Cisco ISE (Identity Services Engine) vs One Identity Manager comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Cisco ISE (Identity Services Engine) and One Identity Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, HPE Aruba Networking, Forescout and others in Network Access Control (NAC).
To learn more, read our detailed Network Access Control (NAC) Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Our clients like Cisco ISE because they already use various Cisco solutions. It's easy for them to use this solution because they have an engineer with Cisco certifications.""Among the most valuable features is TACACS.""The TACACS and RADIUS have been the most valuable features so far.""The most valuable feature is the ASDM - the user interface makes it very easy to configure the firewall.""The product is stable.""Stable network administration solution that can be installed easily, and comes with fast technical support.""We have seen ROI. It has done its job. It has protected us when we needed it to.""The most valuable feature of Cisco ISE is its seamless integration with the switches and the entire suite, enabling wireless access and smooth client information retrieval."

More Cisco ISE (Identity Services Engine) Pros →

"For me, personally, the automation is the most valuable feature. I don't have to do things manually, like creating user accounts and provisioning them to the target systems.""At the time of the onboarding, this is solution that we have interfacing with HR. On the same day an employee is hired, an account is created and available for the manager when the end user arrives. The opposite is true. The moment employment is terminated, the same day everything is disabled, then later deleted.""The biggest improvement has been the auditing. Now we have a record of what the users have, what the users have requested and when, and when things were approved. It's all in the same system.""The product is flexible. For example, it offers cloud features.""The most valuable feature of One Identity Manager is its object-oriented architecture.""This is almost a complete solution for us.""The most valuable features include the automated attestations or recertification... The time that people have to focus on their real jobs and not spend it doing recertifications is huge.""We have been able to make our help desk self-sufficient by giving them role-based access. We have been able to reduce service dependency by 40% to 50%."

More One Identity Manager Pros →

Cons
"They should improve the documentation. There tends to be a lot of old text, or the new things aren't always up to what's been released on the code, and sometimes the documentation is inconsistent.""Troubleshooting and multi-ISE can be challenging with the solution.""There are always some things that I would request.""I would like to see integration with other vendors, and the RADIUS integration needs to be improved a little bit.""Also, the menus could have been much simpler. There are many redundant things. That's a problem with all Cisco solutions. There are too many menus and redundant things on all of them.""The templates could be better. When you have to do certs, especially with X.500 certs, it isn't very intuitive.""With the recent release of the solution, we had a bunch of bugs and we had to delay our deployment. Other than that, the solution is good.""The knocks I have against the product are the number of bugs that we encounter, constantly, and the amount of upgrading that we have to do."

More Cisco ISE (Identity Services Engine) Cons →

"Integration with various applications should be made smoother. It is very difficult right now for regular implementers. Access reviews are another thing that is not that good in the solution. It needs improvement.""There are several smaller parts of the tool that have room for improvement.""Their technical support's attitude is a bit strange. Quite often, we have to prove that there is a problem with the product rather than having them prove that there is not a problem with the product.""There are a few aspects of One Identity Manager's user experience that could be improved.""It is a very powerful solution, but when it comes to doing some complex parameterization or authorization, we end up coding. Comparatively, CA solutions require less coding. It is more powerful than the CA solutions, but you end up with coding in VB.Net or C#. Complex parameterization could be better from their side.""Having new features for web developers in the One Identity Manager shop is an area for improvement. Another area for improvement in the tool is its ServiceNow connection as ServiceNow is a major ITSM system player, but the current out-of-the-box feature proposed by One Identity Manager can only make simple incident requests to the system. My company is now in full ICL design, so it prefers for all concerns or requests to be sent properly to ServiceNow, so my company can have better control over the incident requests and be able to sort those out. The tool fits all my needs today, except for the ServiceNow connector. That's the only additional feature I'd like to see in the next release of One Identity Manager.""The user experience is good, but it can be improved. There are a lot of features in the administration part, and they need better documentation. For example, they need to explain the main reason for a feature, and what the tables are in the database. It needs better documentation about all the features that are in the solution.""A feature that I would like to see is a mobile app that provides users the ability to make changes or add users to the Active Directory, on the fly."

