We performed a comparison between Cisco ISE (Identity Services Engine) and Cisco Secure Firewall based on real PeerSpot user reviews.
Find out in this report how the two Cisco Security Portfolio solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the automation of the collection of information."
"The product is stable."
"The most valuable feature is 801.1x and another very good feature is the TACACS."
"The access policies, and all of the policies in Cisco ISE, are important to us."
"The way we can trust this solution is the most valuable. We have no issue with this product. It is a competitive product. You need to have a very good and deep knowledge of the product to take the full benefits of all the features, but it is a good product."
"The most valuable features are authentication, we have more granular control on the access policies for the administrators. The solution is easy to use, has a center point administration, and has a good GUI."
"The most important feature for us is visibility in terms of user connections. It's the ability to see what devices are online for a particular user that helps a lot with our troubleshooting."
"For us and our clients, the most valuable features of Identity Services Engine are really around the rich contact sharing that ISE gives you."
"The configuration capabilities and the integration with other tools are the most valuable features. I really like this product. Cisco is one of my favorite brands, and I always think Cisco solutions are very reliable, easy to configure, and very secure."
"I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily."
"Cisco Secure Firewall is a good solution. In some ways, it is a reactive solution and we have it sitting in a whitelist mode rather than a blacklist mode. It seems to work fairly well for us."
"At this point, we find that this product has high productivity and high availability and there is no need for improvement."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."
"The user interface is easy to navigate."
"It's pretty reliable and allows for isolation capabilities within the network."
"Cisco ISE requires a lot of time-consuming administration."
"It could be more intuitive in terms of how to configure the policies."
"The solution is not so user-friendly."
"It would be helpful for us to know what needs to be deployed, configured, and what changes we need to make to our devices when we don't receive the specific login which is an indication of a lack of connection or incorrect configuration."
"Sometimes some of Cisco ISE's graphical interfaces could be a little bit smoother. However, with the different versions, the product is getting better and better."
"The UI is not as intuitive as some other products, even products inside of Cisco's wheelhouse."
"I would definitely improve the deployment and maybe a little bit of the support. Our first exposure to ISE had a lot of issues."
"An issue with the product is it tends to have a lot of bugs whenever they release a new release."
"REST API stability needs improvement in order for customizing resource allocation available to the user rather than just being there transparently. This way users can customize REST API and tailor it to their needs."
"The Sandbox and the Web Censoring in this solution need to be improved."
"Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering."
"In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline."
"Comparing Cisco solution to others, it is expensive, it would be better for it to be cheaper."
"We use the FTD management platform for the boxes. The GUI that manages multiple Firepower boxes could be improved so that the user experience is better."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"One of the problems that we have had is the solution requires Java to work. This has caused some problems with the application visibility and control. When the Java works, it is good, but Java wasn't a good choice. I don't like the Java implementation. It can be difficult to work with sometimes."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Cisco Security Portfolio with 135 reviews while Cisco Secure Firewall is ranked 6th in Cisco Security Portfolio with 404 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Cisco Secure Firewall is rated 8.2. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Portnox CORE, whereas Cisco Secure Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Netgate pfSense, Meraki MX and Sophos XG. See our Cisco ISE (Identity Services Engine) vs. Cisco Secure Firewall report.
See our list of best Cisco Security Portfolio vendors.
We monitor all Cisco Security Portfolio reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.