Service Line Manager (Service Operations Expert) - Network Access Control at a pharma/biotech company with 10,001+ employees
Real User
Top 10
2024-11-13T11:44:24Z
Nov 13, 2024
For small setups and if the backend infrastructure is Cisco-based, Cisco Identity Services Engine (ISE) is suitable. However, for large organizations with mixed infrastructure, other solutions should be considered. I would rate it four out of ten based on my experience from the last year.
Cisco ISE is a powerful and feature-rich solution, particularly well-suited for medium to large enterprises with complex network environments. However, its complexity and cost may be challenging for smaller organizations or those with limited IT resources. I'd rate Cisco ISE around 8-9 out of 10. If you lack in-house expertise, consider using Cisco's professional services for implementation.
We recommend it to our customers. Cisco ISE provides authentication for various applications. It can integrate with other applications to manage access, including Privileged Access Management for those applications. For a comprehensive environment, Cisco ISE should be able to integrate and provide asset management for an IT organization or any organization. Overall, I rate the solution an eight out of ten.
Director, Information Technology Solutions at a healthcare company with 5,001-10,000 employees
Real User
Top 20
2024-05-07T11:03:00Z
May 7, 2024
The solution's compliance and policy enforcement capability has benefited our organization by simplifying work. The solution operates in the background, and users generally don't interact with it. Cisco ISE is the security framework layer between network resources and end users using them. Users do not go into Cisco ISE to do anything. It's like Active Directory for Identity. If you're an end user, you don't work in Active Directory, but you authenticate Active Directory to use resources on the network. The same applies to Cisco ISE, and users don't interact with it directly. They are affected by it to the extent to which they are accessing network resources. Cisco ISE has a very comprehensive integration suite and we did not face a lot of challenges in integrating this solution with other security tools. If they know how to use it, I would recommend the solution to other organizations with similar security needs. Overall, I rate the solution an eight out of ten.
I would like to advice that Cisco ISE is a reliable and stable solution although it is not very easy to use. They should work on integrating the solution with other platforms. Overall, I will rate the solution an eight out of ten.
We are partners. A lot of customers are using Cisco’s infrastructure. The product can be integrated easily. We have faced a lot of issues while integrating other tools. Overall, I rate the solution an eight out of ten.
Learn what your peers think about Cisco Identity Services Engine (ISE). Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
We must check the compatibility with the other device before using Cisco ISE. Fortinet or Palo Alto provides integration to another device. The solution has medium maintenance. Overall, I rate the solution a nine out of ten.
Network Engineer at a university with 1,001-5,000 employees
Real User
Top 10
2023-08-03T10:52:00Z
Aug 3, 2023
In terms of ISE for end-to-end security, it's our primary tool right now for that. It's hard to compare with other applications or hardware. Sometimes there are limitations, for example, we use it for wireless only. We don't do anything with ISE or 802.1X on the wire, which is something we'd like to do, but we're hesitant based on our experiences with the wireless side in terms of the slowness. On a scale from one to ten, I give Cisco ISE an eight. Primarily because it seems like it's doing a pretty decent job managing our wireless connections. And there are enough tools in the GUI interface that give us feedback on performance. It's been a pretty decent install for us.
Data Engineer at a healthcare company with 5,001-10,000 employees
Real User
Top 20
2023-06-15T12:43:00Z
Jun 15, 2023
In terms of detection and remediation of threats, it wouldn't detect anything. If we integrated it with other products, it could cut certain clients off from the network, but we haven't gotten that far yet. It hasn't helped to free up our IT staff. It has probably consumed more time. I don't have a lot of familiarity with other products, so I'd rate it a six out of ten.
Network Technical Lead at a energy/utilities company with 10,001+ employees
Real User
Top 10
2023-06-15T12:37:00Z
Jun 15, 2023
It hasn't helped to free up our IT staff. Our IT staff is already very limited anyway. We've always worked smart and don't work where we don't have to work. For example, in 2019, we were more than 60. There are 14 of us now, and we still do the same amount of work. Cisco ISE hasn't contributed to less workload. We do it with automation. We have a lot of Linux, so we do automation on all of our stuff. Overall, I'd rate Cisco ISE an eight out of ten.
IT Systems Engineer at Pierce County Information Technology
Real User
Top 10
2023-06-15T10:48:00Z
Jun 15, 2023
I give Cisco ISE a ten out of ten. Cisco ISE is a great tool. It integrates well with Active Directory and numerous other components. The solution has become a fundamental part of our network and I recommend Cisco ISE to others who are looking to improve their cybersecurity.
I would rate Cisco ISE a nine out of ten. Despite the fact that the solution offers numerous features, it is challenging to use. We do not rely solely on Cisco ISE to secure our infrastructure from end to end. Instead, we utilize various tools such as McAfee, DLP, and Endpoint Security. Additionally, we have the Domain client to check for any breaches. On our Internet edges, we perform SSL offload to enhance the performance of security projects like WAF and IPS, as well as conduct full packet scans. Furthermore, we have NGFW and NG Networks in place. Cisco ISE is an important component in protecting our environment because it enforces security against the main point of vulnerability, which is accessing workstations. Ransomware infiltrates a network through workstations. The policies implemented are based on the posture model, ensuring that we use the necessary products on our network to mitigate such risks. I was not involved in the initial setup, but testing the implementation of a new feature is always challenging. We need to allocate time to test it with the security team and the network team. Additionally, we need to create a separate environment to gain a better understanding of how we can improve the performance of the solution within our network. For organizations that do not have the funds to purchase Cisco ISE, there are good open-source solutions available. These include TACACS servers, OpenLDAP, and FreeRADIUS. However, Cisco ISE is an excellent tool for enhancing all the existing tools within an organization.
Network Analyst at a mining and metals company with 10,001+ employees
Real User
Top 20
2023-06-15T10:40:00Z
Jun 15, 2023
I rate Cisco ISE a nine out of ten. From a user's perspective, Cisco ISE is seamless. It is extremely helpful as it reduces the amount of work required to access and control device permissions. Our organization is a major Cisco partner, and it is logical for us to increasingly integrate Cisco products into our environment.
