Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Identity Services Eng...
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
142
Ranking in other categories
Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)
Symantec Privileged Access ...
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
52
Ranking in other categories
Privileged Access Management (PAM) (21st)
 

Mindshare comparison

Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 26.3%, down 31.4% compared to last year.
Symantec Privileged Access Manager, on the other hand, focuses on Privileged Access Management (PAM), holds 1.5% mindshare, down 1.5% since last year.
Network Access Control (NAC)
Privileged Access Management (PAM)
 

Featured Reviews

SunilkumarNaganuri - PeerSpot reviewer
Enhanced device administration hindered by complex deployment and security limitations
Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.
Krishnan Srinivasan - PeerSpot reviewer
Enhances credential management and relatively inexpensive but needs feature improvements
I work for a service provider company, and we implement Symantec Privileged Access Manager solutions for our clients, which include various banking and mining clients We have implemented both the remote access and credential management features. The agent-based credential management solution…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like that Cisco ISE is easy to use."
"It provides client provisions and profiling as well as guest access."
"The profiling model included is the most valuable feature."
"The WiFi portal in Cisco ISE is very useful for WiFi customers."
"There are a lot of integrations available with multiple vendors. This has made the solution easier to work with."
"Cisco Identity Services Engine (ISE) is very good at device administration."
"The RADIUS Server holds the most value."
"From a configuration point of view, it's simple."
"The agent-based credential management solution allows clients to programmatically use the agent to collect passwords during runtime from Symantec Privileged Access Manager."
"You can do A2A integration. You can have your own script, which can then run outside of PA to retrieve the password and perform other tasks."
"Comprehensive coverage of the required features for the PAM solution."
"The RDP-gateway: For limiting which server an operator can access."
"We have received good support from the tech support team."
"It's easy to use and easy to configure."
"One of the key things for us about the product is around its simplicity. Being able to put in the technology that allows the business to remove complexity and also allow the security improvements."
"Symantec PAM is easier to deploy compared to its competitors, such as BeyondTrust."
 

Cons

"There is room for improvement in CLI. Most things are done through the GUI, and there aren't many commands or troubleshooting options available compared to other Cisco products like switches and routers."
"They should improve the upgrades. It's not easy to upgrade the solution."
"The solution lacks properly knowledgeable support, especially internationally, and this is why I am exploring other applications."
"A main issue is that the upgrade process, over time, is extraordinarily fragile. Repeatedly, over the past several years, when we've tried to upgrade our Cisco ISE implementation, the upgrade has broken it. Ultimately, we have then had to rebuild it because we need it."
"Cisco ISE's real-time data analytics for database logging could be improved."
"Support and integration for the active devices needs to be worked on. Their features mainly work well with Mac devices. If we use an HP the Mac functionalities may no longer be able to deliver."
"The initial setup was a little bit complex. It's not that simple because it requires a lot of prerequisites for the solution to get a hold on."
"It would be helpful for us to know what needs to be deployed, configured, and what changes we need to make to our devices when we don't receive the specific login which is an indication of a lack of connection or incorrect configuration."
"The management console could be improved."
"They need to have zero tier and active-active setup ​with zero minimum downtime, which they are working on it. ​"
"They need to do a little bit more on the mainframe side.​"
"The service account management functionality needs to be extended to application pools, SQL database, PowerShell scripts, service account discovery, etc."
"I wish it could create local accounts on desktops."
"I’m no fan of Java as an application front-end, as it tends to have issues depending on what browser one’s using."
"They should include some assignments in the test environment to explore the product's features."
"Technical support was good when CA handled it. After Broadcom took over, it's not as good."
 

Pricing and Cost Advice

"There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs."
"The SMARTnet technical support is available at an additional cost."
"Cisco ISE's licensing can get pricey."
"That's where things got a bit more complicated. Previously, it was a one-time purchase and we just had to renew support. These days, there's a subscription model, which is supposed to be easier and cheaper as well, but it's more pricey"
"The price of the solution is price fair for the features you receive."
"I have complaints. I don't enjoy the licensing model. Once we moved from 2.7 to 3.1, switching from Base, Plus, and Apex to Essential and Advantage in Premier, we went from a perpetual, with our base licenses, to now a subscription-base. So, we will have to renew those licenses every year, and I'm not a fan of that for our base licenses. Apex/Premier, we already expected, which is fine, but for basic connectivity, I am not a fan of that."
"The recent changes in the licensing model have caused some issues with the team."
"For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."
"The licensing is simple and scalable."
"It is more expensive than other solutions on the market."
"I would prefer better licensing options for the 20-100 users we have at a given time."
"Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload."
"Cost-wise, CA was better compared to others in the market. ​"
"They offer per-device, per-user, or monthly and yearly licensing models."
"It is reasonably priced."
"Don’t go with an agent model. Don’t go with a model that has you buying a thousand different parts. Go with PAM that gives you everything, or you’ll just be paying costs of implementing another tool that PAM would have just given you up front."
report
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Computer Software Company
14%
Financial Services Firm
8%
Government
7%
Computer Software Company
17%
Manufacturing Company
16%
Financial Services Firm
13%
Comms Service Provider
12%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
What do you like most about Symantec Privileged Access Manager?
We can check the activities in the server for fragile files and documents in case of any issues.
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Symantec Privileged Access Manager is potentially cheaper than other solutions. I am not involved in the business side, so I do not have specific cost details.
What needs improvement with Symantec Privileged Access Manager?
Comparing Symantec Privileged Access Manager with market leaders like CyberArk and Delinea, CyberArk is the market leader. Delinea is better than Symantec Privileged Access Manager in terms of secu...
 

Also Known As

Cisco ISE
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
NEOVERA, Telesis, eSoft
Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: March 2025.
845,040 professionals have used our research since 2012.