Cisco Identity Services Engine (ISE) Reviews

We use this solution for both wired and wireless network access control. We have deployed it in a bank, government offices, and some universities.

I have found that all of the features are valuable.

It is very easy to deploy because we are able to port users directly from Active Directory (AD) and LDAP.

In an upcoming release, the solution needs to be more agentless and more independent. Additionally, there could be improved integration with other next-generation solutions, such as Palo Alto, Fortinet, or Check Point.

I have been using this solution for approximately nine years.

The solution takes a while to get up and running before it becomes stable. There is a lot of fine-tuning that needs to be done to make sure that users are authenticated properly and not denied access. I have had the experience of redeploying the ISE several times because of false denial of services or access to services but once it is configured correctly the stability is fine.

I have found this solution is scalable, especially the latest versions. The older versions, have to have some additions in order to make them scalable. However, I think they have resolved this issue.

We have had customers of all business sizes using this solution, from small to enterprise companies.

The community support is satisfactory, it is very easy to get support. You can find any documentation and support within the community. 

The deployment takes a long time. Additionally, if you want to integrate the solution with AD and LDAP you will need someone that is very experienced. It is a good feature to have but it is complex to integrate.

We have had experience deploying this solution to small, medium, and enterprise size companies.

This solution requires an annual license and it is a bit expensive than competitors.

I rate Cisco ISE (Identity Services Engine) an eight out of ten.

The way we can trust this solution is the most valuable. We have no issue with this product. It is a competitive product. You need to have a very good and deep knowledge of the product to take the full benefits of all the features, but it is a good product.

It is too complex. It should be easy to use. We are not such a big team. We only have three engineers to work with this, and we don't use all of the functionality of the product. Its range of functionality is too wide for us, and this is the reason why we are thinking of switching to a more simple product. We have shortlisted a Microsoft solution. We have a big footprint for Microsoft products, especially in security. As a global strategy, we try to leverage to the maximum what is possible around Microsoft.

This product was installed before I joined this company. It would be six years or something like that. We are probably two versions behind the latest one.

It is stable.

Their technical support is good. Cisco support is good.

I was not there, but I think the company had a services company that helped them in implementing it. It was easy because we only had to give them the requirements and their engineers did it for us. After they finished their mission, we started to deal with this solution, but it is too complex for a company of our size.

Its price is probably good if you use all of its features and functionalities to protect your environment. If you use only a part of the functionality, its price is too high. It is just a question of value and the functionality you use.

I would advise others to make sure that you have the knowledge of this solution to get the full benefits of all the features, and you are able to use it on a daily basis.

I would rate Cisco ISE a six out of ten. Its functionality is too wide for our company. 

The primary use case is to have network access control and automation to integrate with the enterprise network. It also helps provide a method to make segmentations between users and enable access control.

Cisco ISE has provided more mobility for the organization while controlling access no matter how the users connect to the network.

I like the guest access feature, which has been important for us. The BYOD feature is also good. 

Segmentation can be improved. They can also improve security policies for each group of users, and automation can also be better. The software interface could be better. They should make it easier for users to find features.

I have been working with Cisco ISE for more than three years, but in general, I have more than 20 years of experience working with Cisco.

Cisco ISE is a stable solution.

Cisco ISE is very scalable.

Cisco technical support is very good.

The initial setup is complex, and you can't easily find the features you want.

If we're talking about a medium enterprise and there is a greenfield, it can take between one or two weeks.

I think the price is okay.

I advise new users to go through the admin guides for implementation and follow the script very carefully.

On a scale from one to ten, I would give Cisco ISE an eight.

We are a solution provider and we provide Cisco products, including ISE, to our customers.

This product is used to facilitate the connection of a local network to wireless access. This allows us to restrict users and their access.

This product allows them to see the traffic that is going through the network.

It is stable and easy to use.

The user interface can be improved.

I have been using Cisco ISE for approximately three years.

Cisco ISE is stable.

This is a scalable solution. There are more than 500 users in my client's organization.

The technical support from Cisco is very good

ISE is very easy to configure, although it takes time because we have to take input from the customer. It will take about two days to implement and deploy.