More One Identity Manager Cons →

Pricing and Cost Advice
  • "There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs."
  • "If you go directly with Cisco for the implementation it's very, very expensive."
  • "The SMARTnet technical support is available at an additional cost."
  • "For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."
  • "The price for Cisco ISE is high."
  • "The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution."
  • "There are other cheaper options available."
  • "The price is okay."
  • More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →

  • "Start with an operations team that is motivated to learn a lot in a short period of time. The longer you wait, the more expensive it will be to get the right level of expertise in this area."
  • "There are old processes that are really great for some people and look like pieces of artwork. However, the maintenance of them is really expensive."
  • "The solution is flexible, in general. You can define the parts of the solution that you want to use, and it won't affect the price."
  • "We have the premium support and are very satisfied. They are always answer our questions very quickly. For the moment, we are very satisfied, but I think it's because we are paying for the premium support."
  • "It helps us save on licenses for applications because we are following the account lifecycle, as well as account reactivation."
  • "We are paying for premium support, which is expensive. However, we do receive very good, fast support."
  • "It needs flexibility in the licensing or packaging, because you buy the entire package at once, and sometimes the customers are a bit overwhelmed with whatever they get. I would like if they could cut the licensing or packaging into somewhat smaller things."
  • "It has helped to reduce customer costs."
  • More One Identity Manager Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely… more »
    Top Answer:OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers… more »
    Top Answer:Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user… more »
    Top Answer:One Identity Manager offers several features that I found advantageous compared to other tools.
    Top Answer:One Identity Manager has a reasonable price point. Given the features and functionality it provides, the cost is justified.
    Top Answer:One area where One Identity Manager could be improved is in database performance. When handling a large number of users, I believe that built-in indexing or other optimizations would be beneficial… more »
    Ranking
    Views
    24,825
    Comparisons
    16,525
    Reviews
    74
    Average Words per Review
    756
    Rating
    8.5
    3rd
    Views
    5,185
    Comparisons
    2,929
    Reviews
    29
    Average Words per Review
    980
    Rating
    8.2
    Comparisons
    Also Known As
    Cisco ISE
    Quest One Identity Manager, Dell One Identity Manager
    Learn More
    Overview

    Cisco ISE is an all-in-one solution that streamlines security policy management and reduces operating costs. Cisco ISE delivers visibility and access control over users and devices across wired, wireless, and VPN connections.

    Identity Services Engine enables enterprises to deliver secure network access to users and devices. It shares contextual data, such as threats and vulnerabilities, with integrated solutions from Cisco technology partners. You can see what is happening in your network, which applications are running, and more.

    Features of Cisco ISE

    • Centralized management helps administrators configure and manage user profile characteristics - a single pane of glass for integrated management services.
    • Contextual identity and business policy: The rule-based attribute is a driven policy model. The goal is to provide flexible access control policies.
    • Wide range of access control options, including Virtual LAN (VLAN) URL redirections, and access control lists.
    • Supplicant-less network access: You can roll out secure network access by deriving authentication from login information across application layers.
    • Guest lifecycle management streamlines the experience for implementing and customizing network access for guests.
    • Built-in AAA services: The platform uses standard RADIUS protocol for authentication, authorization, and accounting.
    • Device auditing, administration, and access control provide users with access on a need-to-know and need-to-act basis. It keeps audit trails for every change in the network.
    • Device profiling: ISE features predefined device templates for different types of endpoints.
    • Internal certificate authority: Qn easy-to-deploy single console to manage endpoints and certificates.

    Benefits of Cisco ISE

    Cisco’s holistic approach to network access security has several advantages:

    • Context-based access based on your company policies. ISE creates a complete contextual identity, including attributes such as user, time, location, threat, access type, and vulnerability. This contextual identity is used to enforce a secure access policy. Administrators can apply strict control over how and when endpoints are allowed in the network.
    • Better network visibility via an easy-to-use, simple console. In addition, visibility is improved by storing a detailed attribute history of all endpoints connected to the network.
    • Comprehensive policy enforcement. ISE sets easy and flexible access rules. These rules are controlled from a central console that enforces them across the network and security infrastructure. You can define policies that differentiate between registered users and guests. The system uses group tags that enable access control on business rules instead of IP addresses.
    • Self-service device onboarding enables the enterprise to implement a Bring-Your-Own-Device (BYOD) policy securely. Users can manage their devices according to the policies defined by IT administrators. (IT remains in charge of provisioning and posturing to comply with security policies.)
    • Consistent guest experiences: You can provide guests with different levels of access from different connections. You can customize guest portals via a cloud-delivered portal editor with dynamic visual tools.

    Support

    You can get ISE as a physical or virtual appliance. Both deployments can create ISE clusters that create scale, redundancy, and requirements.

    Licensing

    Cisco ISE has four primary licences. Evaluation for up to 100 endpoints with full platform functionality. The higher tiers are Partner, Advantage and Essential.

