Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager comparison

The compared Cisco and Broadcom solutions aren't in the same category. Cisco is ranked #2 in NAC , with an average rating of 7.6, and holds a 21.7% mindshare in the category. Broadcom is ranked #18 in PAM , with an average rating of 8.5, and holds a 1.6% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 85% of Broadcom users who would recommend it.
Cisco Identity Services Eng...
Read 144 Cisco Identity Services Engine (ISE) reviews
  • 15,070 Views
  • 9,796 Comparison Views
87% willing to recommend
Symantec Privileged Access ...
Read 53 Symantec Privileged Access Manager reviews
  • 1,773 Views
  • 1,383 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Hewlett Packard Enterprise, Cisco, Fortinet and others in Network Access Control (NAC).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Network Access Control (NAC) Report (Updated: February 2026).
Buyer's Guide
Network Access Control (NAC)
February 2026
Download the complete report
Helped 884,933 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Identity Services Eng...
Average Rating
8.2
Reviews Sentiment
6.6
Number of Reviews
144
Ranking in other categories
Network Access Control (NAC) (2nd), Cisco Security Portfolio (4th)
Symantec Privileged Access ...
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
53
Ranking in other categories
Privileged Access Management (PAM) (18th)
 

Mindshare comparison

Cisco Identity Services Engine (ISE) and Symantec Privileged Access Manager aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 21.7%, down 27.1% compared to last year.
Symantec Privileged Access Manager, on the other hand, focuses on Privileged Access Management (PAM), holds 1.6% mindshare, up 1.5% since last year.
Network Access Control (NAC) Mindshare Distribution
ProductMindshare (%)
Cisco Identity Services Engine (ISE)21.7%
Aruba ClearPass20.8%
Fortinet FortiNAC15.0%
Other42.5%
Network Access Control (NAC)
Privileged Access Management (PAM) Mindshare Distribution
ProductMindshare (%)
Symantec Privileged Access Manager1.6%
CyberArk Privileged Access Manager11.4%
Delinea Secret Server4.9%
Other82.1%
Privileged Access Management (PAM)
 

Featured Reviews

NF
NicolasFigaro
Network and Technology Information Manager at Akkodis
Has improved authentication management and simplified visitor network access
The log capacity in Cisco Identity Services Engine (ISE) could be enhanced because today natively on the ISE can only have a look at the logs from the day before. You cannot search into the oldest logs; you have to use another tool for that. This can be blocking if you don't have any log consolidation solution. To do a search for an issue or something that happened two days ago, you cannot search directly in there. The capacity of Cisco Identity Services Engine (ISE) could be enhanced. Something between one week and one month for the log capacity would be nice.
Read full review
Muzi Lubisi - PeerSpot reviewer
Muzi Lubisi
Senior technical Consultant at CA Africa
Secure management of sensitive servers and seamless applications with direct linking
The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I love the policy sets, they are really nice and dynamic."
"I found the CMDB Direct Connect in Cisco ISE 3.2 the most promising feature for my use case."
"SGTs are valuable because they make it easy to enforce policies, instead of pushing them across all the other platforms."
"It does what it's supposed to. We use a certificate-based authentication method for corporate-managed devices. That means when a user walks in with their managed laptop and plugs it into the network, it chats with Cisco ISE in the background, allows it on the network, and away they go."
"Not having to trust devices and being able to set those levels of trust and more finely control our network is a benefit."
"Cisco ISE now competes with any other product in the space because of its centralized and unified highly secure access control with ISE."
"The endpoint profiling feature is among the most valuable because it keeps me from having to manually maintain a MAC address bypass list to track endpoints. I can have ISE profile them for me and then put them in the right bucket."
"Cisco ISE integrates with everything else."
More Cisco Identity Services Engine (ISE) pros
"On the access management side, our system administrators, under privileged management, don't have to use their local tools to log on to the production servers, because they log on to a web interface that makes the access more secure and keeps the sessions strictly between the production servers and the IA PAM."
"Used for securing privileged accounts."
"The credential injection feature is highly valued, particularly for RDP sessions."
"The DB clustering is a really good benefit of using CA PAM."
"The exposure of sensitive usernames and passwords has been limited in a massive way."
"According to the users who have actually used CyberArk and CA PAM, they have said that CA PAM is ten times easier to use and manage."
"Transparent login for users of privileged IDs (Linux, Windows). This prevents sharing of the password because it is never seen."
"The most important feature is that we do not need to know the passwords any more; just having access to the end point; and that it’s easy to manage users and the account."
More Symantec Privileged Access Manager pros
 

