Compare Cisco ISE (Identity Services Engine) vs. One Identity Manager

Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control with 15 reviews while One Identity Manager is ranked 1st in Identity Management (IM) with 31 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while One Identity Manager is rated 8.0. The top reviewer of Cisco ISE (Identity Services Engine) writes "All devices have multifactor authentication in collaboration with IT which secures access to all our devices". On the other hand, the top reviewer of One Identity Manager writes "Enables us to find all sorts of questionable activity that we were able to address". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Forescout Platform and CyberArk PAS, whereas One Identity Manager is most compared with SailPoint IdentityIQ, CyberArk PAS and One Identity Active Roles.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Cisco, ForeScout, Aruba Networks and others in Network Access Control. Updated: March 2020.
408,154 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
Using this solution gives us the ability to allow proper access to the network.The biggest value of ISE is that it can get so granular with gaming systems, versus IoT and BYOD.Easy to use and provides good supportThe best feature of the Cisco ISE platform is that it is compatible with Microsoft products.We found that the most valuable features associated with this tool are posture assessment, policy management, VLAN assignments, guest assignment, and BYOD services. In addition to these services, the Cisco IOS software switch configuration feature is another very valuable aspect of the policy and compliance solution.In terms of scalability, you need to factor in your licenses. With a virtual platform, the scalability is more than sufficient. We have over one thousand users.Visitors can be granted access to the wifi network using their cellphones, notebooks or tablets in a very easy way. The ease of accessibility that anyone can have to the network is very quick and is a big improvement in our network.For guests we give them limited access to the internet when they come in so that access has been useful. Previously, we just used to give them the APN key which they would leave with. Now, we give them credentials to use that are for a limited period of time.

Read more »

The short version is that we gained significant insight into the issues of access governance. This allowed us to turn an auditing nightmare into praise from our auditors.It gives the best user experience, enabling us an overview of all user entitlements.This solution is better on the IT personnel, because now they spend less (or almost no time) managing user rights.The most valuable feature for me is the built-in security, which is the best that I have seen.The connection with multiple systems is what makes it flexible. We can create the accounts flexibly, enabling access to other systems. In addition to Active Directory, it can extend to SAP, to Salesforce, to Office 365, etc.Nobody has to put people in AD groups by hand anymore. It goes automatically and that's very good. It's also very flexible. It's quite easy to customize and we have customized it a lot.For me, personally, the automation is the most valuable feature. I don't have to do things manually, like creating user accounts and provisioning them to the target systems.This is almost a complete solution for us.

Read more »

Cons
There should be a single button that can be pressed to dismiss all of the alarms at once.I'd like to see an easier way to upgrade to larger versions, as well as more best practices that are easier to locate on their support page.An area that could be improved is the agent. The challenge now is that agent and most of the computers have changed. They could think about agent-less deployment.Cisco ISE is complex. The deployment and design of networks with it is so complex. If it could change it would be better.There are issues with respect to the posture assessment function. It's been observed that customers are not receiving total access to the network because the assessment agent is glitchy and malfunctions from time-to-time. I would like to see refining of the compliance assessment and adding more detailed compliance of endpoints on the user end.There can be a little bit more integration between the controller management and ISE. There are two dashboards, you have the controller dashboards, and you have the ISE dashboard it would is a way to maybe integrate that into one. That would be great. It's not that bad. It would be easier if it could be combined into one dashboard.There should be an easier way to do the upgrades. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade.In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support.

Read more »

The support team could be improved on. The first level of support essentially looks up knowledge base articles and often can't provide the answer needed.The initial setup was complex. We have a lot of different systems. The journey from implementing to joining all the systems was difficult.The performance could use improvement. Sometimes synchronizations take too long.A feature that I would like to see is a mobile app that provides users the ability to make changes or add users to the Active Directory, on the fly.More integration with SAP and with the internet of things would be good. We also have system devices that we could manage as identities, so that would be a feature to add.One of the things we would like is the ability to have more than one system role manager. That would be nice. For example, when people are on vacation, sometimes it gets a little hard to administrate system roles.The system role manager, or some of the roles that are inside Identity Manager, are limited to one user. It would be more flexible if these responsibility roles could be attached to many people.It should be able to give a client version of the product, rather than just a web-portal.

Read more »

Pricing and Cost Advice
If you go directly with Cisco for the implementation it's very, very expensive.

Read more »

There is a one-time licensing cost, and there is also a yearly subscription fee.It's costlier that some other products, and there is nothing that fits every solution.We are using a self-built solution. It would cost too much to get that up to the standard of what we need. In the long-term, it is cheaper to buy a solution that has what we need. Though, we are still running the previous solution, as we are still in the implementation phase.It needs flexibility in the licensing or packaging, because you buy the entire package at once, and sometimes the customers are a bit overwhelmed with whatever they get. I would like if they could cut the licensing or packaging into somewhat smaller things.It has helped to reduce customer costs.We are paying for premium support, which is expensive. However, we do receive very good, fast support.It helps us save on licenses for applications because we are following the account lifecycle, as well as account reactivation.We have the premium support and are very satisfied. They are always answer our questions very quickly. For the moment, we are very satisfied, but I think it's because we are paying for the premium support.

Read more »

report
Use our free recommendation engine to learn which Network Access Control solutions are best for your needs.
408,154 professionals have used our research since 2012.
Ranking
1st
Views
28,208
Comparisons
19,068
Reviews
12
Average Words per Review
384
Avg. Rating
8.3
1st
Views
7,641
Comparisons
3,829
Reviews
31
Average Words per Review
650
Avg. Rating
8.0
Top Comparisons
Compared 15% of the time.
Also Known As
Cisco ISEQuest One Identity Manager, Dell One Identity Manager
Learn
Cisco
One Identity
Overview
Identity Services Engine is a security policy management platform that automates and enforces context-aware security access to network resources. It delivers superior user and device visibility to support enterprise mobility experiences and to control access. It shares data with integrated partner solutions to accelerate their capabilities to identify, mitigate, and remediate threats.

One Identity Manager helps you mitigate risk, secure data, meet uptime requirements and satisfy compliance by giving your users access to data and applications they need and nothing more. IAM can be driven by business needs, not IT capabilities. With Identity Manager, you can manage user identities, privileges and security across the enterprise, putting you in control of identity management and taking the burden off your IT staff.

Offer
Learn more about Cisco ISE (Identity Services Engine)
Learn more about One Identity Manager
Sample Customers
Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau UniversityTexas A&M, Sky Media, BHF Bank, Swiss Post, Union Investment, Wayne State University. More at OneIdentity.com/casestudies
Top Industries
REVIEWERS
Comms Service Provider29%
Government18%
Software R&D Company12%
Construction Company6%
VISITORS READING REVIEWS
Software R&D Company26%
Comms Service Provider23%
Government9%
Manufacturing Company5%
REVIEWERS
Financial Services Firm39%
Manufacturing Company13%
Healthcare Company13%
University9%
VISITORS READING REVIEWS
Software R&D Company30%
Comms Service Provider13%
Financial Services Firm8%
Media Company6%
Find out what your peers are saying about Cisco, ForeScout, Aruba Networks and others in Network Access Control. Updated: March 2020.
408,154 professionals have used our research since 2012.
We monitor all Network Access Control reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.