We have a consultant to assist with deployment. A team of four engineers is required for deployment and maintenance.

The price is okay.

As of now, this product is working fine.

I would rate this solution a ten out of ten.

The company implemented the solution to keep track of wired and wireless devices.

One of the most important features is the authentication security for the individual connection to the network through their computer or laptop. The solution is very complete overall.

There should be better documentation on the implementation of the solution. I learned how to implement it from watching videos. I felt the documentation was too complicated and I also learn better from watching videos.

In my experience, there needs to be better documentation for firewall integration as well, we had some trouble early on.

I have been using the solution over the last year.

A co-worker of mine had some issues with the solution crashing unexpectantly or some processes went down. 

We are using the solution with around 200 people and we had no problems with scalability. Most of our clients are small businesses.

The customer server was great but it would have been better for me if they had support in other languages such as Spanish. It was difficult for me to communicate in English.

The setup was easy for this solution.

We implemented the solution.

There are other cheaper options available.

We did evaluate Aruba ClearPass before the client picked Cisco ISE. I had suggested ClearPass because it was cheaper but the client decided to go with Cisco regardless.

Our clients and my company plan to continue the use of the solution in the future.

I rate Cisco ISE (Identity Services Engine) a ten out of ten.

One of the use cases was the certificate-based authentication for the endpoints. All the laptops and mobiles are embedded with certificates and once they get authenticated, then only they would be able to connect to the LAN. 

The other use case was the NAC use case wherein the integrity of the laptops and mobile and such were checked before the scan. They fulfill the policy requirements and then they are able to connect to the network.

The third use case was the consolidated access control management for all the network devices and security devices. 

It's flexible and stable. It's been good as a standard environment to run.

It was implemented in my last organization and we used it for three years. We are evaluating and will be implementing it in a couple of months at my current organization. 

It is stable and scalable. We have 5,000 to 6,000 users. 

Technical support is good because the partner is quite competent so we have all the support that is required.

The initial setup was a little bit complex. It's not that simple because it requires a lot of prerequisites for the solution to get a hold on. So the prerequisites and then onboarding all this like the landscape of endpoints was quite tedious. That was no surprise, because this is something which would be with other products as well. It took a long time for the implementation, but it's been rock stable now.

The deployment took six to seven months. 

We had consultants and we had a partner for the deployment. The system integrator was involved with the roll out.

The management part is much smoother. It takes care of all the costs across branded devices as well, so that it is a single panel we can manage all the end-to-end entry devices as well. That's something would be really good for Cisco ISE product.

I would recommend Cisco ISE. I would rate it an eight out of ten. I would like it to be more stable. 

The interconnection with the ecosystem and the ability to force rules all over the network are the most important features.

It is a good product, but in order to use all of the functions of the product, you must have a good understanding of the product. You must know how to use and manage it. It is a little bit complicated to configure and manage. It must be simplified to make it easy to manage for end users. In the initial stage, we found ISE complicated for end users. It was not easy to manage it or to write authentication and authorization protocol. They must improve its management and make it easy for end users. 

The monitoring and reporting capabilities can be improved because end users want to quickly see what is happening in their network. There were some restrictions in working with other vendors. It should also have a better and easy integration with other vendors. 

I have been using this solution for five or six years.

It is a stable product.

It is scalable.

It has good technical support. We also have local support now, which is better. There is no problem with their technical support. 

People who are experts should deploy such products. In order to preserve the reputation, a product must be set up with the help of a talented or expert person because when you set up, deploy, or install the product in a wrong way, it gives negative feedback to customers.

The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution.

I would rate Cisco ISE an eight out of ten.

We are a system integrator and Cisco ISE is one of the products that we sell and implement at our customers side. I have built ISE's POC and provided training to our customers.