A lot of the apects that needs to be improved in the product has already been done in the 3.0 version, including HTML5 and integrations with other cloud products like Azure and Intune. I just haven't upgraded yet. They are doing a good job of keeping up with new technologies. I have a small team, and it's hard to keep up with products. With our dot1x, we've seen situations where people have inadvertently plugged their own PC into the port, and the port shuts down. We instantly know that the port got shut down. It's been great. I haven't found another product that can do it as well and as easy to set up as the implementation of dot1x. The solution has freed up the IT staff’s time a little bit, but it also created more work in a good way. It has created more work in Cisco because now we're doing segmentation. We're taking dot1x to the next level and closer to moving towards a zero-trust network. The Cisco team gets access to the servers after authentication. We've done a lot of research on zero-trust networks. I work for a research company, and we've been looking at ways to do it. Historically, we have done segmentation by identifying groups of servers and locking them down. This process is challenging to manage. While setting up micro VLANs, we can provide role-based access instead of just putting applications on server pools and wondering who gets what access. If user A needs to be able to update their personal information because they got a new phone number, they need access to the HR system to do that. The HR people need to be able to see all their review records. However, user C doesn't need to see anything that user A is doing. That is what we are looking for. We want zero trust so that an individual has access to what that individual needs to be able to do and nothing more and nothing less. We had been running two other RADIUS servers just because they worked better with the product that we brought in. Cisco Identity Services Engine is more configurable, especially on ports. So, we were able to get rid of the other two RADIUS servers. We don’t have to pay service contracts for them, and there are no more upgrades. Now, we have one suite that we focus on. The mean time for issue resolution has drastically reduced. Everybody's looking at the same pane, the network team and InfoSec. As soon as they see something blocked, if we're not already investigating it, they're investigating it. We get to share the responsibility with multiple groups with the same end goal. It has tied the team together and made things a lot easier. I have a small team. I have seven sites and seven people. And if I applied one person to each one, we could watch it. Our InfoSec group, who's watching all their logs from the external firewalls, would watch that. With Cisco Identity Services Engine, we must have saved 100s of hours over the year. If something comes up, two groups almost instantaneously open a chat and start working on it. We know that our escalations are blocked on time. The amount of cleanup that we've had to do from malicious devices is down to almost nil. The solution has helped our organization to improve its cybersecurity resilience. We see malicious or unknown devices and react to them. We see known devices come in with outdated software. Everything gets addressed as soon as the user connects. It all comes together. Spend some money on classes and not on just who you think is going to lead your project. Get your whole team involved. If you are from the networking side, ensure your InfoSec team is included, and vice versa. The tool has so many capabilities that you will feel overwhelmed, but it becomes easier once the pieces start coming together. We had two other RADIUS servers. When we moved to Cisco Identity Services Engine, we were on Cisco ACS. Not many people offer the granularity that Cisco does because it's the main protocol for authenticating on devices. Cisco SD-WAN’s support still needs more learning. Cisco ThousandEyes started the same way. They have improved in the last two years. They're up to an eight out of ten now. Before, I didn't even want to talk to them. We love the product. We're expanding our cloud and looking at deploying the product on a hybrid cloud. However, we've got to get done with SD-WAN first. Overall, I rate the solution a ten out of ten.
Principal Consultant at a computer software company with 1,001-5,000 employees
Consultant
Top 20
2023-06-15T10:17:00Z
Jun 15, 2023
Our customers are using Cisco ISE, but we're helping to integrate it into their solutions. The end-to-end infrastructure security from Cisco AnyConnect host points is very good. Cisco ISE has helped free up our customer's IT staff to concentrate on other projects. In the UK, where I predominantly work, a lot of the NHS staff have a lot of access switches located throughout multiple buildings. Cisco ISE probably frees up at least twenty percent of their time. Our customers can use Cisco ISE for device administration for TACACS, RADIUS devices, and individual host appliances. The migration from ACS to Cisco ISE has helped. Some of our customers were looking at various MAP implementations using different vendors, but we've now got I 2.1 X and MAM all built-in together. Cisco ISE's ability to consolidate tools or applications has centralized everything and made things a lot easier and smoother for our customers to carry out their day-to-day tasks. Cisco ISE has helped improve the cybersecurity resilience of our customers' organizations. We've always been able to integrate Cisco ISE into other products. So they're getting more security alerts, making them a lot more secure and happy with their environment. Overall, I rate Cisco ISE an eight out of ten.
Network Engineer at a financial services firm with 201-500 employees
Real User
Top 20
2023-06-15T10:03:00Z
Jun 15, 2023
It's a very good tool for security. It's a lot of work to initially set up, but once it's set up, it's pretty easy to use. It hasn't yet saved the time of our IT staff. It's still fairly new, so we haven't had much time to use the product fully. It has only been a year since we started using it, so it's still pretty new. Overall, I'd rate Cisco ISE a nine out of ten.
Network Engineer at a energy/utilities company with 1,001-5,000 employees
Real User
Top 10
2023-06-15T10:00:00Z
Jun 15, 2023
To someone researching this solution who wants to improve cybersecurity in their organization, I'd say that make sure you know what you're getting into. Understand and have a good plan going into it and have operational support for not just networking, but also help desk and other IT teams before deploying this solution. I don't know if Cisco ISE has saved us any time because it's an enhancement to our security that we didn't have before. It probably takes a little more time than not having it. Having no security is super easy because you don't have to worry about anything, but if you have any security product, you have to do work to support that. Overall, I'd rate Cisco ISE an eight out of ten.
I give Cisco ISE a nine out of ten. Cisco is continuously improving its products. There are so many features that we're not even using in Cisco ISE. So we use what is relevant for our own use case. I recommend that individuals conducting research on the solution take a thorough look at 802.1X and gain a comprehensive understanding of how it can offer the desired level of security. We utilize Cisco throughout our environment and chose ISE due to our familiarity with all of Cisco's products.
Senior Network Officer at a financial services firm with 1,001-5,000 employees
Real User
Top 20
2023-06-14T12:31:00Z
Jun 14, 2023
My main focus is on the .1X access. We have another security team whose focus is on VPN access. I use Cisco ISE for TechX authentication and .1X authentication. Cisco ISE saves us time. If you deploy any security features using Cisco ISE, you don't have other options not to automate it. Part of our Cisco ISE is integrated with the Cisco DNS center. The Cisco DNS center saves time in terms of configuration, integration, upgrading, and adding other switches to the fabric. You can deploy the features in Cisco ISE using manual techniques. Cisco ISE was already deployed in my organization when I joined. However, I know that Cisco ISE replaced ACS. I work in the banking industry. Our main concern is securing our network from either remote or on-site access. When you get physical access to the site and connect your device, you might risk the security of the network on purpose or unknowingly. Deploying Cisco ISE has helped improve the security of our organization. Overall, I rate Cisco ISE a nine out of ten because I have a very good experience with the solution and hear the same from other vendors.
Engineering Lead at Canadian Broadcasting Corporation
Real User
Top 10
2023-06-14T12:27:00Z
Jun 14, 2023
Sometimes, the Cisco guys disagree about it, but other than that, the Cisco guidelines are clear and concise enough. Cisco ISE helps to secure our infrastructure from end to end so we can detect and remediate threats. The solution does what it's supposed to do. Cisco ISE has saved a little time for our organization. Since Cisco ISE is a more robust solution, it has helped our organization improve its cybersecurity resilience. Before implementing Cisco ISE, you should look into it in-depth on how it can be used, how it can be integrated with existing tools, and how your staff can be trained to troubleshoot it. The solution has its pitfalls, and when it breaks, it can break heavily. So be aware before you deploy it. Overall, I rate Cisco ISE a seven out of ten.
Network Engineer II at a healthcare company with 10,001+ employees
Real User
Top 20
2023-06-14T12:07:00Z
Jun 14, 2023
I give Cisco ISE an eight out of ten. Without knowledge of how the other implementations or competing offerings function, I believe Cisco ISE performs admirably in its intended role. Moreover, I am aware that without it, we would encounter significantly greater challenges. Therefore, I consider it to be great. Our organization utilizes Cisco products extensively, which, in my opinion, is the reason behind the organization's decision to choose Cisco ISE. I believe we would have a much more open network if it weren't for Cisco ISE. We would be restricted to only using PSKs, and we wouldn't have a true understanding of what our residents are connecting to the network. I think that's likely the most significant aspect of the implementation.
