only authentication has led to security breaches, malware infections, and policy violations. With two-factor authentication, a password is used along with a security token and authentication server to provide far better security. Authorized employees can remotely access company resources safely using a variety of devices, ranging from lpatops to mobile phones.

Fortinet

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University

Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data

Buyer's Guide

Network Access Control (NAC)

March 2025

Download Free Report

Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: March 2025.

DOWNLOAD NOW

842,690 professionals have used our research since 2012.

We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.