We performed a comparison between Cisco ISE (Identity Services Engine) and One Identity Active Roles based on real PeerSpot user reviews.
Find out what your peers are saying about Cisco, HPE Aruba Networking, Fortinet and others in Network Access Control (NAC)."For us and our clients, the most valuable features of Identity Services Engine are really around the rich contact sharing that ISE gives you."
"Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement in our network."
"Easy to use and provides good support"
"It integrates with the rest of our platform, like our firewall, and helps us a lot. It also does a good job establishing trust for every access request."
"A lot of customers use a third party to manage their guest Wi-Fi. Cisco ISE presents the ability to bring that in-house so that customers can have full control over it, change the branding, and get extra telemetry from it and the user data. It works really well for our customers."
"The way the ISE works is you can get into defining. Let's say, in my case, I've got a Windows laptop and I've got an Apple product and those have unique identifiers, unique back addresses. It would say that this in my profile so I could get to those apps with either device, 24/seven. That's how granular the ISE or these NAC Solutions can get."
"SGTs are valuable because they make it easy to enforce policies, instead of pushing them across all the other platforms."
"My team has gained a lot from Cisco ISE as it does also provide automation, which is a big asset in the eighth hour. After setting it up, it took a lot of the weight off in many ways. We have a co-worker, who we call the ISE Master because he's in charge of the ISE configurations. He's able to save a lot of time by being able to monitor everything from there. So it did take off a lot of time that we would waste by going individually to that different device and trying to figure out what was wrong."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"It gives us attribute-level control and the AD management features work very well."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"Secure access is the most valuable feature."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"Difficult to figure out the protocols and nodes in order to implement correctly."
"Third-party integration is important, as well as the continuous adaptation feature which is the AIOps. It would be helpful to include the AIOps."
"On the network services devices, when you click on filter, the filter comes up. However, when I type in a search and I want to click on something it defaults back to the main page. I keep having an issue with that, and I'm not doing anything wrong."
"The policies could be adjusted to make them more easily implementable."
"I would like to see them simplify the dashboard. It's very configurable, but, at the same time, it's not easy to maneuver through it. They should "Merakify" it."
"I would like to see integration with other vendors, and the RADIUS integration needs to be improved a little bit."
"Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product."
"The Guest Network verification needs to add a QR code option."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"The ability to send logs to a SIEM would be very beneficial."
"Most of the time it just works."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 138 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while One Identity Active Roles is rated 8.6. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Fortinet FortiAuthenticator, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint Identity Security Cloud, One Identity Manager and Netwrix Auditor.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.