What is our primary use case?
We use ISE for security group tagging in terms of guests and visitors who access the network to make sure that they actually go through this to control their privilege access to ensure they don't actually access the internal network, etc.
Our clients use ISE as a form of security policy management so that users and devices between the wired, wireless, and VPN connections to the corporate network, can be managed accordingly.
Take a house for example. Sometimes you need to access a room via a certain keyhole, so you use a key that is unique to that door. With ISE, you can segment this process in terms of policy management based on the security tag. You actually grant the user access based on the tagging.
That's the IT trend — saving a lot on operating costs to manage the different users and access methods.
Within our company, we have roughly 200 employees using this solution.
What is most valuable?
My clients are always talking about the segregation capabilities. Segmentation refers to how you can actually segregate employee and non-employee client access.
What needs improvement?
They have recently made a lot of improvements. My clients don't have much to complain about — it's a one-stop-shop.
It should be virtualized because many people have begun migrating to the cloud. They should offer a hybrid version.
What do I think about the stability of the solution?
It's stable but there's a limitation of up to 200,000 users. If you have a big number of users, then you have to customize the installation process.
What do I think about the scalability of the solution?
It's only scalable up to 20,000 users.
How are customer service and technical support?
I would say Cisco's support has been getting worse. I think they outsource a lot of skillsets.
How was the initial setup?
The initial setup is pretty straightforward. They actually provide a lot of help to IT administrators which makes setting it up rather easy.
The whole setup takes about three days because you need to basically configure the network, test the configuration, and then you need to cut over to production.
What was our ROI?
Our customers definitely see a return on their investment with this solution.
What's my experience with pricing, setup cost, and licensing?
I think licensing costs roughly $2,000 a year. ISE is more expensive than Network Access Control.
What other advice do I have?
If you wish to use ISE, you must have a deep understanding of IT. If you don't, setting it up properly will be very complex.
Overall, on a scale from one to ten, I would give this solution a rating of nine.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?