Cisco ISE (Identity Services Engine) Review

Good stability and enables us to identify and isolate a machine that is infected or that is going to be infected


What is our primary use case?

We use this solution to authenticate the domain users and if someone is not the domain user to make them a guest.

How has it helped my organization?

Before, our port would be wide open, anyone could come to the network and put their laptop into the port or any device and they would be able to get the IP. Now, if someone tries to connect to our network through an IU port or internet, they will not be able to access it. Another way this solution has improved our organization is that when we integrate this with our OpenGate server we are able to identify and isolate the machine that is infected, or that is going to be infected.

Plus, we had control on which device we can block in real-time and white list, or according to the MAC address, we can send this device to get an assigned IP from a special VLAN.

What is most valuable?

The identification with McAfee DHL is the most valuable feature. It gives us full visibility to see if there's any malware or malicious activity going on in the network and will then isolate the device.

What needs improvement?

Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Stability is very good. We haven't faced any issues and there aren't any bugs. 

What do I think about the scalability of the solution?

We currently have around 400 users and we only need two staff members for maintenance. It is being used extensively because all of the users are dependent on it. If the ISE is down no one will be able to authenticate.

How is customer service and technical support?

Technical support is very good because, on the user phase, it shows who was on the call with us and who helped us. 

How was the initial setup?

The initial setup was easy. It took around one month. We did the installation part within half an hour to two hours but we found a couple of issues so we raised a case and once everything was resolved it was a month in total. 

What about the implementation team?

We used an integrator. We had a good experience with them because we have already worked with them in the past couple of years

Which other solutions did I evaluate?

We researched this solution and found that it fulfills all of our requirements so we didn't look into any other solutions.

What other advice do I have?

I would rate this solution a nine out of ten. 

I would advise someone considering this solution not to enable it with MAC. They are going to be in a very bad state after enabling this with MAC because if you do it is going to isolate so many devices which do not comply with the policy.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
Add a Comment
Guest
Sign Up with Email