Cisco ISE (Identity Services Engine) vs. CyberArk PAS

As of June 2019, Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control with 13 reviews vs CyberArk PAS which is ranked 1st in Privileged Access Management with 57 reviews. The top reviewer of Cisco ISE (Identity Services Engine) writes "All devices have multifactor authentication in collaboration with IT which secures access to all our devices". The top reviewer of CyberArk PAS writes "Gives us the security of all credentials in one place and lightens our administrative load". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, ForeScout CounterACT and FortiAuthenticator. CyberArk PAS is most compared with SailPoint IdentityIQ, Cisco ISE (Identity Services Engine) and BeyondTrust Endpoint Privilege Management.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
The best feature of the Cisco ISE platform is that it is compatible with Microsoft products.We found that the most valuable features associated with this tool are posture assessment, policy management, VLAN assignments, guest assignment, and BYOD services. In addition to these services, the Cisco IOS software switch configuration feature is another very valuable aspect of the policy and compliance solution.In terms of scalability, you need to factor in your licenses. With a virtual platform, the scalability is more than sufficient. We have over one thousand users.Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement in our network.For guests we give them limited access to the internet when they come in so that access has been useful. Previously, we just used to give them the APN key which they would leave with. Now, we give them credentials to use that are for a limited period of time.After the product was installed, no one could access the secure connection network. In order for any laptop or any endpoint device to attach to my network, it needs to be authorized or be certified to be connected.It is scalable because we use a network load balancer at the front of the PSN. It can be extended as we want to multiply. It's scalable to our environment. We have around 8,000 users and we are planning to expand it.The initial setup was easy. It took around one month. We did the installation part within half an hour to two hours but we found a couple of issues so we raised a case and once everything was resolved it was a month in total.

Read more »

For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks.The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.There are no issues with scalability. Our clients are very happy to use the product.We are maintaining compliance in PCI, SOX and HIPPA, which is a big thing. Auditors really like it, and it has made us stay compliant.We are able to know who is accessing what and when; having accountability.This solution is quite stable.The most valuable feature is that it always provides flexibility, password quality and one-time user check-in and check-out.I really like the PTA (Privileged Threat Analytics). I find this the best feature.

Read more »

Cons
Cisco ISE is complex. The deployment and design of networks with it is so complex. If it could change it would be better.There are issues with respect to the posture assessment function. It's been observed that customers are not receiving total access to the network because the assessment agent is glitchy and malfunctions from time-to-time. I would like to see refining of the compliance assessment and adding more detailed compliance of endpoints on the user end.There can be a little bit more integration between the controller management and ISE. There are two dashboards, you have the controller dashboards, and you have the ISE dashboard it would is a way to maybe integrate that into one. That would be great. It's not that bad. It would be easier if it could be combined into one dashboard.There should be an easier way to do the upgrades. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade.In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support.I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support.They should improve the upgrades. It's not easy to upgrade the solution.Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product.

Read more »

Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server.Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use.The initial setup of CyberArk is a challenge if you do not have prior experience with it.Make it easier to deploy.I think having a distributed architecture would certainly help this solution.There was a functionality of the solution that was missing. I had noticed it in Beyond Trust, but not in this solution. But, recently they have incorporated something similar.If we could have some kind of out-of-the box feature that you can simply say "no" so they don't have to go into a development mode, that would a really helpful feature.Tech support staff can be more proactive.

Read more »

Pricing and Cost Advice
If you go directly with Cisco for the implementation it's very, very expensive.

Read more »

In comparison to other products on the market, CyberArk is a more costly product.This solution is considered to be more expensive than others out there on the market today.I do not have any opinions to add about the pricing of the product.No, I do not have any advice on the price of the product.Network and security licenses are currently being managed by other outsource vendors, so they are facing some type of problems in the digital aspect.With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time.If you are looking at implementing this solution, buy the training and go to it.Our risk is definitely significantly lower. Also, our resources are low.

Read more »

report
Use our free recommendation engine to learn which Network Access Control solutions are best for your needs.
347,244 professionals have used our research since 2012.
Ranking
1st
Views
29,292
Comparisons
16,545
Reviews
11
Average Words per Review
370
Avg. Rating
8.2
Views
44,405
Comparisons
15,697
Reviews
58
Average Words per Review
547
Avg. Rating
8.9
Top Comparisons
Compared 11% of the time.
Also Known As
Cisco ISECyberArk Privileged Access Security, CyberArk Privileged Account Security, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, On-Demand Privileges Manager, Endpoint Privilege Manager
Learn
Cisco
CyberArk
Overview
Identity Services Engine is a security policy management platform that automates and enforces context-aware security access to network resources. It delivers superior user and device visibility to support enterprise mobility experiences and to control access. It shares data with integrated partner solutions to accelerate their capabilities to identify, mitigate, and remediate threats.

CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.

Offer
Learn more about Cisco ISE (Identity Services Engine)
Learn more about CyberArk PAS
Sample Customers
Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau UniversityRockwell Automation
Top Industries
REVIEWERS
Comms Service Provider50%
Financial Services Firm13%
Energy/Utilities Company13%
Construction Company13%
VISITORS READING REVIEWS
Financial Services Firm24%
Comms Service Provider15%
Manufacturing Company15%
Energy/Utilities Company11%
REVIEWERS
Financial Services Firm28%
Insurance Company15%
Healthcare Company10%
Energy/Utilities Company8%
VISITORS READING REVIEWS
Financial Services Firm31%
Retailer14%
Comms Service Provider11%
Energy/Utilities Company10%
Company Size
REVIEWERS
Small Business19%
Midsize Enterprise23%
Large Enterprise58%
REVIEWERS
Small Business17%
Midsize Enterprise9%
Large Enterprise74%
VISITORS READING REVIEWS
Small Business11%
Midsize Enterprise11%
Large Enterprise78%
Find out what your peers are saying about Aruba ClearPass vs. Cisco ISE (Identity Services Engine) and other solutions. Updated: June 2019.
347,244 professionals have used our research since 2012.
We monitor all Network Access Control reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email