We performed a comparison between Cisco ISE (Identity Services Engine) and Cisco Secure Firewall based on real PeerSpot user reviews.
Find out in this report how the two Cisco Security Portfolio solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's scalable."
"I like that Cisco ISE is easy to use."
"The interconnection with the ecosystem and the ability to force rules all over the network are the most important features."
"The RADIUS Server holds the most value."
"The most valuable feature is the integration with StealthWatch and DNA as one fabric."
"I have found that all of the features are valuable. It is very easy to deploy because we are able to port users directly from Active Directory (AD) and LDAP."
"The feature that I most like is that it can notify me whenever someone plugs in their device, which is not allowed. I get notifications for new laptop devices. I think the user interface looks good compared to previous versions."
"Cisco ISE's profiling and posturing features ensure that all devices are compliant with regulatory authorities."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The user interface, the UI, is excellent on the solution."
"Network segmentation is the most valuable feature."
"Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information."
"It's the VPN side of things that has been most useful for us. It allows us to secure our users even when they're working from home. They are able to access all of our resources, no matter where they are in the world."
"The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot."
"For our very specific use case, for remote access for VPN, ASAs are very good."
"It is a very user-friendly product."
"A main issue is that the upgrade process, over time, is extraordinarily fragile. Repeatedly, over the past several years, when we've tried to upgrade our Cisco ISE implementation, the upgrade has broken it. Ultimately, we have then had to rebuild it because we need it."
"The customer server was great but it would have been better for me if they had support in other languages such as Spanish."
"Adding new devices was a little cumbersome. I haven't done it that many times, but I remember that adding new devices to the authentication piece of it was a little cumbersome. The way I was shown to do it, I thought it was odd because we had to go into the active device, copy the file down, export it, make some changes to it, and then reimport it as opposed to being able to click it and having a template to fill out."
"The intuitiveness of the user interface could be improved."
"I would like to see them simplify the dashboard. It's very configurable, but, at the same time, it's not easy to maneuver through it. They should "Merakify" it."
"Cisco ISE has almost all the features we are looking for now, but sometimes the configuration, such as the conditions, is a little difficult to understand and not so easy to navigate."
"There should be a single button that can be pressed to dismiss all of the alarms at once."
"If I was going to improve anything, it would be the ease of migration. It's really difficult at the moment if you're looking to upgrade ISE 2.1 and you want to go to ISE 3.1 or 3.2, that whole upgrade path and, particularly, the licensing is quite a minefield to sort out."
"I would like to see the inclusion of more advanced antivirus features in the next release of this solution."
"In today's world, cyberattacks have become a common occurrence. However, so far, we have not faced any issues with our systems. I hope the situation remains the same in the future. If Cisco introduces even more advanced security measures, it would be beneficial."
"I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"Cisco provides us with application visibility and control, although it's not a complete solution compared to other vendors. Cisco needs to work on the application behavior side of things, in particular when it comes to the behavior of SSL traffic."
"The configuration is an area that needs improvement."
"<p>If there is old hardware, or appliances, it does not necessarily work with the new Cisco generation firewalls."
"They need to do an overhaul of the management console."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Cisco Security Portfolio with 136 reviews while Cisco Secure Firewall is ranked 4th in Cisco Security Portfolio with 404 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Cisco Secure Firewall is rated 8.2. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Portnox CORE, whereas Cisco Secure Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Netgate pfSense, Meraki MX and Sophos XG. See our Cisco ISE (Identity Services Engine) vs. Cisco Secure Firewall report.
See our list of best Cisco Security Portfolio vendors.
We monitor all Cisco Security Portfolio reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.