Cisco ISE (Identity Services Engine) Overview

Cisco ISE (Identity Services Engine) is the #1 ranked solution in our list of top Network Access Control tools. It is most often compared to Aruba ClearPass: Cisco ISE (Identity Services Engine) vs Aruba ClearPass

What is Cisco ISE (Identity Services Engine)?
Identity Services Engine is a security policy management platform that automates and enforces context-aware security access to network resources. It delivers superior user and device visibility to support enterprise mobility experiences and to control access. It shares data with integrated partner solutions to accelerate their capabilities to identify, mitigate, and remediate threats.

Cisco ISE (Identity Services Engine) is also known as Cisco ISE.

Cisco ISE (Identity Services Engine) Buyer's Guide

Download the Cisco ISE (Identity Services Engine) Buyer's Guide including reviews and more. Updated: May 2021

Cisco ISE (Identity Services Engine) Customers
Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
Cisco ISE (Identity Services Engine) Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
KD
Presales Systems Engineer at a tech services company with 501-1,000 employees
Reseller
Delivers great Posture Assessment Policy Management and VLAN Assignment

What is our primary use case?

Our company doesn't use Cisco ISE internally. We act as the solution reseller. Our business model is set up to provide a network-based approach for adaptable, trusted access to our clients. We provide our clients with intelligent, integrated protection through intent-based policy and compliance solutions.

Pros and Cons

  • "We found that the most valuable features associated with this tool are posture assessment, policy management, VLAN assignments, guest assignment, and BYOD services. In addition to these services, the Cisco IOS software switch configuration feature is another very valuable aspect of the policy and compliance solution."
  • "There are issues with respect to the posture assessment function. It's been observed that customers are not receiving total access to the network because the assessment agent is glitchy and malfunctions from time-to-time. I would like to see refining of the compliance assessment and adding more detailed compliance of endpoints on the user end."

What other advice do I have?

The solution is sufficient and seems to require little to no maintenance from the client side. Maintenance is always in proportion to the client's needs and product deployment. For instance when we are managing two Cisco ISE boxes with two onsite engineers. As capacity grows obviously we need more engineers; it's not a 1-to-1 relationship but we always take a minimum of two certified engineers qualified to manage Cisco ISE. I would give this solution a rating of 7 out of 10.
Solutions Manager at EOH
Reseller
Very stable and adds a lot of value to our customer's network

What is our primary use case?

We are a reseller of Cisco ISE.

Pros and Cons

  • "In terms of scalability, you need to factor in your licenses. With a virtual platform, the scalability is more than sufficient. We have over one thousand users."
  • "There can be a little bit more integration between the controller management and ISE. There are two dashboards, you have the controller dashboards, and you have the ISE dashboard it would is a way to maybe integrate that into one. That would be great. It's not that bad. It would be easier if it could be combined into one dashboard."

What other advice do I have?

The advice that I would give someone considering this solution is to understand the licensing. From a design perspective, we refer to the ordering guide quite frequently. The most important thing is to have a technical planning session with the customer. A lot of the time the customer doesn't really know what they want and if you don't have that upfront planning and discussion with the customer, the deployment can take much longer. I would rate it a ten out of ten.
Learn what your peers think about Cisco ISE (Identity Services Engine). Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
502,104 professionals have used our research since 2012.
JL
Group Electrical Engineer Consultants at a comms service provider with 51-200 employees
Consultant
Enables us to grant access to users in a secure and easy way

What is our primary use case?

Our primary use case is to grant access to users, we deploy the bring your own device policy.

Pros and Cons

  • "Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement in our network."
  • "There should be an easier way to do the upgrades. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade."

What other advice do I have?

We plan to increase usage by around 20 to 30%. It gives people the peace of mind that they have the possibility to grant access to the people that visit their premises and ensures that they are working in a safe environment that is pure and clear when they use the posture services of the solution. I would rate it a nine out of ten.
AP
OPCO IT Manager at MTN
Real User
Enables us to protect our network but it should be more user-friendly

What is our primary use case?

We use this solution to protect the network especially when someone brings their own device and to lock out access to anybody connecting to the network. Also to make sure that the people connect to the correct VLAN. So, mainly for security wifi access so that when people want to connect to our wifi they have to log in using their credentials.

Pros and Cons

  • "For guests we give them limited access to the internet when they come in so that access has been useful. Previously, we just used to give them the APN key which they would leave with. Now, we give them credentials to use that are for a limited period of time."
  • "In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support."

What other advice do I have?

It's a good product but it requires technical support and knowledge otherwise it will be difficult to manage and run it. It requires somebody to be configuring issues. You need protection as you advance in the usage but it's a good product. I would rate this solution an eight out of ten. In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support.
AH
Network Administrator at a government with 51-200 employees
Real User
Has many valuable features but it needs more support for the customer

What is our primary use case?

It's a network access manager.

Pros and Cons

  • "After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected."
  • "I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support."

What other advice do I have?

I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support.
RF
Information Security System Specialist at everis New Company Erifson
Real User
Enables us to distribute internet access to guests and has a good profiling feature

What is our primary use case?

We use it to aid the tools that we make and to sponsor and get flow.

How has it helped my organization?

We distribute internet access to guests. It's the product to our environment.

What is most valuable?

The profiling option is the most valuable feature. 

What needs improvement?

They should improve the upgrades. It's not easy to upgrade the solution. 

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It's stable. 

What do I think about the scalability of the solution?

