

Portnox and Cisco Identity Services Engine (ISE) compete in the network access solutions category. Portnox seems to have the upper hand in terms of ease of use and simplicity, while Cisco ISE offers a comprehensive feature set and strong integration with Cisco's ecosystem.
Features: Portnox offers agentless device discovery, certification-based authentication, and seamless integration with Azure AD and Google Workspace. It provides extensive network visibility with minimal resource allocation. Cisco ISE includes granular policy management, consistent security enforcement, and integration within Cisco's ecosystem, offering comprehensive feature sets.
Room for Improvement: Portnox could enhance integration with specific third-party devices and optimize on-premise response times. Licensing improvements based on device count, expanding support staff, and better firewall integration could add value. Cisco ISE users suggest simplifying its licensing structure and system complexity, enhancing reporting and user interface, and improving non-Cisco network integration.
Ease of Deployment and Customer Service: Portnox is easy to deploy across environments, including on-premises, public, and hybrid clouds. It's praised for a simplified process and supportive customer service. Cisco ISE, mainly on-premises, is noted for initial complexity but post-deployment reliability. Portnox leads with responsive service, while Cisco's service is consistent but less flexible.
Pricing and ROI: Portnox is cost-effective, with flexible, transparent pricing without intermediaries, offering significant labor savings and attractive ROI, especially in cloud transitions. Cisco ISE is more expensive with high initial and maintenance costs, offering reliable security that justifies expenses in Cisco-integrated environments.
Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.
If I compare this to an on-premises environment using Cisco ISE or Aruba ClearPass, it would require phenomenally large teams for infrastructure management.
If you were moving from a traditional on-premise NAC that was 100% managed by the IT department, there would be great savings in going to a cloud-based NAC with Portnox.
By automating the device containment and remediation processes, we save countless hours weekly.
I rate the technical support as one out of ten.
Cisco support has pretty good teams for support and every time we had good answers and we could somehow solve the issues we had.
Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.
The main area needing improvement is the technical knowledge of support staff.
For very high severity issues where the entire office is non-functional, response time is within 30 minutes.
In terms of support, it is usually quite impressive. I usually get support in a matter of minutes or seconds, depending on the priority of the ticket.
Factors like architecture, business nature, and legal limitations such as GDPR affect it.
However, you can have some latency issues depending on where your devices are.
We have never had any challenge based on a customer who has 1,000 devices versus a customer who has 30,000 devices; the feel is the same.
Its infrastructure scales automatically in the background, eliminating concerns about capacity or backend upgrades.
It has a centralized cloud-based architecture, so we do not have to worry about other considerations such as local infrastructure or purchasing additional equipment.
Cisco Identity Services Engine (ISE) is considered very reliable and stable.
The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication.
Sometimes when we have upgrades or failovers with Cisco Identity Services Engine (ISE), we had some minor issues.
The product itself is available and its uptime is 100%.
In the four years that I used Portnox, if it crashed or the server crashed, that would not have been more than once.
If there is a version one and another version, the communication between the organization using it and Portnox should be firm so they can coordinate effectively.
The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE).
Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features.
They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases.
Ideally, we should be able to search for any MAC address in the database, regardless of its authentication status, to see all its associated groups and potential conflicts.
When I reach the technical support, they give solutions that do not help me much, so I try to search the internet for other users' experiences to find solutions.
When I'm doing filtering at times, it doesn't filter the items properly.
Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.
The license costs can range between $50,000 to $100,000 per year for enterprises.
Cloud solutions are expensive, while on-prem setups with shared environments are cheaper but not effective.
If you compare Portnox with all other well-known standard products, it is the cheapest.
The pricing is a bit high, possibly due to the cloud features and running instances across regions like the US, Asia, and Europe.
You are charged according to the number of users.
Cisco Identity Services Engine (ISE) offers authentication using RADIUS, enhancing network security by separating and segregating networks.
