Cisco ISE (Identity Services Engine) Reviews

What is most valuable?

* BYOD service * The guest and secure wireless access * Compliance and posture * Wireless administration

How has it helped my organization?

For device administration, all devices have multifactor authentication in collaboration with IT, so it secures access to all of our devices. For guest and wireless access, it's a matter of a lowly manager who we give access to the portal… more»

What needs improvement?

The compliance and posture don't always work. They should make it more stable. With each upgrade, we lose some functionality. We have to wait for another upgrade. I would like to see them develop some type of device management, like an iPad… more»

What's my experience with pricing, setup cost, and licensing?

Licensing is very complicated and it changes a lot. I know recently it changed since we acquired the solution. It had a different licensing scheme that has changed. The cost is high compared to other solutions. Even so, it is better than… more»

What other advice do I have?

It's a great product but you should be careful to plan before deploying. Do thorough planning as not to do the same error that we did. We didn't do enough planning before deploying so it took us a long time to have a thorough plan. I would… more»

What is most valuable?

The identification with McAfee DHL is the most valuable feature. It gives us full visibility to see if there's any malware or malicious activity going on in the network and will then isolate the device.

How has it helped my organization?

Before, our port would be wide open, anyone could come to the network and put their laptop into the port or any device and they would be able to get the IP. Now, if someone tries to connect to our network through an IU port or internet… more»

What needs improvement?

Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product.

What other advice do I have?

I would rate this solution a nine out of ten. I would advise someone considering this solution not to enable it with MAC. They are going to be in a very bad state after enabling this with MAC because if you do it is going to isolate so many… more»

Which other solutions did I evaluate?

We researched this solution and found that it fulfills all of our requirements so we didn't look into any other solutions.

How has it helped my organization?

We give guests limited access to the internet when they come in so that access has been useful. Previously, we just used to give them the APN key which they would leave with. Now, we give them credentials to use that are for a limited period of time.

What's my experience with pricing, setup cost, and licensing?

If you go directly with Cisco for the implementation it's very, very expensive.

What other advice do I have?

It's a good product but it requires technical support and knowledge otherwise it will be difficult to manage and run it. It requires somebody to be configuring issues. You need protection as you advance in the usage but it's a good product. I would rate this solution an eight out of ten. In order to… more»

Which other solutions did I evaluate?

We also looked at Aruba.

How has it helped my organization?

Previously, what used to happen is that we use to have anyone - any user, a staff member or a non-staff member, consultant contractors, etc. able to connect to our line without authentication, which I think posed a security risk. We felt that whoever connected to our network should be authenticated. We should know the person. We should have visibility to see who was connecting to our network so… more»

What needs improvement?

An area that could be improved is the agent. The challenge now is that agent and most of the computers have changed. They could think about agent-less deployment. Also, I've not explored MDM but if it should be integrated.

What other advice do I have?

The deployment strategy was faster than the pilot. We had to see how it works and then we had to, in a transparent manner, see how it works. Deployment took about six months. But the rollout is on-going because we keep opening branches all the time, so we just keep adding them into the solution. For deployment, we used the front liner support but for documentation, we had professional staff. For… more»

What is most valuable?

It has many valuable features.

How has it helped my organization?

After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected.

What needs improvement?

It has many complications from the administration perspective, it's not easy to learn. Not like other solutions that are very friendly and easy to go through. It needs to be more user-friendly. We'll see the same name on more than one tab… more»

What's my experience with pricing, setup cost, and licensing?

We are a big organization and we can arrange for licenses because we are a big customer. We have an agreement for the security license. Licenses aren't an issue for us. We pay for licenses every five years or six years.

What other advice do I have?

I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer… more»

What is most valuable?

We found that the most valuable features associated with this tool are posture assessment, policy management, VLAN assignments, guest assignment, and BYOD services. In addition to these services, the Cisco IOS software switch configuration feature is another very valuable aspect of the policy and compliance solution.

What needs improvement?

There are issues with respect to the posture assessment function. It's been observed that customers are not receiving total access to the network because the assessment agent is glitchy and malfunctions from time-to-time. I would like to see refining of the compliance assessment and adding more detailed compliance of endpoints on the user end. We have also had to deal with some cache update issues… more»

What other advice do I have?

The solution is sufficient and seems to require little to no maintenance from the client side. Maintenance is always in proportion to the client's needs and product deployment. For instance when we are managing two Cisco ISE boxes with two onsite engineers. As capacity grows obviously we need more engineers; it's not a 1-to-1 relationship but we always take a minimum of two certified engineers… more»

What needs improvement?

So far we have had no complaints from customers. No major complaints in terms of ISE. They do complain obviously if the ISE service stops working. Normally that happens if there's a server flaw or some problem at the data center somewhere. There can more integration between the wireless controller management and ISE. Consolidation or integration of the controller and ISE dashboards would be great… more»

What's my experience with pricing, setup cost, and licensing?

The licensing is too expensive. There is more complexity on the wifi environment, especially with Cisco DNA versus Cisco ONE licensing. As far as the ISE licensing is concerned, it's pretty straightforward. We normally follow the ordering guide which is quite detailed, so there's no problem there.

What other advice do I have?

The advice that I would give someone considering this solution is to understand the licensing. From a design perspective, we refer to the ordering guide quite frequently. The most important thing is to have a technical planning session with the customer. A lot of the time the customer doesn't really know what they want and if you don't have that upfront planning and discussion with the customer… more»

What is most valuable?

The biggest value of ISE is that it can get so granular with gaming systems, versus IoT and BYOD.

What needs improvement?

I'd like to see an easier way to upgrade to larger versions, as well as more best practices that are easier to locate on their support page.

If you previously used a different solution, which one did you use and why did you switch?

We were very late adopters in the education arena of wireless. We didn't adopt until about five years ago. We had a great relationship with our partner and got to see this demo several times. It was really good.

What other advice do I have?

My advice to someone considering this solution would be to seek the most comprehensive solution for residence halls. I would rate this solution as eight out of ten. I would like the flow of authentication and authorization metrics to be… more»

Which other solutions did I evaluate?

Cisco was the only one that we evaluated. There was also Aruba, but Cisco was really the top choice.