Sr Network Consultant at CAE Technology Services Limited
Consultant
Top 10
2023-03-30T21:04:00Z
Mar 30, 2023
I've worked with customers who have used Purple Portal, for example, for their guest wireless access. In comparison to using Cisco ISE, Purple Portal adds an extra layer of complexity on all their guest networks running through a third party. This means that the customer will not have as much visibility into their guest users or control over what their guests see when they join the Wi-Fi network. With Cisco ISE and the way the policies are built, it gives you a lot of freedom. It covers a wide range of potential solutions. Because each bit can be built together modularly, you can build anything with it. Therefore, Cisco ISE applies to so many different applications. On a scale from one to ten, I would rate Cisco ISE at eight because it is a complex product and requires more technical ability to deploy it, though it fits many more solution requirements.
Network Security Engineer at Kooperativa pojistovna, a.s., Vienna Insurance Group
Real User
2022-08-05T05:51:00Z
Aug 5, 2022
[When it comes to eliminating trust from our organization's network architecture] I'd say, no, ISE hasn't done that. It's been a challenge to implement this. We're trying to bridge the gap between the security guys and network guys. They're not the same teams. Sometimes the security guys also do networking, but it can be hard to cooperate on projects like this. This is a big project. ISE is a pretty big solution and security guys are sometimes lost in what's going on in the network, like equipment where you have to configure things. It's pretty much the most resilient solution as of now. I like this solution a lot. I would say it's a nine out of 10.
In terms of eliminating trust from network architecture, ISE can do so when it's implemented correctly. There are still certain functions of ISE where you have to be diligent in making sure that if a user is plugging into a network port, that that port is set up to use ISE for authentication. It's kind of a two-way street. It's a great tool, but you have to set it up correctly. You have to make sure that it's doing what you've intended it to do. When you do that, it's great for that. We don't have any issues with that and it's definitely an integral part of our network. The advice I would give people is to decide what you are looking for in terms of your AAA. Are you looking for a secure way to authenticate VPN users, users logging in for WiFi, for wired access? Something I don't use at my organization is the Guest Portal, but I know ISE has a pretty considerable catalog for deploying guest portals, for device onboarding, and posture assessment. If those are all the things you're looking for, the features, I would definitely recommend ISE.
To leaders who want to build more resilience within their organization, I would say that it's definitely worth moving toward a zero-trust environment. It's really a rebranding of an old concept of least privileged access, but the tools we have to implement it, such as Cisco ISE and firewalls, at the core and the ability to broker it out to the cloud as well, give us a lot more visibility and a lot more control over the traffic and our data, which is our biggest asset. If you're evaluating the solution, pick two to three use cases, stick with those, and familiarize yourself with the solution. Try not to get overwhelmed with the interface, and don't try to see everything it can do and let it spin out of control; it's easy to do that. Just start with something you really need to implement and then worry about adding more features later on. On a scale from one to ten, I would rate Cisco ISE at nine.
Make sure you have everything ready, including all your information. Make sure you know what you will profile and what will come on your network. Get hardware nodes versus the VMs. You definitely want resilience. You want to keep everything protected, especially in the day and age that we live in now. Information is power. Keeping our customers' and patients' information safe is our number one priority. I would rate it as nine out of 10 because it has gotten better. I have seen it at its worst. Now, it is running a lot better. So, I have a better opinion of it than I did.
Network Architect at Tarrant Regional Water District
Real User
2022-06-26T16:02:00Z
Jun 26, 2022
It's a very strong platform, especially now that we're on version 3.1. It's definitely my go-to. I would recommend it over any other NAC platform. It requires a lot of technical knowledge to actually get it off the ground and running. It's not quite as intuitive as it could be, but it's still a solid platform.
Technical account manager at a computer software company with 51-200 employees
MSP
2022-06-26T15:49:00Z
Jun 26, 2022
Go for it. It's a great solution. It's very configurable and you can tie your environment together from a wireless or from a wired side. I love the solution.
Network Engineer at a manufacturing company with 201-500 employees
Real User
2022-06-26T15:47:00Z
Jun 26, 2022
Talk to someone outside of Cisco too, if you're thinking about ISE. That way, you can get all the information. We wanted to outsource some of our work because I only have two years of admin experience and another of our network engineers has about a year. This way, if the system goes down, we have a quick way to get it back up. I would tell leaders who want to add cyber security resiliency to make sure they include team members who are involved and not just make decisions on their own.
Network Manager at a university with 501-1,000 employees
Real User
2022-06-26T15:39:00Z
Jun 26, 2022
An idea we are looking into is associating it with the MAC address table, so that approved devices can log in to the more restricted network. My advice is to attend training before going for it. Otherwise, it will not be easy to understand. Each product, from ACS to ISE, does similar things, but they do them in different ways. I rate Cisco ISE a nine out of 10. If it could become a little bit easier to understand that would help.
I work with various versions of the solution. We're resellers. Others should know it's a very good solution, very stable. There are a lot of features, and it is a secure solution. It's the first solution that we indicate to our customers and most of the time, the decision of the customer is to deploy a Cisco product. I'd rate the solution nine out of ten.
I would rate this solution 9 out of 10. It's one of the more difficult products to deploy. You can learn a lot about ISE from their training videos. I would suggest watching the videos before deploying the solution. They have created good videos for ISE, from version 1.3.
I'm a technical person, and I've worked for a company that does system integrations, including network pre-sales. My company sells Cisco ISE (Identity Services Engine) and Fortinet products in Turkey. I can also sell these products. My company is a gold partner of Cisco. I've sold the on-premises version of Cisco ISE (Identity Services Engine). Cisco ISE (Identity Services Engine) is the best solution for Cisco network customers. It is the best solution for Cisco network devices. As for network products from other vendors, we can use, or we could offer other network access control (NAC) solutions, e.g. Fortinet NAC, or Aruba Secure NAC, etc. I'm part of the pre-sales team at our company. There are other people who are responsible for installing Cisco ISE (Identity Services Engine) post-sales, e.g. they install the solution for the customers. For this reason, I am unable to give information on how long it takes to install the solution. We currently have over 30 users of Cisco ISE (Identity Services Engine). I can recommend Cisco ISE (Identity Services Engine) to other users. My rating for Cisco ISE (Identity Services Engine) is eight out of ten.
I would rate this solution 8 out of 10. I would recommend this solution. If someone is looking for a concrete solution to control the access, then ISE is a better solution.
Senior Network Administrator at a media company with 1,001-5,000 employees
Real User
2021-12-17T22:10:00Z
Dec 17, 2021
When someone is implementing this solution the difficulty depends on where they started. We started with zero and there was a very large learning curve. However, once they understand how it works, it's straightforward. There is a sharp learning curve to start working with it. I rate Cisco ISE an eight out of ten.
We are a system integrator. The version of ISE we are using depends on the customer. We primarily have the solution set up on premise. In terms of advice, from a security standpoint, it is paramount for any organisation, to be secure, no matter its size (large or small). Having secure network access control will always make it safer & help organisation in attaining a zero trust environment I'd rate the solution at an eight out of ten.
To avoid running into any complications when getting this solution up and running, you should get technically trained and comfortable with it before applying it. I would rate Cisco ISE (Identity Services Engine) a seven out of ten.
Deputy Manager at Convergent Wireless Communications
Reseller
2021-08-11T12:27:27Z
Aug 11, 2021
The features are quite comprehensive, but it's okay. However, the pricing is on the higher side. Feature-wise, it is a nine out of ten. Overall, I would rate Cisco ISE an eight out of ten.
