We performed a comparison between Cisco ISE (Identity Services Engine) vs Fortinet FortiAuthenticator based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet FortiAuthenticator has an edge in this comparison because it received higher marks in the ease of deployment and pricing categories, and users are more impressed with its features.
"The integration with Active Directory is the most valuable feature for us."
"Assisting a larger number of users in gaining access and guiding them through the process of getting on Cisco ISE has been seamless."
"For customers, it's great. It has a GUI, so the customers themselves can edit ACLs or even modify the policies. It's also an all-in-one solution with RADIUS and TACACS."
"I found the CMDB Direct Connect in Cisco ISE 3.2 the most promising feature for my use case."
"For me, the TACACS feature is the most valuable. I have also used Cisco ISE with LDAP, not with Active Directory. That works for me because I prefer LDAP versus Active Directory."
"The most valuable feature is the integration with StealthWatch and DNA as one fabric."
"So far, we have had no issues with the stability."
"The most valuable feature is the flexibility of the policy sets."
"FortiAuthenticator is a very good solution. It is all jury-based. FortiAuthenticator is very easy for anyone to understand how it works and be able to take action."
"We have a perpetual license for 2FA."
"For someone concerned with multifactor authentication, I'm satisfied with the product."
"FortiAuthenticator is easy to use."
"The web feature is quite versatile. It serves as the sole server authenticator and is valuable not only with FortiGate products but also within the entire Forti system, making it highly useful for me."
"The product's initial setup phase was easy. It is also easy to deploy."
"It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues."
"Intuitive interface and easy to deploy."
"Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product."
"Deploying to a machine, as opposed to a dedicated appliance, can be a bit difficult."
"I don't see as many customers as I should adopting the onboarding feature. I think Cisco should make that process a lot easier and less intrusive on the end users' devices."
"An issue with the product is it tends to have a lot of bugs whenever they release a new release."
"The software is a little bit complicated to understand in the beginning, meaning the implementation. It needs proper documentation so that we can understand the options more easily."
"Cisco ISE's performance could be better, faster, and more robust."
"In the next release, I would want to see this kind of solution in the cloud as opposed to on prem because when enhancements are made to the software, if it's in the cloud, it's overnight. I mean you're not going to have to respin the servers that the license sits on, it's all microservices kinds of things in the cloud. That would be my recommendation. If I'm a customer, that's what I'm looking at - for cloud based software subscriptions."
"I would like to see the product simplified more, especially with the configuration."
"The price of the solution could improve, it is expensive."
"They could expand FortiAuthenticator's capabilities to accommodate a broader range of environments."
"There is a room for improvement. The log is a bit difficult to access, and searching the log codes is also a bit difficult. So it would be much better if, when we open a log, it could provide detailed information about errors, reasons for failure, and such."
"We have issues with HA (high availability). These should be addressed in future releases."
"The only way the solution could be improved is if it were cheaper."
"A better integration with other vendors."
"If you want some other FortiAuthenticator from one site to another site, you should have requirements, but really if you have authentication and directory or another solution, you should change the password of the authenticator between the solution and the directory and other things. So transfer of data and other information should be simpler."
"There are some protocols, such as SHA and SHA-2, that are not supported."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 138 reviews while Fortinet FortiAuthenticator is ranked 6th in Single Sign-On (SSO) with 52 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Fortinet FortiAuthenticator is rated 8.0. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Fortinet FortiAuthenticator writes "A reasonably priced solution that can be scaled toward different functionalities and offers flexible SMS messaging". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Microsoft Enterprise Mobility + Security, whereas Fortinet FortiAuthenticator is most compared with Fortinet FortiNAC, Fortinet FortiToken, Cisco Duo, Microsoft Entra ID and CyberArk Privileged Access Manager.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.