We performed a comparison between Cisco ISE (Identity Services Engine) and ForgeRock based on real PeerSpot user reviews.
Find out what your peers are saying about Cisco, HPE Aruba Networking, Fortinet and others in Network Access Control (NAC)."For me, the TACACS feature is the most valuable. I have also used Cisco ISE with LDAP, not with Active Directory. That works for me because I prefer LDAP versus Active Directory."
"The user experience of the solution is great. It's a very transparent system."
"The most important feature for us is visibility in terms of user connections. It's the ability to see what devices are online for a particular user that helps a lot with our troubleshooting."
"The solution is great for establishing trust for every access request no matter where it comes from."
"I really enjoy the live log section. Sometimes, you will have someone who is having issues connecting to the network, and then you have to ask them the dreaded question of, "Did you type a password wrong?" They will probably tell you, "No," but the live log can help sort that out. It gives us that extra ability to assist the end user and make sure that we are making them happy."
"It does a good job of establishing trust for each access request, no matter the source. It's also very effective at helping with the distributed network and at securing access."
"For customers, it's great. It has a GUI, so the customers themselves can edit ACLs or even modify the policies. It's also an all-in-one solution with RADIUS and TACACS."
"TACACS and .1X security are the most valuable features. TACACS acts for user control, so no one can authenticate to our network devices, and .1X is to validate that unauthorized devices are plugged into our network."
"The product is easy to set up."
"We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks."
"Installation and configuration are pretty easy for ForgeRock OpenIDM."
"ForgeRock is an extensive product with many functionalities and capabilities, much more than many other tools combined."
"I like the way it is handling authentication and authorization."
"Easy to navigate, handle and manage the applications."
"ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations."
"I like the intelligent authentication feature."
"Also, the menus could have been much simpler. There are many redundant things. That's a problem with all Cisco solutions. There are too many menus and redundant things on all of them."
"Cisco ISE can become quite complex, especially with policy sets, the entire authentication process, and everything involved."
"We do tend to run into a lot of issues with ISE when it comes to bugs."
"The software is a little bit complicated to understand in the beginning, meaning the implementation. It needs proper documentation so that we can understand the options more easily."
"Adding new devices was a little cumbersome. I haven't done it that many times, but I remember that adding new devices to the authentication piece of it was a little cumbersome. The way I was shown to do it, I thought it was odd because we had to go into the active device, copy the file down, export it, make some changes to it, and then reimport it as opposed to being able to click it and having a template to fill out."
"Cisco ISE's real-time data analytics for database logging could be improved."
"Compatibility and integration with other vendors is what needs to be improved in Cisco ISE (Identity Services Engine)."
"The initial setup process is complex since there are so many big components."
"As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively."
"It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
"Lacks simplified documentation within the tool that requires use of a separate portal."
"The product's support services in the French language are not free."
"I find that it's quite expensive for just an open-source system. Support is quite expensive."
"It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers."
"They should improve the solution by include reporting."
"In an upcoming release, the solution could improve by limiting the need to do customizations."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 135 reviews while ForgeRock is ranked 4th in Access Management with 27 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while ForgeRock is rated 8.0. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Fortinet FortiAuthenticator, whereas ForgeRock is most compared with SailPoint IdentityIQ, PingID, Microsoft Entra ID, Auth0 and Symantec Siteminder.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.