Team Lead Network Infrastructure at a tech services company with 1-10 employees
Real User
2021-07-28T11:23:25Z
Jul 28, 2021
We are a systems integration company. I'm using different versions of the solution, and not necessarily the latest one. I'd rate the solution at an eight out of ten. It's worked well for us so far. We find Cisco to be innovative and to offer good products. I would recommend the solution to other users and organizations.
IT Security manager at a energy/utilities company with 201-500 employees
Real User
2021-05-19T11:58:51Z
May 19, 2021
If you're planning on using this solution, my advice is to be sure you review the full feature set available and select what is important to your users. This way you'll be able to ensure that you'll have everything you want and need. Overall, on a scale from one to ten, I would definitely give this solution a rating of nine.
Deputy Head of IT at a legal firm with 501-1,000 employees
Real User
2021-03-01T10:08:26Z
Mar 1, 2021
I would advise others to make sure that you have the knowledge of this solution to get the full benefits of all the features, and you are able to use it on a daily basis. I would rate Cisco ISE a six out of ten. Its functionality is too wide for our company.
The main advice would be in terms of upfront design — this is where a lot of people get it very wrong. Depending on the platforms you choose, there are restrictions and limitations on how many users. We've got various nodes, so how many nodes you can implement, etc. Also, latency considerations must be taken into account; especially if you're deploying it across geographically dispersed regions. The main advice would be to get the design right. Because given that directly interferes with the network, if you don't get your design right it could be disruptive to the network. Once you've got the proper design in place and that translates into a bit of material, the implementation, you can always figure it out. Getting it right, upfront, is the most important thing. Overall, I would give ISE a rating of eight out of ten. I don't want to give it a 10 out of 10 because of all the design issues. There is definitely room for improvement, but overall out there in the market, I think it's one of the best products. It has a good ecosystem. It integrates well with Cisco devices, but it also integrates with third-party solutions if you have to do that. It's based on open standards, and we've seen the ecosystem grow over the years. So, they're doing a good job in terms of growing the ecosystem and making sure ISE can work with other products, but there's definitely room for improvement on the product design itself — on monitoring, on analytics.
If you wish to use ISE, you must have a deep understanding of IT. If you don't, setting it up properly will be very complex. Overall, on a scale from one to ten, I would give this solution a rating of nine.
I advise new users to go through the admin guides for implementation and follow the script very carefully. On a scale from one to ten, I would give Cisco ISE an eight.
Solution Architect Telecom at a manufacturing company with 10,001+ employees
Real User
2021-02-16T09:54:24Z
Feb 16, 2021
My advice to Cisco would be to simplify as much as possible so that a normal IT guy can understand the CCD and set it up. If they can simplify the manuals, navigation, and documentation, it would be nice. It will always be difficult for a beginner, however, to, rearrange or design the network. I would rate the solution five out of ten.
We're just a customer. We buy their products for our security and our connectivity. We're not using the latest version. We're actually using a few versions. We have ISE, which is version 2.3. We're supposed to up to version 2.7, and that requires a refresh of the hardware. That's why we are saying, "Should we try to look for a different solution?" That's why I have been looking for comparisons. We haven't dedicated a lot of time to that yet. From my assessments so far, however, ISE still wins the show and it's likely that the partner that was doing the deployment originally on behalf of Cisco probably missed out on a number of things. It's really about the engineers who are doing the deployment. You need to make sure you have some good ones. I would recommend this solution to others, especially mature organizations as the smaller organizations may not be able to afford this. On a scale from one to ten, I would rate the product at an eight
Head Cyber Security at a retailer with 10,001+ employees
Real User
2020-11-26T12:30:00Z
Nov 26, 2020
The management part is much smoother. It takes care of all the costs across branded devices as well, so that it is a single panel we can manage all the end-to-end entry devices as well. That's something would be really good for Cisco ISE product. I would recommend Cisco ISE. I would rate it an eight out of ten. I would like it to be more stable.
Cyber Security at a manufacturing company with 10,001+ employees
Real User
2020-08-11T06:17:30Z
Aug 11, 2020
We're just a customer. We're in the manufacturing industry, not IT. We don't have a business relationship with IBM. We try to keep up with the latest upgrades, therefore, I believe we are using the latest version of the solution. From a non-technical user-based standpoint, I'd rate the solution ten out of ten. I'd recommend it, however, there is this ongoing concern in China at this time that Cisco could get banned in the ongoing trade war with the United States. That should be a concern for companies here. That may not be so much of a concern abroad.
I'd advise other companies to really take care in regards to the network devices that they want to authenticate. For most of the cases, the biggest rooms are the easiest to manage, however, the smallest ones require specific implementation in all devices. It is very tricky due to the fact that you are obliged to put in place the rules that are not so secure and that's why it's very important to know what devices are connected on the network. I'd rate the solution eight out of ten.
Infrastructure and Cybersecurity Manager at George Washington's Mount Vernon
Real User
2020-07-22T08:17:27Z
Jul 22, 2020
The important thing is to have a good game plan going into it. Prep is key for everything going on with ISE. The more stuff you have prepped and the more understanding that you have upfront of how it goes through and how it behaves, the better off you are. I would rate this solution a nine out of 10.
Network Engineer at a financial services firm with 1,001-5,000 employees
Real User
2020-07-13T06:55:00Z
Jul 13, 2020
Cisco ISE is a good product, but it requires some technical knowledge and knowledge about network security. One a scale from one to ten, I would rate Cisco ISE a six. As I said, I have not implemented it 100%. Maybe once I implement it 100%, and I start using it in production, then I will rate it higher.
Corporate Information Technology Security Manager at AG ANADOLU HOLDİNG A.S.
Real User
Top 10
2020-06-25T10:49:25Z
Jun 25, 2020
My advice for anybody who is considering Cisco ISE is to first run a proof of concept to see that all of the features work well. In my opinion, you have to see all of the features. I would rate this solution a seven out of ten.
Technical Systems Analyst at Northeastern Junior College
Reseller
2019-07-02T06:57:00Z
Jul 2, 2019
My advice to someone considering this solution would be to seek the most comprehensive solution for residence halls. I would rate this solution as eight out of ten. I would like the flow of authentication and authorization metrics to be easier to see.
Supervisor IT Security at a government with 1,001-5,000 employees
Real User
2019-06-23T09:40:00Z
Jun 23, 2019
The deployment strategy was faster than the pilot. We had to see how it works and then we had to, in a transparent manner, see how it works. Deployment took about six months. But the rollout is on-going because we keep opening branches all the time, so we just keep adding them into the solution. For deployment, we used the front liner support but for documentation, we had professional staff. For deployment and maintenance, we have a small team of maybe about five to ten. I would give the solution 5.5 out of 10.
Senior Network Engineer at a comms service provider with 1,001-5,000 employees
Reseller
2019-05-23T06:10:00Z
May 23, 2019
On a scale from one to ten, I would rate Cisco ISE an eight because the server is so complex. Cisco needs to re-program or re-issue it and release a new version with more adequate sizing for small businesses.
Unified Networks at a program development consultancy with 11-50 employees
Reseller
2019-02-18T10:19:00Z
Feb 18, 2019
We plan to increase usage by around 20 to 30%. It gives people the peace of mind that they have the possibility to grant access to the people that visit their premises and ensures that they are working in a safe environment that is pure and clear when they use the posture services of the solution. I would rate it a nine out of ten.
