Most Helpful Review
Good stability and enables us to identify and isolate a machine that is infected or that is going to be infected
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Using this solution gives us the ability to allow proper access to the network.
The biggest value of ISE is that it can get so granular with gaming systems, versus IoT and BYOD.
Easy to use and provides good support
The best feature of the Cisco ISE platform is that it is compatible with Microsoft products.
We found that the most valuable features associated with this tool are posture assessment, policy management, VLAN assignments, guest assignment, and BYOD services. In addition to these services, the Cisco IOS software switch configuration feature is another very valuable aspect of the policy and compliance solution.
In terms of scalability, you need to factor in your licenses. With a virtual platform, the scalability is more than sufficient. We have over one thousand users.
Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement in our network.
For guests we give them limited access to the internet when they come in so that access has been useful. Previously, we just used to give them the APN key which they would leave with. Now, we give them credentials to use that are for a limited period of time.
CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies.
CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale.
When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution.
Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control.
The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.
For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks.
There are no issues with scalability. Our clients are very happy to use the product.
We are maintaining compliance in PCI, SOX and HIPPA, which is a big thing. Auditors really like it, and it has made us stay compliant.
There should be a single button that can be pressed to dismiss all of the alarms at once.
I'd like to see an easier way to upgrade to larger versions, as well as more best practices that are easier to locate on their support page.
An area that could be improved is the agent. The challenge now is that agent and most of the computers have changed. They could think about agent-less deployment.
Cisco ISE is complex. The deployment and design of networks with it is so complex. If it could change it would be better.
There are issues with respect to the posture assessment function. It's been observed that customers are not receiving total access to the network because the assessment agent is glitchy and malfunctions from time-to-time. I would like to see refining of the compliance assessment and adding more detailed compliance of endpoints on the user end.
There can be a little bit more integration between the controller management and ISE. There are two dashboards, you have the controller dashboards, and you have the ISE dashboard it would is a way to maybe integrate that into one. That would be great. It's not that bad. It would be easier if it could be combined into one dashboard.
There should be an easier way to do the upgrades. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade.
In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support.
There is a bit of a learning curve, but it's a pretty complex solution.
CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms.
The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time.
It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers.
Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use.
Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server.
The initial setup of CyberArk is a challenge if you do not have prior experience with it.
Make it easier to deploy.
Pricing and Cost Advice
If you go directly with Cisco for the implementation it's very, very expensive.
In comparison to other products on the market, CyberArk is a more costly product.
This solution is considered to be more expensive than others out there on the market today.
I do not have any opinions to add about the pricing of the product.
No, I do not have any advice on the price of the product.
Network and security licenses are currently being managed by other outsource vendors, so they are facing some type of problems in the digital aspect.
With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time.
If you are looking at implementing this solution, buy the training and go to it.
Our risk is definitely significantly lower. Also, our resources are low.
out of 22 in Network Access Control
Average Words per Review
out of 24 in Privileged Access Management
Average Words per Review
Compared 39% of the time.
Compared 19% of the time.
Compared 7% of the time.
Compared 13% of the time.
Compared 9% of the time.
Compared 8% of the time.
Also Known As
|Cisco ISE||CyberArk Privileged Access Security, CyberArk Privileged Account Security, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, On-Demand Privileges Manager, Endpoint Privilege Manager|
|Identity Services Engine is a security policy management platform that automates and enforces context-aware security access to network resources. It delivers superior user and device visibility to support enterprise mobility experiences and to control access. It shares data with integrated partner solutions to accelerate their capabilities to identify, mitigate, and remediate threats.|
CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.
Learn more about Cisco ISE (Identity Services Engine)
Learn more about CyberArk PAS
|Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University||Rockwell Automation|
Comms Service Provider29%
Software R&D Company7%
Software R&D Company27%
Comms Service Provider19%
Financial Services Firm29%
Software R&D Company29%
Comms Service Provider15%
Financial Services Firm11%