Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Identity Services Eng...
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
142
Ranking in other categories
Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)
Symantec Privileged Access ...
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
52
Ranking in other categories
Privileged Access Management (PAM) (21st)
 

Mindshare comparison

Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 26.3%, down 31.4% compared to last year.
Symantec Privileged Access Manager, on the other hand, focuses on Privileged Access Management (PAM), holds 1.5% mindshare, down 1.5% since last year.
Network Access Control (NAC)
Privileged Access Management (PAM)
 

Featured Reviews

SunilkumarNaganuri - PeerSpot reviewer
Enhanced device administration hindered by complex deployment and security limitations
Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.
Krishnan Srinivasan - PeerSpot reviewer
Enhances credential management and relatively inexpensive but needs feature improvements
I work for a service provider company, and we implement Symantec Privileged Access Manager solutions for our clients, which include various banking and mining clients We have implemented both the remote access and credential management features. The agent-based credential management solution…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The biggest value of ISE is that it can get so granular with gaming systems, versus IoT and BYOD."
"RADIUS is the best feature because it supplies authentication to our entire campus."
"The solution cuts down on the repercussions of getting malware or ransomware."
"Having access and being able to add people or change authentication yourself is nice. In the past, we've used other group authentication services, and we always had to go to them and get permissions. Having that control is key."
"The product is stable."
"It does a good job of establishing trust for each access request, no matter the source. It's also very effective at helping with the distributed network and at securing access."
"At the moment, ISE seems to integrate very well with a number of other technologies."
"The endpoint profiling feature is among the most valuable because it keeps me from having to manually maintain a MAC address bypass list to track endpoints. I can have ISE profile them for me and then put them in the right bucket."
"We found that the architecture is scalable and very resilient."
"CA PAM is working well for us."
"It's easy to use and easy to configure."
"The DB clustering is a really good benefit of using CA PAM."
"The product is very scalable in terms of concurrent sessions that it can handle at a time, number of device it can support, accounts that it can manage, or number of nodes that you can deploy in a cluster."
"Password Management and Session Recording. The simplicity and ease that it is to be up and running out-of-the-box is very much appreciated."
"Symantec PAM is easier to deploy compared to its competitors, such as BeyondTrust."
"It gives you list of servers, so you can see which users have access to which servers. This is really useful, so we can make sure nobody is getting extra access than what is needed."
 

Cons

"We face many bugs."
"Some of ISE's features need to be more agile. For example, we couldn't integrate our data because Cisco needs your data to be in its own format."
"Some of the reporting could be improved."
"With the recent release of the solution, we had a bunch of bugs and we had to delay our deployment. Other than that, the solution is good."
"The ISE software needs to be improved so that it is easier to administer."
"ISE is a little clunky. The front-end feels like it is from the 1980s."
"The user interface could be more user-friendly."
"I'd like to see an easier way to upgrade to larger versions, as well as more best practices that are easier to locate on their support page."
"Instead of just giving passwords to the user based on job function, from auditing perspective, turn that cycle around. That would really help from an auditing standpoint."
"Broadcom has neglected product development since acquiring Symantec, and nothing major has been added to PAM."
"The setup is complex."
"The response time for support could be faster. Some features should be added: cloud-based, VPN-less, more secure, and it should be adjusted in a hybrid environment."
"They need to do a little bit more on the mainframe side.​"
"They need to have zero tier and active-active setup ​with zero minimum downtime, which they are working on it. ​"
"I wish it could create local accounts on desktops."
"What I hope happens with the new product CA PAM is to keep all the useful features that exist in PA, but what I’ve noticed with many new products is the UI gets polished but systems lags stability and performance or it adds additional complexity instead of simplifying the user experience."
 

Pricing and Cost Advice

"The price is okay."
"It is not that pricey."
"According to my sales and account team, the prices we're getting are pretty good."
"I am not aware of the current price for Cisco ISE, but considering it is a Cisco product, it is likely to be quite high."
"It's damn expensive and the licensing is terrible... If you have perpetual licenses on 2.7 and you upgrade to 3, you are forced to go with Essentials. That is one of the issues that I'm seeing with my clients now."
"Cisco ISE's licensing can get pricey."
"Cisco is expensive, but it's the cost for all the functions and value it brings. Functions like internet solutions, integrations, security, and many more features are important, but it's expensive for some clients."
"The price for Cisco ISE is high."
"The version we are using is affordable compared to BeyondTrust, which is maybe three to four times as expensive, but it depends on the features."
"They offer per-device, per-user, or monthly and yearly licensing models."
"The licensing is simple and scalable."
"I would prefer better licensing options for the 20-100 users we have at a given time."
"Cost-wise, CA was better compared to others in the market. ​"
"It is more expensive than other solutions on the market."
"Pricing is fair compared to other top vendors."
"Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload."
report
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
27%
Computer Software Company
14%
Financial Services Firm
8%
Government
7%
Computer Software Company
17%
Manufacturing Company
16%
Financial Services Firm
13%
Comms Service Provider
12%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
What do you like most about Symantec Privileged Access Manager?
We can check the activities in the server for fragile files and documents in case of any issues.
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Symantec Privileged Access Manager is potentially cheaper than other solutions. I am not involved in the business side, so I do not have specific cost details.
What needs improvement with Symantec Privileged Access Manager?
Comparing Symantec Privileged Access Manager with market leaders like CyberArk and Delinea, CyberArk is the market leader. Delinea is better than Symantec Privileged Access Manager in terms of secu...
 

Also Known As

Cisco ISE
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
NEOVERA, Telesis, eSoft
Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: March 2025.
842,767 professionals have used our research since 2012.