Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs RedSeal comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Cisco Identity Services Eng...
Average Rating
8.2
Number of Reviews
139
Ranking in other categories
Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)
RedSeal
Average Rating
8.2
Number of Reviews
8
Ranking in other categories
Risk-Based Vulnerability Management (26th)
 

Featured Reviews

Rohit-Joshi - PeerSpot reviewer
Aug 3, 2023
Enables us to ensure that any machine that comes into the network is patched and secure
Posturing is the most valuable feature. There are other tools available that can do some of their other features, like network authentication. The posturing was something because of the nature of the industry that we are in. There are people who go outside for work. Their machines are at times not in the network, and not patched properly. We don't know when they're going to come back, whether it is in a good state, whether it has antivirus, whether it's installed on those machines. Posturing is something that we have made our baseline policy that whenever a machine comes back to our network, it should have a certain level of the operating system and a level of security and antivirus installed. We couldn't have done this posturing without Cisco ISE. This is its greatest feature. It does help me to detect and remediate my network. It enables me to detect any external threat that comes to my network and remediate. If a machine comes into my network that does not qualify per my baseline policy, I have a policy that the machine gets redirected to where it can be patched and remediated. I can ensure that it is fully patched and secure. The entire idea of having ISE is to enhance cybersecurity resilience. The zero trust architecture was coined by the cybersecurity team itself. It was a task given to us in the infrastructure space to see how we can bring resilience into the cybersecurity network and ISE was the solution.
Sajid Mukhtar - PeerSpot reviewer
Apr 3, 2021
Provides a graphical overview of our network and is easy to deploy, but needs a user-friendly interface and a feature for compliance audit policy
Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cisco ISE's profiling and posturing features ensure that all devices are compliant with regulatory authorities."
"The most valuable feature is 801.1x and another very good feature is the TACACS."
"The TACACS and RADIUS have been the most valuable features so far."
"The core point is that Cisco ISE is the same globally compared to FortiAuthenticator. Whether I deploy in China, the US, South Africa, or wherever, I'm can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability."
"It is stable and easy to use."
"Our clients like Cisco ISE because they already use various Cisco solutions. It's easy for them to use this solution because they have an engineer with Cisco certifications."
"The WiFi portal in Cisco ISE is very useful for WiFi customers."
"The most valuable features are the NAC and the bundles that are available with Cisco ISE, such as Cisco ACS being integrated."
"RedSeal integrates the network and gives us a visual or graphical overview of our network. If an organization is geographically dispersed, for instance, with one office in Canada and one office in the Philippines, the whole network, including all devices, is integrated into RedSeal, and you can see from where the traffic is going in and out."
"The most valuable features are network mapping and configuration."
"This is the only solution in the world that gives you a digital resilience score."
 

Cons

"Third-party integration is important, as well as the continuous adaptation feature which is the AIOps. It would be helpful to include the AIOps."
"The software is a little bit complicated to understand in the beginning, meaning the implementation. It needs proper documentation so that we can understand the options more easily."
"Difficult to figure out the protocols and nodes in order to implement correctly."
"Adding new devices was a little cumbersome. I haven't done it that many times, but I remember that adding new devices to the authentication piece of it was a little cumbersome. The way I was shown to do it, I thought it was odd because we had to go into the active device, copy the file down, export it, make some changes to it, and then reimport it as opposed to being able to click it and having a template to fill out."
"A main issue is that the upgrade process, over time, is extraordinarily fragile. Repeatedly, over the past several years, when we've tried to upgrade our Cisco ISE implementation, the upgrade has broken it. Ultimately, we have then had to rebuild it because we need it."
"A lot of people tell you the hardware requirements for ISE are pretty substantial. If you're running a virtual environment, you're going to be dedicating quite a bit of resources to an ISE VM. That is something that could be worked on."
"They should improve the upgrades. It's not easy to upgrade the solution."
"Cisco ISE has numerous features that are impractical, and I won't utilize them since they require payment."
"One of the areas of concern is the GUI. It is important to our customers that the GUI looks beautiful. It's a Java Client, so you have a Java dependency."
"The dashboard should be improved to make correlating data easier to do."
"Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus."
 

Pricing and Cost Advice

"This solution requires an annual license and it is a bit expensive than competitors."
"Over the years, licensing has been confusing and complicated because there are so many different licenses for each different product and each different iteration of the product."
"Its licensing could be improved. It used to be perpetual, but now they are moving away from that."
"For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."
"I think licensing costs roughly $2,000 a year. ISE is more expensive than Network Access Control."
"If you're not going through an agreement, it's very expensive."
"The licensing can be confusing, but it is still pretty good."
"Cisco is expensive, but it's the cost for all the functions and value it brings. Functions like internet solutions, integrations, security, and many more features are important, but it's expensive for some clients."
"The pricing is based on the number of endpoints and devices, and we have seen it range from mid-five figures to low six figures."
report
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Computer Software Company
16%
Financial Services Firm
7%
Government
7%
Government
22%
Computer Software Company
12%
Financial Services Firm
10%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
Ask a question
Earn 20 points
 

Also Known As

Cisco ISE
No data available
 

Learn More

 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
United States Postal Service, Pacific Gas and Electric Co., Interval International
Find out what your peers are saying about Cisco, HPE Aruba Networking, Fortinet and others in Network Access Control (NAC). Updated: October 2024.
814,649 professionals have used our research since 2012.