There is value because it helps us secure the network and prevents certain things from happening which could cause financial loss.
The adaptability of Cisco Identity Services Engine (ISE) policy enforcement can fit to the site we have depending on which kind of devices we have on site and then the needs for authentication, granting access and then assigning each device into its correct network for segmentation.
It's notable how Portnox has improved operational efficiency.
It is a very robust application because three teams use that part: the network team, the security team, and the support people.
It is possible to find the MAC address in the switch, but in Portnox, it is very useful to see the status of those ports, and that increases our security.
| Product | Mindshare (%) |
|---|---|
| Cisco Identity Services Engine (ISE) | 18.4% |
| Portnox | 7.2% |
| Other | 74.4% |

| Company Size | Count |
|---|---|
| Small Business | 45 |
| Midsize Enterprise | 32 |
| Large Enterprise | 91 |
| Company Size | Count |
|---|---|
| Small Business | 18 |
| Midsize Enterprise | 5 |
| Large Enterprise | 13 |
Cisco Identity Services Engine offers robust authentication, posture profiling, guest and secure access, and dynamic policy management. Known for its seamless integration with Cisco tools and network access control features, it ensures secure device and user authentication across networks.
Cisco Identity Services Engine is renowned for its capabilities in managing authentication, guest access, and policy management through segmentation. Its TrustSec functionality, alongside RADIUS and TACACS+ support, provides enhanced security, further augmented by its ability to operate in diverse environments. Its scalability and integration with Cisco solutions aid in maintaining network visibility and access control. Challenges include the complexity of initial deployments, somewhat cumbersome documentation, and limited integration in multi-vendor environments. While encountering issues in stability and updates, the demand for better analytics and straightforward troubleshooting alongside cost-effective licensing is notable.
What are the key features of Cisco Identity Services Engine?Industries implement Cisco Identity Services Engine primarily for network access control, ensuring secure authentication and segmentation in both wired and wireless environments. Supporting policies like bring-your-own-device and compliance standards, ISE manages identity-based access control, especially beneficial for entities that require detailed user rights management and integration within enterprise networks.
Portnox NAC is a cloud-native network access control solution built for today's hybrid, distributed enterprises. Get real-time visibility into every device on your network, enforce risk-based access policies automatically, and maintain continuous compliance — all without deploying a single on-premises appliance.
----------
About Portnox Security
Portnox is a cloud-native enterprise access control provider that helps organizations secure every identity - human and non-human - across networks, applications, and infrastructure. As identities, devices, and workloads multiply across modern environments, Portnox enables continuous access verification based on identity context, device posture, and risk signals. Its unified platform brings together passwordless authentication, access control, continuous policy enforcement, and automated response through a single policy engine.
Portnox gives security and IT teams real-time visibility into everything connecting and the ability to quickly restrict, quarantine, or revoke non-compliant access. Today, Portnox actively manages more than one million devices worldwide, secures 40 million authentication sessions, and blocks over one million unauthorized access attempts every day. Learn more at portnox.com.
CAPABILITIES:
• Discover and assess users, devices, and identities connecting to corporate resources
• Enforce risk-based access policies across networks, applications, and infrastructure
• Deliver passwordless authentication, device posture checks, and continuous access enforcement
• Control administrative access to routers, switches, firewalls, and other network devices
• Improve audit readiness with visibility, access logs, and policy-based compliance controls
BUILT FOR:
Portnox is designed for distributed organizations that need to manage access across employees, contractors, service accounts, managed devices, unmanaged devices, IoT, network infrastructure, SaaS applications, private applications, and AI agents. The platform helps reduce reliance on on-premises appliances, legacy VPNs, and fragmented access tools by centralizing access policy enforcement from a single cloud-native policy engine.
INTEGRATIONS:
Portnox integrates with the tools you already use (including Azure AD / Entra ID, Okta) and works with your existing network appliances, (such as Meraki, Fortinet, and more), and many other identity and network infrastructure tools.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.