The advice that I would give someone considering this solution is to understand the licensing. From a design perspective, we refer to the ordering guide quite frequently. The most important thing is to have a technical planning session with the customer. A lot of the time the customer doesn't really know what they want and if you don't have that upfront planning and discussion with the customer, the deployment can take much longer. I would rate it a ten out of ten.
It's a good product but it requires technical support and knowledge otherwise it will be difficult to manage and run it. It requires somebody to be configuring issues. You need protection as you advance in the usage but it's a good product. I would rate this solution an eight out of ten. In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support.
Presales Systems Engineer at a tech services company with 501-1,000 employees
Real User
2019-02-10T10:25:00Z
Feb 10, 2019
The solution is sufficient and seems to require little to no maintenance from the client side. Maintenance is always in proportion to the client's needs and product deployment. For instance when we are managing two Cisco ISE boxes with two onsite engineers. As capacity grows obviously we need more engineers; it's not a 1-to-1 relationship but we always take a minimum of two certified engineers qualified to manage Cisco ISE. I would give this solution a rating of 7 out of 10.
Network Administrator at a government with 51-200 employees
Real User
2019-02-10T10:06:00Z
Feb 10, 2019
I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support.
Security Engineer at a energy/utilities company with 201-500 employees
Real User
2019-02-04T08:44:00Z
Feb 4, 2019
I would rate this solution a nine out of ten. I would advise someone considering this solution not to enable it with MAC. They are going to be in a very bad state after enabling this with MAC because if you do it is going to isolate so many devices which do not comply with the policy.
It's a great product but you should be careful to plan before deploying. Do thorough planning as not to do the same error that we did. We didn't do enough planning before deploying so it took us a long time to have a thorough plan. I would rate this solution a nine out of ten.
Cisco ISE is an all-in-one solution that streamlines security policy management and reduces operating costs. Cisco ISE delivers visibility and access control over users and devices across wired, wireless, and VPN connections.
Identity Services Engine enables enterprises to deliver secure network access to users and devices. It shares contextual data, such as threats and vulnerabilities, with integrated solutions from Cisco technology partners. You can see what is happening in your...
For small setups and if the backend infrastructure is Cisco-based, Cisco Identity Services Engine (ISE) is suitable. However, for large organizations with mixed infrastructure, other solutions should be considered. I would rate it four out of ten based on my experience from the last year.
Cisco ISE is a powerful and feature-rich solution, particularly well-suited for medium to large enterprises with complex network environments. However, its complexity and cost may be challenging for smaller organizations or those with limited IT resources. I'd rate Cisco ISE around 8-9 out of 10. If you lack in-house expertise, consider using Cisco's professional services for implementation.
We recommend it to our customers. Cisco ISE provides authentication for various applications. It can integrate with other applications to manage access, including Privileged Access Management for those applications. For a comprehensive environment, Cisco ISE should be able to integrate and provide asset management for an IT organization or any organization. Overall, I rate the solution an eight out of ten.
The solution's compliance and policy enforcement capability has benefited our organization by simplifying work. The solution operates in the background, and users generally don't interact with it. Cisco ISE is the security framework layer between network resources and end users using them. Users do not go into Cisco ISE to do anything. It's like Active Directory for Identity. If you're an end user, you don't work in Active Directory, but you authenticate Active Directory to use resources on the network. The same applies to Cisco ISE, and users don't interact with it directly. They are affected by it to the extent to which they are accessing network resources. Cisco ISE has a very comprehensive integration suite and we did not face a lot of challenges in integrating this solution with other security tools. If they know how to use it, I would recommend the solution to other organizations with similar security needs. Overall, I rate the solution an eight out of ten.
I would like to advice that Cisco ISE is a reliable and stable solution although it is not very easy to use. They should work on integrating the solution with other platforms. Overall, I will rate the solution an eight out of ten.
We are partners. A lot of customers are using Cisco’s infrastructure. The product can be integrated easily. We have faced a lot of issues while integrating other tools. Overall, I rate the solution an eight out of ten.
We must check the compatibility with the other device before using Cisco ISE. Fortinet or Palo Alto provides integration to another device. The solution has medium maintenance. Overall, I rate the solution a nine out of ten.
I recommend this solution to all. Overall, I rate it a perfect 10.
I'd give it a nine out of ten. There are some hurdles with upgrading and licensing in particular, which is why I wouldn't give it a ten.
In terms of ISE for end-to-end security, it's our primary tool right now for that. It's hard to compare with other applications or hardware. Sometimes there are limitations, for example, we use it for wireless only. We don't do anything with ISE or 802.1X on the wire, which is something we'd like to do, but we're hesitant based on our experiences with the wireless side in terms of the slowness. On a scale from one to ten, I give Cisco ISE an eight. Primarily because it seems like it's doing a pretty decent job managing our wireless connections. And there are enough tools in the GUI interface that give us feedback on performance. It's been a pretty decent install for us.
In terms of detection and remediation of threats, it wouldn't detect anything. If we integrated it with other products, it could cut certain clients off from the network, but we haven't gotten that far yet. It hasn't helped to free up our IT staff. It has probably consumed more time. I don't have a lot of familiarity with other products, so I'd rate it a six out of ten.
It hasn't helped to free up our IT staff. Our IT staff is already very limited anyway. We've always worked smart and don't work where we don't have to work. For example, in 2019, we were more than 60. There are 14 of us now, and we still do the same amount of work. Cisco ISE hasn't contributed to less workload. We do it with automation. We have a lot of Linux, so we do automation on all of our stuff. Overall, I'd rate Cisco ISE an eight out of ten.
I give Cisco ISE a ten out of ten. Cisco ISE is a great tool. It integrates well with Active Directory and numerous other components. The solution has become a fundamental part of our network and I recommend Cisco ISE to others who are looking to improve their cybersecurity.
I would rate Cisco ISE a nine out of ten. Despite the fact that the solution offers numerous features, it is challenging to use. We do not rely solely on Cisco ISE to secure our infrastructure from end to end. Instead, we utilize various tools such as McAfee, DLP, and Endpoint Security. Additionally, we have the Domain client to check for any breaches. On our Internet edges, we perform SSL offload to enhance the performance of security projects like WAF and IPS, as well as conduct full packet scans. Furthermore, we have NGFW and NG Networks in place. Cisco ISE is an important component in protecting our environment because it enforces security against the main point of vulnerability, which is accessing workstations. Ransomware infiltrates a network through workstations. The policies implemented are based on the posture model, ensuring that we use the necessary products on our network to mitigate such risks. I was not involved in the initial setup, but testing the implementation of a new feature is always challenging. We need to allocate time to test it with the security team and the network team. Additionally, we need to create a separate environment to gain a better understanding of how we can improve the performance of the solution within our network. For organizations that do not have the funds to purchase Cisco ISE, there are good open-source solutions available. These include TACACS servers, OpenLDAP, and FreeRADIUS. However, Cisco ISE is an excellent tool for enhancing all the existing tools within an organization.
I rate Cisco ISE a nine out of ten. From a user's perspective, Cisco ISE is seamless. It is extremely helpful as it reduces the amount of work required to access and control device permissions. Our organization is a major Cisco partner, and it is logical for us to increasingly integrate Cisco products into our environment.
My advice would be to do an evaluation of the product and purchase it. I'd rate Cisco ISE an eight out of ten.