    Reviews from Real Users

    "The user experience of the solution is great. It's a very transparent system. according to a PeerSpot user in Cyber Security at a manufacturing company.

    Omar Z., Network & Security Engineer at an engineering company, feels that "The RADIUS Server holds the most value."

    “Whether I deploy in China, the US, South Africa, or wherever, I can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability," says Rammohan M., Senior Consultant at a tech services company.

    Hassan A.,Technology Manager at Advanced Integrated Systems, says that "The most valuable feature is the integration with StealthWatch and DNA as one fabric."




    One Identity Manager is a value-added and trusted active directory management and user provisioning software solution. One Identity Manager administers and protects an organization’s data and users, minimizes threats, and ensures that compliance regulations are consistently satisfied.

    Users will have access to the data and applications they need when they need them. One Identity can be used on premises, in the cloud, and also with hybrid options. One Identity Manager is able to easily combine strict governance compliance regulations and rigorous security protocols to keep business enterprises secure and functional today and into the future. One Identity Manager is also a robust, scalable identity governance and administration (IGA) solution. The solution is designed to meet the changing needs of a growing dynamic business enterprise, and not be limited or left vulnerable by IT department constricts.

    One Identity consistently provides robust security solutions that facilitate a strong secure enterprise where the users, applications, and critical data are safe and secure. The unified identity security platform provides identity governance and administration (IGA), privileged access management (PAM), active directory management and security (ADMS), and identity and access management (IAM) processes to ensure an aggressive stance on security for today’s dynamic enterprise organizations.

    One Identity is used by more than 11,000 organizations worldwide managing over five hundred million plus identities.

    One Identity Manager Features

    • Self-service options: Organizations save time and are able to get tasks completed easily. Users can request permissions or access and receive predetermined approval based on role assignments.

    • Password management: Organizations can easily reset user passwords based on established organizational protocols. Password policies can be determined according to user roles and assignments.

    • Governance: One Identity Manager offers complete visibility regarding data access, such as who has access, when the access was given, and the reasons why access was given. The solution delivers clear reporting to comply with any regulatory requirements.

    • SAP certified: Users are able to amplify existing SAP security protocols and seamlessly connect accounts under governance. One Identity Manager is a complete identity access solution.

    • Reporting: One Identity Manager delivers reliable reporting regarding user access and privileged access to an organization's network. The reporting can satisfy all government and regulatory compliance standards.

    • Connectors: One Identity Manager’s significant amount of available connectors enable organizations to easily extend identity governance to the cloud and will ensure cloud application time is minimized significantly.

    Reviews from Real Users

    The initial setup process for an employee is straightforward. We set up processes for user accounts and we can add other processes to them. Our goal is to automate all user-permission and user-administration processes with One Identity and we are doing that more and more.” - Marc H., IT Architect at a tech services company

    “The most valuable features are that it has a lot of capabilities, can integrate with a lot of systems, including automated onboarding like CyberArk, and allows you to integrate different entities.” - Security Consultant at a financial services firm

    Sample Customers
    Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
    Texas A&M, Sky Media, BHF Bank, Swiss Post, Union Investment, Wayne State University. More at OneIdentity.com/casestudies
    Top Industries
    REVIEWERS
    Financial Services Firm13%
    Government11%
    Comms Service Provider11%
    Computer Software Company11%
    VISITORS READING REVIEWS
    Educational Organization23%
    Computer Software Company16%
    Government8%
    Financial Services Firm7%
    REVIEWERS
    Financial Services Firm38%
    Manufacturing Company10%
    Healthcare Company10%
    Construction Company8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Government9%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business24%
    Midsize Enterprise21%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise32%
    Large Enterprise52%
    REVIEWERS
    Small Business29%
    Midsize Enterprise6%
    Large Enterprise65%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise64%
    Buyer's Guide
    Network Access Control (NAC)
    March 2024
    Find out what your peers are saying about Cisco, HPE Aruba Networking, Forescout and others in Network Access Control (NAC). Updated: March 2024.
    765,234 professionals have used our research since 2012.

    Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 135 reviews while One Identity Manager is ranked 3rd in Identity Management (IM) with 74 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while One Identity Manager is rated 8.0. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of One Identity Manager writes "The JML is customizable but the support team isn't strong". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and F5 BIG-IP Access Policy Manager (APM), whereas One Identity Manager is most compared with SailPoint IdentityIQ, Oracle Identity Governance, EVOLVEUM midPoint, ForgeRock and One Identity Active Roles.

    We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.