Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs One Identity Manager comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.4
Cisco Identity Services Engine enhances security, reduces breaches, ensures compliance, simplifies management, and consolidates systems for cost savings and efficiency.
Sentiment score
7.7
One Identity Manager boosts productivity and ROI by automating processes, reducing costs, and enhancing security and compliance.
Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.
Without it, we would need thousands of additional people.
If you do not see it as purely an Identity Management tool but as a possibility to automate processes in the company, it provides a huge amount of value.
The return on investment in compliance is clear because inadequate identity management can result in substantial financial penalties for data breaches.
 

Customer Service

Sentiment score
5.9
Cisco ISE support is praised for knowledge and responsiveness, yet occasionally inconsistent with integration and follow-up challenges.
Sentiment score
6.8
One Identity Manager customer service is generally good with variation in expertise and response times based on support levels.
I rate the technical support as one out of ten.
Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.
If you have outages or critical production problems, you can count on the manufacturer to help resolve the situation.
If I raised a request while they were active, I received responses within an hour.
After submission, they contact the product team, which often takes one or two months to respond.
 

Scalability Issues

Sentiment score
7.3
Cisco Identity Services Engine (ISE) offers high scalability, supporting large deployments and enterprise expansions despite hardware and setup challenges.
Sentiment score
7.4
One Identity Manager excels in scalability and adaptability but faces performance challenges with large datasets and specific environments.
Factors like architecture, business nature, and legal limitations such as GDPR affect it.
We could handle about 1,00,000 records for different users.
We are hosting it centrally in Switzerland.
It is scalable.
 

Stability Issues

Sentiment score
7.7
Cisco ISE is highly reliable and stable, though larger deployments may experience occasional performance and configuration challenges.
Sentiment score
7.3
One Identity Manager is stable and efficient but requires proper implementation to avoid issues, especially with customizations.
Cisco Identity Services Engine (ISE) is considered very reliable and stable.
The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication.
I would rate it a nine out of ten for stability.
Specifically affecting the test and development environments, not the production environment.
One Identity Manager has improved in terms of performance and added functionality.
 

Room For Improvement

Cisco Identity Services Engine requires improved integration, user interface, documentation, compatibility, and management efficiency to enhance user experience.
One Identity Manager requires UI enhancements, better documentation, improved performance, and streamlined processes for an intuitive user experience.
The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE).
Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features.
They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases.
This lack of 24-hour support is problematic from a testing and development standpoint.
It is crucial for them to expand their support team to match their product's success.
In terms of providing a single platform for enterprise-level administration and governance of users, data, and privileged accounts, One Identity is not yet there.
 

Setup Cost

Cisco ISE offers three pricing tiers, with high costs and complex licensing, but provides extensive features and potential discounts.
One Identity Manager offers competitive pricing for enterprises, being cost-effective compared to SailPoint and IBM, with customizable options.
Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.
The license costs can range between $50,000 to $100,000 per year for enterprises.
Cloud solutions are expensive, while on-prem setups with shared environments are cheaper but not effective.
On-premises might incur higher costs.
We have a good enterprise license agreement, and we are very happy with what we get for the price we pay for it.
On-premises, it is cheap.
 

Valuable Features

Cisco ISE enhances network security with integration, 802.1X authentication, policy management, ease of use, and strong access control.
One Identity Manager simplifies configuration and customization, supporting seamless integration, robust security, role-based access, and efficient automation.
Cisco Identity Services Engine (ISE) offers authentication using RADIUS, enhancing network security by separating and segregating networks.
The solution is integrated with other Cisco devices and can offer automation for an organization, making deployments more dynamic and providing real-time visibility.
Cisco Identity Services Engine (ISE) is very good at device administration.
It ensures high security through multiple approval processes, preventing unauthorized access and enhancing compliance by providing time-based access for privileged accounts with proper audit trails.
It continuously monitors user behavior in real-time, triggering automated responses, and manages secure access for both on-premises and cloud applications using protocols such as SAML.
Once you have some experience, it demonstrates best practices and guides you on the correct way to use the tool.
 

Categories and Ranking

Cisco Identity Services Eng...
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
142
Ranking in other categories
Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)
One Identity Manager
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
116
Ranking in other categories
User Provisioning Software (2nd), Identity Management (IM) (3rd)
 

Mindshare comparison

Cisco Identity Services Engine (ISE) and One Identity Manager aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 26.3%, down 31.4% compared to last year.
One Identity Manager, on the other hand, focuses on Identity Management (IM), holds 6.4% mindshare, up 6.2% since last year.
Network Access Control (NAC)
Identity Management (IM)
 