A lot of the apects that needs to be improved in the product has already been done in the 3.0 version, including HTML5 and integrations with other cloud products like Azure and Intune. I just haven't upgraded yet. They are doing a good job of keeping up with new technologies. I have a small team, and it's hard to keep up with products. With our dot1x, we've seen situations where people have inadvertently plugged their own PC into the port, and the port shuts down. We instantly know that the port got shut down. It's been great. I haven't found another product that can do it as well and as easy to set up as the implementation of dot1x. The solution has freed up the IT staff’s time a little bit, but it also created more work in a good way. It has created more work in Cisco because now we're doing segmentation. We're taking dot1x to the next level and closer to moving towards a zero-trust network. The Cisco team gets access to the servers after authentication. We've done a lot of research on zero-trust networks. I work for a research company, and we've been looking at ways to do it. Historically, we have done segmentation by identifying groups of servers and locking them down. This process is challenging to manage. While setting up micro VLANs, we can provide role-based access instead of just putting applications on server pools and wondering who gets what access. If user A needs to be able to update their personal information because they got a new phone number, they need access to the HR system to do that. The HR people need to be able to see all their review records. However, user C doesn't need to see anything that user A is doing. That is what we are looking for. We want zero trust so that an individual has access to what that individual needs to be able to do and nothing more and nothing less. We had been running two other RADIUS servers just because they worked better with the product that we brought in. Cisco Identity Services Engine is more configurable, especially on ports. So, we were able to get rid of the other two RADIUS servers. We don’t have to pay service contracts for them, and there are no more upgrades. Now, we have one suite that we focus on. The mean time for issue resolution has drastically reduced. Everybody's looking at the same pane, the network team and InfoSec. As soon as they see something blocked, if we're not already investigating it, they're investigating it. We get to share the responsibility with multiple groups with the same end goal. It has tied the team together and made things a lot easier. I have a small team. I have seven sites and seven people. And if I applied one person to each one, we could watch it. Our InfoSec group, who's watching all their logs from the external firewalls, would watch that. With Cisco Identity Services Engine, we must have saved 100s of hours over the year. If something comes up, two groups almost instantaneously open a chat and start working on it. We know that our escalations are blocked on time. The amount of cleanup that we've had to do from malicious devices is down to almost nil. The solution has helped our organization to improve its cybersecurity resilience. We see malicious or unknown devices and react to them. We see known devices come in with outdated software. Everything gets addressed as soon as the user connects. It all comes together. Spend some money on classes and not on just who you think is going to lead your project. Get your whole team involved. If you are from the networking side, ensure your InfoSec team is included, and vice versa. The tool has so many capabilities that you will feel overwhelmed, but it becomes easier once the pieces start coming together. We had two other RADIUS servers. When we moved to Cisco Identity Services Engine, we were on Cisco ACS. Not many people offer the granularity that Cisco does because it's the main protocol for authenticating on devices. Cisco SD-WAN’s support still needs more learning. Cisco ThousandEyes started the same way. They have improved in the last two years. They're up to an eight out of ten now. Before, I didn't even want to talk to them. We love the product. We're expanding our cloud and looking at deploying the product on a hybrid cloud. However, we've got to get done with SD-WAN first. Overall, I rate the solution a ten out of ten.
Our customers are using Cisco ISE, but we're helping to integrate it into their solutions. The end-to-end infrastructure security from Cisco AnyConnect host points is very good. Cisco ISE has helped free up our customer's IT staff to concentrate on other projects. In the UK, where I predominantly work, a lot of the NHS staff have a lot of access switches located throughout multiple buildings. Cisco ISE probably frees up at least twenty percent of their time. Our customers can use Cisco ISE for device administration for TACACS, RADIUS devices, and individual host appliances. The migration from ACS to Cisco ISE has helped. Some of our customers were looking at various MAP implementations using different vendors, but we've now got I 2.1 X and MAM all built-in together. Cisco ISE's ability to consolidate tools or applications has centralized everything and made things a lot easier and smoother for our customers to carry out their day-to-day tasks. Cisco ISE has helped improve the cybersecurity resilience of our customers' organizations. We've always been able to integrate Cisco ISE into other products. So they're getting more security alerts, making them a lot more secure and happy with their environment. Overall, I rate Cisco ISE an eight out of ten.
It's a very good tool for security. It's a lot of work to initially set up, but once it's set up, it's pretty easy to use. It hasn't yet saved the time of our IT staff. It's still fairly new, so we haven't had much time to use the product fully. It has only been a year since we started using it, so it's still pretty new. Overall, I'd rate Cisco ISE a nine out of ten.
To someone researching this solution who wants to improve cybersecurity in their organization, I'd say that make sure you know what you're getting into. Understand and have a good plan going into it and have operational support for not just networking, but also help desk and other IT teams before deploying this solution. I don't know if Cisco ISE has saved us any time because it's an enhancement to our security that we didn't have before. It probably takes a little more time than not having it. Having no security is super easy because you don't have to worry about anything, but if you have any security product, you have to do work to support that. Overall, I'd rate Cisco ISE an eight out of ten.
I give Cisco ISE a nine out of ten. Cisco is continuously improving its products. There are so many features that we're not even using in Cisco ISE. So we use what is relevant for our own use case. I recommend that individuals conducting research on the solution take a thorough look at 802.1X and gain a comprehensive understanding of how it can offer the desired level of security. We utilize Cisco throughout our environment and chose ISE due to our familiarity with all of Cisco's products.
My main focus is on the .1X access. We have another security team whose focus is on VPN access. I use Cisco ISE for TechX authentication and .1X authentication. Cisco ISE saves us time. If you deploy any security features using Cisco ISE, you don't have other options not to automate it. Part of our Cisco ISE is integrated with the Cisco DNS center. The Cisco DNS center saves time in terms of configuration, integration, upgrading, and adding other switches to the fabric. You can deploy the features in Cisco ISE using manual techniques. Cisco ISE was already deployed in my organization when I joined. However, I know that Cisco ISE replaced ACS. I work in the banking industry. Our main concern is securing our network from either remote or on-site access. When you get physical access to the site and connect your device, you might risk the security of the network on purpose or unknowingly. Deploying Cisco ISE has helped improve the security of our organization. Overall, I rate Cisco ISE a nine out of ten because I have a very good experience with the solution and hear the same from other vendors.
Sometimes, the Cisco guys disagree about it, but other than that, the Cisco guidelines are clear and concise enough. Cisco ISE helps to secure our infrastructure from end to end so we can detect and remediate threats. The solution does what it's supposed to do. Cisco ISE has saved a little time for our organization. Since Cisco ISE is a more robust solution, it has helped our organization improve its cybersecurity resilience. Before implementing Cisco ISE, you should look into it in-depth on how it can be used, how it can be integrated with existing tools, and how your staff can be trained to troubleshoot it. The solution has its pitfalls, and when it breaks, it can break heavily. So be aware before you deploy it. Overall, I rate Cisco ISE a seven out of ten.
I give Cisco ISE an eight out of ten. Without knowledge of how the other implementations or competing offerings function, I believe Cisco ISE performs admirably in its intended role. Moreover, I am aware that without it, we would encounter significantly greater challenges. Therefore, I consider it to be great. Our organization utilizes Cisco products extensively, which, in my opinion, is the reason behind the organization's decision to choose Cisco ISE. I believe we would have a much more open network if it weren't for Cisco ISE. We would be restricted to only using PSKs, and we wouldn't have a true understanding of what our residents are connecting to the network. I think that's likely the most significant aspect of the implementation.
