We performed a comparison between Cisco ISE (Identity Services Engine) and Cisco Secure Firewall based on real PeerSpot user reviews.
Find out in this report how the two Cisco Security Portfolio solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The best feature of the Cisco ISE platform is that it is compatible with Microsoft products."
"So far, we have had no issues with the stability."
"ISE's most valuable feature is integration between IT and OTs."
"In terms of features, I think they've done a lot of improvement on the graphical user interface — it looks really good right now."
"The product is stable."
"The most valuable feature is the integration with StealthWatch and DNA as one fabric."
"The feature that I found most valuable is profiling. We use that to profile certain types of devices, and then depending on the manufacturer, drop them into the appropriate VLAN without us having to go in and manually add the devices."
"Cisco ISE scales exceptionally well."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"Cisco ASA NGFW significantly improves our bank. It protects any high-value products that we use from hackers, viruses, malware, and script-bots. It gives us metrics on network traffic as well as what kind of attacks we are getting from the outside."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"Being able to use it as a policy-based VPN is valuable. It's very easy to understand. It's very easy to troubleshoot."
"The features I've found most valuable are the packet captures and packet traces because they help me debug connections. I like the logs because they help me see what's going on."
"The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied."
"The benefits we see from the ASA are connected to teleworking as well as, of course, having the basic functionality of a firewall in place and the prevention of attacks."
"Its VPN and ASN features are very stable."
"It would be ideal if Cisco could provide some short training videos or documentation to customers to help them understand how to use the product."
"Documentation is probably the worst part of the software."
"There should be an easier way to do the upgrades. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade."
"I would definitely improve the deployment and maybe a little bit of the support. Our first exposure to ISE had a lot of issues."
"There are still some bugs in ISE that need to be worked out."
"When I work with customers to do my knowledge transfer, they're really overwhelmed with the navigation of the product and the number of things you can do with it. From a user interface standpoint, Cisco could focus on making certain tasks a bit more guided and easier for customers to walk through. That is, a user-friendly interface and streamlined workflows would be great."
"Sometimes some of Cisco ISE's graphical interfaces could be a little bit smoother. However, with the different versions, the product is getting better and better."
"Cisco ISE requires a lot of time-consuming administration."
"An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier."
"You shouldn't have to use the ASDM to help manage the client."
"Even on a smaller scale, people are finding you need HA pairs, and there's no way that the ASA can do that, at least in the virtual version."
"The solution needs to have better logging features."
"Its configuration through GUI as well as CLI can be improved and made easier."
"Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."
"In terms of next-generation capabilities, Cisco is a little behind, and it is way behind the market leaders."
"It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Cisco Security Portfolio with 136 reviews while Cisco Secure Firewall is ranked 4th in Cisco Security Portfolio with 404 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Cisco Secure Firewall is rated 8.2. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Portnox CORE, whereas Cisco Secure Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Netgate pfSense, Meraki MX and Sophos XG. See our Cisco ISE (Identity Services Engine) vs. Cisco Secure Firewall report.
See our list of best Cisco Security Portfolio vendors.
We monitor all Cisco Security Portfolio reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.