Featured Reviews

SunilkumarNaganuri - PeerSpot reviewer
Enhanced device administration hindered by complex deployment and security limitations
Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.
Dnyandev Garad - PeerSpot reviewer
Offers a user-friendly experience with an intuitive interface and makes customization a breeze
With centralized user management, data is effortlessly pulled from various systems like SOAR and HR, simplifying user creation and data maintenance. This allows for easy user editing, role assignment based on HR attributes or department affiliation, and streamlined account allocation based on review levels, departments, or the entire organizational structure. Our Access Control in One Identity Manager is 99 percent automated saving us nearly 100 percent of our time. One Identity Manager simplifies SAP administration by providing a centralized view of even logically disconnected SAP accounts. It offers a flexible helpdesk approach. We can either leverage its built-in model or create our own UI accessible to specific teams based on their applications. This ensures each team sees only relevant tickets for their area, streamlining access management for disconnected applications. One Identity Manager can connect SAP accounts to employee identities under governance. One Identity Manager simplifies Identity Governance and Administration for SAP, a complex system to manage in this regard. It empowers us to effectively manage SAP profiles, roles, and groups, ensuring their proper assignment to corresponding SAP accounts. The solution delivers SAP-specialized workflows and business logic. One Identity Manager integrates with its Privilege Access Management solution to provide more granular control. This means we can define different account types within One Identity Manager, such as normal, admin, and privileged accounts. By assigning privileged access only to designated accounts, we can restrict access and permissions and enhance overall security control. One Identity Manager offers a user-friendly experience with an intuitive interface. It even provides a webshop for end users, allowing them to easily request new roles or accounts in various systems with a simple two-click process. Having the right resources makes customization a breeze. While understanding customer needs and translating them into technical specifications requires some processing upfront, One Identity's suite of tools simplifies the actual back-end work. From drag-and-drop interfaces for workflows and reports to scripting and C# coding supported by existing SDKs, customization options cater to all users. This dynamic application provisioning solution uses business roles to map our company's organizational structure. In other words, access to applications is determined solely by our assigned role within the company hierarchy. This role-based approach ensures users only receive the permissions they need based on their specific function, preventing unnecessary access. One Identity Manager streamlines our cloud governance by providing a centralized platform to manage user access permissions across all connected cloud applications. This eliminates the need for individual provisioning for each app, ensuring efficient authorization control. We have significantly improved our compliance posture with One Identity Manager. Previously, auditors identified numerous findings during manual audits, requiring extensive time and resources to address. With One Identity Manager, we've automated the onboarding, offboarding, and joiner processes, achieving a 95 percent closure rate on audit points. This centralized solution streamlines the auditor experience, allowing them to efficiently obtain information from the IAM team, saving both the organization and auditors valuable time. We have minimized inconsistencies in how our governance policies are applied across test, development, and production environments. One Identity Manager helps us create a privileged governance stance to close the security gap between privileged users and standard users by managing those accounts separately. This segregation prevents unauthorized access, as standard accounts cannot hold privileged rights and vice versa. This clear separation helps to close the security gap between these user types. One Identity Manager streamlines our procurement and licensing processes, allowing our initially large operations team to focus on more strategic tasks. By automating license management for connected applications like SAP and Azure Active Directory, the solution eliminates the risk of human error – forgotten access removals for unused licenses are a thing of the past. Now, licenses are automatically assigned and reclaimed based on user activity, ensuring efficient resource allocation. This means new hires receive immediate access, and vacated licenses become readily available, freeing the operations team from manual license management headaches. One Identity Manager streamlines application access decisions by automating the provisioning and de-provisioning of user access based on HR data. This eliminates manual intervention and delays for both HR and department personnel. When an employee changes departments, their access permissions are automatically updated in the identity management system, granting them the necessary tools to perform their new duties immediately. It also streamlines the automation of identity and access controls, making it easier to implement a zero-trust security model where every user and device is verified before granting access. While our audit processes were once cumbersome, requiring auditors to chase down reports from individual SAP administrators, everything is now centralized. One Identity Manager stores all application and database information in a single location, streamlining reconciliation efforts.
report
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
27%
Computer Software Company
14%
Financial Services Firm
8%
Government
7%
Computer Software Company
17%
Financial Services Firm
14%
Government
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
What do you like most about One Identity Manager?
The One Identity birthright process has helped generate user accounts more accurately and quickly.
What is your experience regarding pricing and costs for One Identity Manager?
Pricing depends on licensing models, such as per-user licensing and feature-based pricing. Additional models like governance, provisioning, and reporting increase costs. Cloud or on-premises models...
What needs improvement with One Identity Manager?
It can have a clearer navigation map of the user interface and user provisioning. The documentation lacks step-by-step details on common tasks like creating roles, running action reviews, and versi...
 

Also Known As

Cisco ISE
Quest One Identity Manager
 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
Texas A&M, Sky Media, BHF Bank, Swiss Post, Union Investment, Wayne State University. More at OneIdentity.com/casestudies
Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: March 2025.
844,944 professionals have used our research since 2012.