I've worked with customers who have used Purple Portal, for example, for their guest wireless access. In comparison to using Cisco ISE, Purple Portal adds an extra layer of complexity on all their guest networks running through a third party. This means that the customer will not have as much visibility into their guest users or control over what their guests see when they join the Wi-Fi network. With Cisco ISE and the way the policies are built, it gives you a lot of freedom. It covers a wide range of potential solutions. Because each bit can be built together modularly, you can build anything with it. Therefore, Cisco ISE applies to so many different applications. On a scale from one to ten, I would rate Cisco ISE at eight because it is a complex product and requires more technical ability to deploy it, though it fits many more solution requirements.
I would rate it as nine out of 10.
[When it comes to eliminating trust from our organization's network architecture] I'd say, no, ISE hasn't done that. It's been a challenge to implement this. We're trying to bridge the gap between the security guys and network guys. They're not the same teams. Sometimes the security guys also do networking, but it can be hard to cooperate on projects like this. This is a big project. ISE is a pretty big solution and security guys are sometimes lost in what's going on in the network, like equipment where you have to configure things. It's pretty much the most resilient solution as of now. I like this solution a lot. I would say it's a nine out of 10.
In terms of eliminating trust from network architecture, ISE can do so when it's implemented correctly. There are still certain functions of ISE where you have to be diligent in making sure that if a user is plugging into a network port, that that port is set up to use ISE for authentication. It's kind of a two-way street. It's a great tool, but you have to set it up correctly. You have to make sure that it's doing what you've intended it to do. When you do that, it's great for that. We don't have any issues with that and it's definitely an integral part of our network. The advice I would give people is to decide what you are looking for in terms of your AAA. Are you looking for a secure way to authenticate VPN users, users logging in for WiFi, for wired access? Something I don't use at my organization is the Guest Portal, but I know ISE has a pretty considerable catalog for deploying guest portals, for device onboarding, and posture assessment. If those are all the things you're looking for, the features, I would definitely recommend ISE.
It's done the job that we put it in place to do.
Use ISE if you want to build more resilience within your organization. I would rate the solution as eight or nine out of 10.
To leaders who want to build more resilience within their organization, I would say that it's definitely worth moving toward a zero-trust environment. It's really a rebranding of an old concept of least privileged access, but the tools we have to implement it, such as Cisco ISE and firewalls, at the core and the ability to broker it out to the cloud as well, give us a lot more visibility and a lot more control over the traffic and our data, which is our biggest asset. If you're evaluating the solution, pick two to three use cases, stick with those, and familiarize yourself with the solution. Try not to get overwhelmed with the interface, and don't try to see everything it can do and let it spin out of control; it's easy to do that. Just start with something you really need to implement and then worry about adding more features later on. On a scale from one to ten, I would rate Cisco ISE at nine.
Make sure you have everything ready, including all your information. Make sure you know what you will profile and what will come on your network. Get hardware nodes versus the VMs. You definitely want resilience. You want to keep everything protected, especially in the day and age that we live in now. Information is power. Keeping our customers' and patients' information safe is our number one priority. I would rate it as nine out of 10 because it has gotten better. I have seen it at its worst. Now, it is running a lot better. So, I have a better opinion of it than I did.
It's a very strong platform, especially now that we're on version 3.1. It's definitely my go-to. I would recommend it over any other NAC platform. It requires a lot of technical knowledge to actually get it off the ground and running. It's not quite as intuitive as it could be, but it's still a solid platform.
Go for it. It's a great solution. It's very configurable and you can tie your environment together from a wireless or from a wired side. I love the solution.
Talk to someone outside of Cisco too, if you're thinking about ISE. That way, you can get all the information. We wanted to outsource some of our work because I only have two years of admin experience and another of our network engineers has about a year. This way, if the system goes down, we have a quick way to get it back up. I would tell leaders who want to add cyber security resiliency to make sure they include team members who are involved and not just make decisions on their own.
An idea we are looking into is associating it with the MAC address table, so that approved devices can log in to the more restricted network. My advice is to attend training before going for it. Otherwise, it will not be easy to understand. Each product, from ACS to ISE, does similar things, but they do them in different ways. I rate Cisco ISE a nine out of 10. If it could become a little bit easier to understand that would help.
I work with various versions of the solution. We're resellers. Others should know it's a very good solution, very stable. There are a lot of features, and it is a secure solution. It's the first solution that we indicate to our customers and most of the time, the decision of the customer is to deploy a Cisco product. I'd rate the solution nine out of ten.
Regardless of your industry, I would recommend Cisco ISE if you want good identity management. I would rate this solution seven out of ten.
I would rate this solution 9 out of 10. It's one of the more difficult products to deploy. You can learn a lot about ISE from their training videos. I would suggest watching the videos before deploying the solution. They have created good videos for ISE, from version 1.3.
I'm a technical person, and I've worked for a company that does system integrations, including network pre-sales. My company sells Cisco ISE (Identity Services Engine) and Fortinet products in Turkey. I can also sell these products. My company is a gold partner of Cisco. I've sold the on-premises version of Cisco ISE (Identity Services Engine). Cisco ISE (Identity Services Engine) is the best solution for Cisco network customers. It is the best solution for Cisco network devices. As for network products from other vendors, we can use, or we could offer other network access control (NAC) solutions, e.g. Fortinet NAC, or Aruba Secure NAC, etc. I'm part of the pre-sales team at our company. There are other people who are responsible for installing Cisco ISE (Identity Services Engine) post-sales, e.g. they install the solution for the customers. For this reason, I am unable to give information on how long it takes to install the solution. We currently have over 30 users of Cisco ISE (Identity Services Engine). I can recommend Cisco ISE (Identity Services Engine) to other users. My rating for Cisco ISE (Identity Services Engine) is eight out of ten.
I would rate this solution 8 out of 10. I would recommend this solution. If someone is looking for a concrete solution to control the access, then ISE is a better solution.
I would recommend this solution as it is very easy to set up and has a very easy user interface. I would rate this solution as eight out of ten.
When someone is implementing this solution the difficulty depends on where they started. We started with zero and there was a very large learning curve. However, once they understand how it works, it's straightforward. There is a sharp learning curve to start working with it. I rate Cisco ISE an eight out of ten.
We are a system integrator. The version of ISE we are using depends on the customer. We primarily have the solution set up on premise. In terms of advice, from a security standpoint, it is paramount for any organisation, to be secure, no matter its size (large or small). Having secure network access control will always make it safer & help organisation in attaining a zero trust environment I'd rate the solution at an eight out of ten.
I would not recommend this solution. I rate Cisco ISE (Identity Services Engine) a six out of ten.
I rate Cisco ISE (Identity Services Engine) an eight out of ten.
To avoid running into any complications when getting this solution up and running, you should get technically trained and comfortable with it before applying it. I would rate Cisco ISE (Identity Services Engine) a seven out of ten.
The features are quite comprehensive, but it's okay. However, the pricing is on the higher side. Feature-wise, it is a nine out of ten. Overall, I would rate Cisco ISE an eight out of ten.
We are a systems integration company. I'm using different versions of the solution, and not necessarily the latest one. I'd rate the solution at an eight out of ten. It's worked well for us so far. We find Cisco to be innovative and to offer good products. I would recommend the solution to other users and organizations.