I also used real rent lab which was including; Active Directory integration, network access and core switches, access points, wireless access controller, and end points. (some end points have cisco client - anyconnect, and have not), and Web Server for creating wireless authentication portal solution end to end

The AAA features were awesome and have important attributes, and also the security groups (SGTs) concept to enforce policies for each group of users, regardless they coming via wired or wireless network devices. also i see the guest authentication is very rich and easy tom implement 

Cisco ISE offer one central point to create different policies for different group of users and enforce policies to each entity regardless it connected to network through wired or wireless network devices. it provide in this way more mobility and wireless-wired converged network. Also it integrates very well with network devices to control ports configurations services authentication and authorization. ISE also integrate with DNA center and stealthwatch to enable customer have SDN (Software defined Network) Fabric. 

Combines authentication,authorization,accounting(AAA),posture,and profilerinto one appliance

Provides for comprehensive guest access management for Cisco ISE administrators.

Enforces endpoint compliance by providing comprehensive client provisioning measures and assessing the device posture for all endpoints that access the network,including 802.1X Environments

EmploysadvancedenforcementcapabilitiesincludingTrustsecthroughthe use of SecurityGroup Tags(SGTs) and Security Group Access Control Lists (SGACLs)• Supports scalability to support a number of deployment scenarios from small office to large enterprise environments

The ISE software needs to be improved  in role to be easier to administer. SOftware enhancement required to have easier way to find the featured required to implement and also need enhancement of features sorting. Completing processes can be complex when try to implement some solutions. also steps are complex and the troubleshooting as well. As an example, if you intend to make AAA policy and enforce it on a group of users, you will find the software very confusing................................

I have been using Cisco ISE for three months.

We did not use another similar solution prior to this one.

The initial setup was fine.

The price for Cisco ISE is high.

We did not evaluate other options before adopting this solution.

To be clear, I'm not an expert in networking, so I'm pretty much like a user.

I really like the guest WiFi. Those kinds of features are pretty convenient. When I have a guest in the form of a third party, I can grant access to the guest for a certain period of time and have a dynamic password generated. It's great.

The user experience of the solution is great. It's a very transparent system.

As I treat the system basically as a user would, and am not overly technical, I can't say what features, if any, the solution is missing.

I'm working from China currently and the only real issue is that, within the country, there's some concern around Cisco and its ability to offer the solution for the long term. As the United States has banned the Huawei version in their country, we feel there may be retaliation in ours and Cisco will get banned as a countermeasure from the government. The future of Cisco in China is in question. Our local partners are worried about the situation.

To be perfectly frank, I'm unsure of the exact amount of time we've used the solution. It's been a number of years. I've basically lost count.

The stability, from a users' perspective, is very good. I haven't encountered any issues before, and we've used it for quite a long time. It doesn't freeze. It doesn't crash. There aren't bugs or glitches. It's pretty reliable overall.

I'm not sure how many users are on the solution ultimately. Our reach is pretty global. I'm not with the network team, so I can't speak to the ability for the solution to scale.

As I'm not a member of the network team, I've never had to reach out to technical support. I don't know if they do or how often or how Cisco's technical support ultimately is. I've never dealt with them directly. I can't speak to the quality of their service.

I'm not a member of the network team, so I didn't participate in the implementation process. I can't speak to how straightforward or complex it was.

We're just a customer. We're in the manufacturing industry, not IT. We don't have a business relationship with IBM.

We try to keep up with the latest upgrades, therefore, I believe we are using the latest version of the solution.

From a non-technical user-based standpoint, I'd rate the solution ten out of ten. 

I'd recommend it, however, there is this ongoing concern in China at this time that Cisco could get banned in the ongoing trade war with the United States. That should be a concern for companies here. That may not be so much of a concern abroad.

The feature that I most like is that it can notify me whenever someone plugs in their device, which is not allowed. I get notifications for new laptop devices.

I think the user interface looks good compared to previous versions. 

The software is a little bit complicated to understand in the beginning, meaning the implementation. It needs proper documentation so that we can understand the options more easily.

I have only very recently using Cisco ISE, since about one and a half months ago.

We have our own team for the maintenance of this solution.

I am still implementing it. So far it has been one and a half months.

Cisco ISE is a good product, but it requires some technical knowledge and knowledge about network security.

One a scale from one to ten, I would rate Cisco ISE a six.

As I said, I have not implemented it 100%. Maybe once I implement it 100%, and I start using it in production, then I will rate it higher.