It is scalable because we use a network load balancer at the front of the PSN. It can be extended as we want to multiply. It's scalable to our environment. We have around 8,000 users and we are planning to…
Security Engineer at a energy/utilities company with 201-500 employees
Real User
Good stability and enables us to identify and isolate a machine that is infected or that is going to be infected

What is our primary use case?

We use this solution to authenticate the domain users and if someone is not the domain user to make them a guest.

Pros and Cons

  • "The initial setup was easy. It took around one month. We did the installation part within half an hour to two hours but we found a couple of issues so we raised a case and once everything was resolved it was a month in total."
  • "Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product."

What other advice do I have?

I would rate this solution a nine out of ten. I would advise someone considering this solution not to enable it with MAC. They are going to be in a very bad state after enabling this with MAC because if you do it is going to isolate so many devices which do not comply with the policy.
Manager - IT Security & Process Compliance at a tech services company with 1,001-5,000 employees
Real User
Highly scalable and enables us to have visibility of all the changes happening on certain devices

What is our primary use case?

My primary use case for this solution is as a server for my networking devices.

Pros and Cons

  • "We have multiple metal devices from different places that use management, so we need to know who would be accessing all those devices and what changes are being done to those metal devices. With Cisco ISE we have visibility of all the changes happening on those devices."
  • "Support and integration for the active devices needs to be worked on. Their features mainly work well with Mac devices. If we use an HP the Mac functionalities may no longer be able to deliver."

What other advice do I have?

You should have a fair understanding of the kubernetes that have been used in their infrastructure. I would rate this solution an eight out of ten.
JF
User
Real User
All devices have multifactor authentication in collaboration with IT which secures access to all our devices

What is our primary use case?

My primary use case of this solution is for access control for authentication and for the authorization of wireless users.

Pros and Cons

  • "For device administration, all devices have multifactor authentication in collaboration with IT, so it secures access to all of our devices. For guest and wireless access, it's a matter of a lowly manager who we give access to the portal and he can assign access to the guests, so it's a very simple process now. It keeps the IT focusing on their work, and gives the business people the right access."
  • "The compliance and posture don't always work. They should make it more stable. With each upgrade, we lose some functionality. We have to wait for another upgrade."

What other advice do I have?

It's a great product but you should be careful to plan before deploying. Do thorough planning as not to do the same error that we did. We didn't do enough planning before deploying so it took us a long time to have a thorough plan. I would rate this solution a nine out of ten.
Network Security Engineer at Data Consult
Real User
The firewall can see traffic as unencrypted and we can then mitigate the enemy and any attack

What is our primary use case?

My primary use case of this solution is to protect the website from web attacks.

What other advice do I have?

This solution can be used to protect one's application. The server has many features to secure and diagnose.
Architect of Security and Networking solutions (Presales and after sales) at a comms service provider with 1,001-5,000 employees
Real User
Provides Member Access Control and enables integration of Cisco hardware

What is our primary use case?

We are an ISP and we are working on providing ISP solutions for companies. For that reason, we are trying to deploy ISE or other technologies.

How has it helped my organization?

The benefit comes from the fact that all of our clients have Cisco products and we are looking for a tool that can integrate all the devices for a secure facility, monitoring, etc.

What is most valuable?

MAC - Member Access Control Integrating all Cisco wireless, networking, switches, routers, firewalls for our customers.

What needs improvement?

In a future release, I would like to see network access control. That is something that customers seem to be looking for.
Research Engineer with 1-10 employees
User
Its wireless​ controller needs to add more than one physical port. However, it improves switch account management.

What is our primary use case?

Wireless Control Solutions Physical Port Access Control Changing switch configuration records and account controls.

How has it helped my organization?

Currently planning to establish a wireless network environment. Expected benefits.  Improves switch account management. Physical Port Access Control.

What is most valuable?

ISE Dynamic VLAN assignment ISE Radius and Tacacs+ External identity sources LDAP, domain, or token.

What needs improvement?

The Cisco wireless controller needs to add more than one physical port. The Guest Network verification needs to add a QR code option.

For how long have I used the solution?

One to three years.
Senior Network Engineer/Mobility Specialist at CCSI - Contemporary Computer Services, Inc.
Real User
ExpertTop 20
It has a centralized and unified highly secure access control with ISE, which grew out of ACS.

Pros and Cons

  • "Cisco ISE now competes with any other product in the space because of its centralized and unified highly secure access control with ISE."
  • "The learning curve is steep and the initial setup is complex."

What other advice do I have?

Not all features are available with base license, plus license allows for profiling and provisioning
Senior Network Engineer with 1,001-5,000 employees
Vendor
It can handle Radius and TACACS+. It is quite complex when it comes to troubleshooting.

What other advice do I have?

We have deployed this solution and we keep on exploring more and more. It can do wonders for authentication and limiting access with the network.
Senior Network Engineer/Mobility Specialist at CCSI - Contemporary Computer Services, Inc.
Real User
ExpertTop 20
Profile Sets help organize how AAA is handled by grouping, like traffic into separate subroutines.
Senior Network Operations Specialist at a government with 1,001-5,000 employees
Vendor
This technology is based upon utilizing other Cisco products such as IDS, IPS, ASA and Catalyst switches.
Security Senior Network Engineer with 1,001-5,000 employees
Vendor
We use it for implementing wireless 802.1X with Active Directory and guest portal, but we're waiting for TACACS integration to completely replace the Cisco ACS line of products.

What other advice do I have?

The main advice is to seek for an accredited ATC system integrator with a large ISE portfolio.
Product Categories
Network Access Control
Buyer's Guide
Download our free Cisco ISE (Identity Services Engine) Report and get advice and tips from experienced pros sharing their opinions.
Quick Links