I rate Cisco ISE (Identity Services Engine) a seven out of ten.
If you're planning on using this solution, my advice is to be sure you review the full feature set available and select what is important to your users. This way you'll be able to ensure that you'll have everything you want and need. Overall, on a scale from one to ten, I would definitely give this solution a rating of nine.
I would advise others to make sure that you have the knowledge of this solution to get the full benefits of all the features, and you are able to use it on a daily basis. I would rate Cisco ISE a six out of ten. Its functionality is too wide for our company.
The main advice would be in terms of upfront design — this is where a lot of people get it very wrong. Depending on the platforms you choose, there are restrictions and limitations on how many users. We've got various nodes, so how many nodes you can implement, etc. Also, latency considerations must be taken into account; especially if you're deploying it across geographically dispersed regions. The main advice would be to get the design right. Because given that directly interferes with the network, if you don't get your design right it could be disruptive to the network. Once you've got the proper design in place and that translates into a bit of material, the implementation, you can always figure it out. Getting it right, upfront, is the most important thing. Overall, I would give ISE a rating of eight out of ten. I don't want to give it a 10 out of 10 because of all the design issues. There is definitely room for improvement, but overall out there in the market, I think it's one of the best products. It has a good ecosystem. It integrates well with Cisco devices, but it also integrates with third-party solutions if you have to do that. It's based on open standards, and we've seen the ecosystem grow over the years. So, they're doing a good job in terms of growing the ecosystem and making sure ISE can work with other products, but there's definitely room for improvement on the product design itself — on monitoring, on analytics.
If you wish to use ISE, you must have a deep understanding of IT. If you don't, setting it up properly will be very complex. Overall, on a scale from one to ten, I would give this solution a rating of nine.
I advise new users to go through the admin guides for implementation and follow the script very carefully. On a scale from one to ten, I would give Cisco ISE an eight.
My advice to Cisco would be to simplify as much as possible so that a normal IT guy can understand the CCD and set it up. If they can simplify the manuals, navigation, and documentation, it would be nice. It will always be difficult for a beginner, however, to, rearrange or design the network. I would rate the solution five out of ten.
We're just a customer. We buy their products for our security and our connectivity. We're not using the latest version. We're actually using a few versions. We have ISE, which is version 2.3. We're supposed to up to version 2.7, and that requires a refresh of the hardware. That's why we are saying, "Should we try to look for a different solution?" That's why I have been looking for comparisons. We haven't dedicated a lot of time to that yet. From my assessments so far, however, ISE still wins the show and it's likely that the partner that was doing the deployment originally on behalf of Cisco probably missed out on a number of things. It's really about the engineers who are doing the deployment. You need to make sure you have some good ones. I would recommend this solution to others, especially mature organizations as the smaller organizations may not be able to afford this. On a scale from one to ten, I would rate the product at an eight
As of now, this product is working fine. I would rate this solution a ten out of ten.
Our clients and my company plan to continue the use of the solution in the future. I rate Cisco ISE (Identity Services Engine) a ten out of ten.
The management part is much smoother. It takes care of all the costs across branded devices as well, so that it is a single panel we can manage all the end-to-end entry devices as well. That's something would be really good for Cisco ISE product. I would recommend Cisco ISE. I would rate it an eight out of ten. I would like it to be more stable.
I would rate Cisco ISE an eight out of ten.
We're just a customer. We're in the manufacturing industry, not IT. We don't have a business relationship with IBM. We try to keep up with the latest upgrades, therefore, I believe we are using the latest version of the solution. From a non-technical user-based standpoint, I'd rate the solution ten out of ten. I'd recommend it, however, there is this ongoing concern in China at this time that Cisco could get banned in the ongoing trade war with the United States. That should be a concern for companies here. That may not be so much of a concern abroad.
I'd advise other companies to really take care in regards to the network devices that they want to authenticate. For most of the cases, the biggest rooms are the easiest to manage, however, the smallest ones require specific implementation in all devices. It is very tricky due to the fact that you are obliged to put in place the rules that are not so secure and that's why it's very important to know what devices are connected on the network. I'd rate the solution eight out of ten.
The important thing is to have a good game plan going into it. Prep is key for everything going on with ISE. The more stuff you have prepped and the more understanding that you have upfront of how it goes through and how it behaves, the better off you are. I would rate this solution a nine out of 10.
Cisco ISE is a good product, but it requires some technical knowledge and knowledge about network security. One a scale from one to ten, I would rate Cisco ISE a six. As I said, I have not implemented it 100%. Maybe once I implement it 100%, and I start using it in production, then I will rate it higher.
My advice for anybody who is considering Cisco ISE is to first run a proof of concept to see that all of the features work well. In my opinion, you have to see all of the features. I would rate this solution a seven out of ten.
My advice to someone considering this solution would be to seek the most comprehensive solution for residence halls. I would rate this solution as eight out of ten. I would like the flow of authentication and authorization metrics to be easier to see.
The deployment strategy was faster than the pilot. We had to see how it works and then we had to, in a transparent manner, see how it works. Deployment took about six months. But the rollout is on-going because we keep opening branches all the time, so we just keep adding them into the solution. For deployment, we used the front liner support but for documentation, we had professional staff. For deployment and maintenance, we have a small team of maybe about five to ten. I would give the solution 5.5 out of 10.
I would rate this solution an eight out of ten.
On a scale from one to ten, I would rate Cisco ISE an eight because the server is so complex. Cisco needs to re-program or re-issue it and release a new version with more adequate sizing for small businesses.
We plan to increase usage by around 20 to 30%. It gives people the peace of mind that they have the possibility to grant access to the people that visit their premises and ensures that they are working in a safe environment that is pure and clear when they use the posture services of the solution. I would rate it a nine out of ten.
The advice that I would give someone considering this solution is to understand the licensing. From a design perspective, we refer to the ordering guide quite frequently. The most important thing is to have a technical planning session with the customer. A lot of the time the customer doesn't really know what they want and if you don't have that upfront planning and discussion with the customer, the deployment can take much longer. I would rate it a ten out of ten.
It's a good product but it requires technical support and knowledge otherwise it will be difficult to manage and run it. It requires somebody to be configuring issues. You need protection as you advance in the usage but it's a good product. I would rate this solution an eight out of ten. In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support.
The solution is sufficient and seems to require little to no maintenance from the client side. Maintenance is always in proportion to the client's needs and product deployment. For instance when we are managing two Cisco ISE boxes with two onsite engineers. As capacity grows obviously we need more engineers; it's not a 1-to-1 relationship but we always take a minimum of two certified engineers qualified to manage Cisco ISE. I would give this solution a rating of 7 out of 10.
I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support.
You should have a fair understanding of the kubernetes that have been used in their infrastructure. I would rate this solution an eight out of ten.
I would rate this solution a nine out of ten. I would advise someone considering this solution not to enable it with MAC. They are going to be in a very bad state after enabling this with MAC because if you do it is going to isolate so many devices which do not comply with the policy.
I would rate this solution a ten out of ten.
It's a great product but you should be careful to plan before deploying. Do thorough planning as not to do the same error that we did. We didn't do enough planning before deploying so it took us a long time to have a thorough plan. I would rate this solution a nine out of ten.
This solution can be used to protect one's application. The server has many features to secure and diagnose.