We performed a comparison between Cisco ISE (Identity Services Engine) vs Fortinet FortiAuthenticator based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet FortiAuthenticator has an edge in this comparison because it received higher marks in the ease of deployment and pricing categories, and users are more impressed with its features.
"We have multiple metal devices from different places that use management, so we need to know who would be accessing all those devices and what changes are being done to those metal devices. With Cisco ISE we have visibility of all the changes happening on those devices."
"The most valuable thing in ISE is the adoption of EAP deep that came in [version] 2.7, so we can do authentication based on user and machine certificates in one authentication."
"It's easy to change and add policies."
"Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement in our network."
"The implementation is very simple."
"I found the CMDB Direct Connect in Cisco ISE 3.2 the most promising feature for my use case."
"Since migrating towards doing wired ports over ISE with 802.1X and MAB authentication, our organization's security risk has been better. We have been able to establish better layouts, so devices can move and we don't have to worry about where they need to go."
"The product is useful for device administration."
"FortiAuthenticator is easy to use."
"The web feature is quite versatile. It serves as the sole server authenticator and is valuable not only with FortiGate products but also within the entire Forti system, making it highly useful for me."
"The product's on-premise version doesn't have recurring costs."
"The current version is stable...Scalability-wise, it is a fine solution"
"We have not had issues with Fortinet FortiAuthenticator. It is stable."
"The feature I value the most is the one-time passwords because it helps to authenticate users so you know the timing of their usage."
"The most valuable feature of the solution is RADIUS service and the social network integration feature."
"It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues."
"There are always some things that I would request."
"The intuitiveness of the user interface could be improved."
"It would be helpful for us to know what needs to be deployed, configured, and what changes we need to make to our devices when we don't receive the specific login which is an indication of a lack of connection or incorrect configuration."
"Cisco ISE is complex. The deployment and design of networks with it is so complex. If it could change it would be better."
"When I work with customers to do my knowledge transfer, they're really overwhelmed with the navigation of the product and the number of things you can do with it. From a user interface standpoint, Cisco could focus on making certain tasks a bit more guided and easier for customers to walk through. That is, a user-friendly interface and streamlined workflows would be great."
"The opinion of my coworkers, and it's mine as well, is that the user interface could use some tender loving care. It seems counterintuitive sometimes. If you go to the logs, it's hard to figure out which one you need to look at."
"With the recent release of the solution, we had a bunch of bugs and we had to delay our deployment. Other than that, the solution is good."
"The compliance and posture don't always work. They should make it more stable. With each upgrade, we lose some functionality. We have to wait for another upgrade."
"There is a room for improvement. The log is a bit difficult to access, and searching the log codes is also a bit difficult. So it would be much better if, when we open a log, it could provide detailed information about errors, reasons for failure, and such."
"The GUI has some shortcomings and can be made better. The GUI is not great."
"They could expand FortiAuthenticator's capabilities to accommodate a broader range of environments."
"The customization capability of Fortinet FortiAuthenticator is not very flexible."
"The product must provide 2FA for applications."
"Integration with FortiGate could be more fluid."
"We would like to see Linux-based operating systems be able to integrate with FortiAuthenticator to get two-factor authentication running on them. as well. This is a shortcoming that I have faced a few times already."
"It can not use SQL to query FortiAnalyzer directly."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 135 reviews while Fortinet FortiAuthenticator is ranked 5th in Single Sign-On (SSO) with 52 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Fortinet FortiAuthenticator is rated 8.0. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Fortinet FortiAuthenticator writes "A reasonably priced solution that can be scaled toward different functionalities and offers flexible SMS messaging". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Microsoft Enterprise Mobility + Security, whereas Fortinet FortiAuthenticator is most compared with Fortinet FortiToken, Fortinet FortiNAC, Cisco Duo, Microsoft Entra ID and CyberArk Privileged Access Manager.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.