Cons

"Migration could be better. Right now, we back up with the new version, and it requires a lot of licensing and other things. Whenever we choose a product, it's very difficult because we have to meet the requirements of each feature. There is no standard feature, so the best system that we bought may not fit the solution. We have to look at every feature that the customer uses. If you compare it with other products like Aruba, it's not the same. With Cisco, I have to read all about the features on this version and the licensing required for the product. In Aruba, that thing is covered when you get one license because it covers almost everything. It could also be more scalable."
"Cisco could improve the GUIs on their hardware."
"There are still some bugs in ISE that need to be worked out."
"Difficult to figure out the protocols and nodes in order to implement correctly."
"The log capacity in Cisco Identity Services Engine (ISE) could be enhanced because today natively on the ISE can only have a look at the logs from the day before."
"It is a good product, but in order to use all of the functions of the product, you must have a good understanding of the product. You must know how to use and manage it. It is a little bit complicated to configure and manage. It must be simplified to make it easy to manage for end users. In the initial stage, we found ISE complicated for end users. It was not easy to manage it or to write authentication and authorization protocol. They must improve its management and make it easy for end users. The monitoring and reporting capabilities can be improved because end users want to quickly see what is happening in their network. There were some restrictions in working with other vendors. It should also have a better and easy integration with other vendors."
"It should be virtualized because many people have begun migrating to the cloud. They should offer a hybrid version."
"Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times."
More Cisco Identity Services Engine (ISE) cons
"The integration with AS/400 Endpoint via Transparent Login could be better and useful for some users."
"Reporting. It's difficult to locate the reports, there are limits on what reports can be run from the GUI, and the report formats are lacking."
"Evaluations are not just about features and functions of this specific product, but it is taking that holistic view around what else we can get out of it in the next three to five years."
"We have to do a lot of manual work to automate features."
"The product has not improved our organization."
"The management console could be improved."
"When there are new patches or upgrades, they need to test the new release well so it will not break the functional parts."
"The user interface and dependence on applets and Windows could use some improvement."
More Symantec Privileged Access Manager cons
 

Pricing and Cost Advice

"The price is okay."
"The SMARTnet technical support is available at an additional cost."
"The solution is not that cheap."
"That's where things got a bit more complicated. Previously, it was a one-time purchase and we just had to renew support. These days, there's a subscription model, which is supposed to be easier and cheaper as well, but it's more pricey"
"Cybersecurity resilience has been very important to our organization and has been a big factor. We've had issues in the past, but one of the things I like about ISE is its logging features. Security wise or information wise, it really has been a powerful tool."
"I don't know too much about the actual pricing on it. The licensing part is pretty straightforward. It's a lot more simple than some of the other Cisco licensing models. In that aspect, it's great."
"For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."
"Its price is probably good if you use all of its features and functionalities to protect your environment. If you use only a part of the functionality, its price is too high. It is just a question of value and the functionality you use."
More Cisco Identity Services Engine (ISE) pricing and cost advice
"Cost-wise, CA was better compared to others in the market. ​"
"It is more expensive than other solutions on the market."
"It is reasonably priced."
"Pricing is fair compared to other top vendors."
"The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution."
"They offer per-device, per-user, or monthly and yearly licensing models."
"The version we are using is affordable compared to BeyondTrust, which is maybe three to four times as expensive, but it depends on the features."
"The licensing is simple and scalable."
More Symantec Privileged Access Manager pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
See recommendations
884,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
11%
Computer Software Company
9%
Financial Services Firm
9%
Government
8%
Marketing Services Firm
10%
Comms Service Provider
10%
Computer Software Company
9%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise32
Large Enterprise91
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise6
Large Enterprise30
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
See all answers
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
See all answers
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
See all answers
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I would rate it as an eight and a half out of ten.
See all answers
What needs improvement with Symantec Privileged Access Manager?
Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handl...
See all answers
What is your primary use case for Symantec Privileged Access Manager?
With the customers that I have so far, I help them broker RDP sessions to sensitive servers, particularly those that manage aspects like physical access. I have also done it for backend databases, ...
See all answers
 

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE) Logo
Aruba ClearPass vs Cisco Identity Services Engine (ISE)
Compared 25% of the time
Fortinet FortiNAC vs Cisco Identity Services Engine (ISE) Logo
Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)
Compared 17% of the time
Forescout Platform vs Cisco Identity Services Engine (ISE) Logo
Forescout Platform vs Cisco Identity Services Engine (ISE)
Compared 7% of the time
CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE) Logo
CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)
Compared 3% of the time
Portnox vs Cisco Identity Services Engine (ISE) Logo
Portnox vs Cisco Identity Services Engine (ISE)
Compared 3% of the time
More Cisco Identity Services Engine (ISE) Competitors
CyberArk Privileged Access Manager vs Symantec Privileged Access Manager Logo
CyberArk Privileged Access Manager vs Symantec Privileged Access Manager
Compared 24% of the time
ARCON Privileged Access Management vs Symantec Privileged Access Manager Logo
ARCON Privileged Access Management vs Symantec Privileged Access Manager
Compared 15% of the time
BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager Logo
BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager
Compared 10% of the time
Delinea Secret Server vs Symantec Privileged Access Manager Logo
Delinea Secret Server vs Symantec Privileged Access Manager
Compared 9% of the time
One Identity Safeguard vs Symantec Privileged Access Manager Logo
One Identity Safeguard vs Symantec Privileged Access Manager
Compared 8% of the time
More Symantec Privileged Access Manager Competitors
 

Product Reports

Buyer's Guide
Cisco Identity Services Engine (ISE)
March 2026
Cisco Identity Services Engine (ISE) reportDownload Cisco Identity Services Engine (ISE) product report
Buyer's Guide
Symantec Privileged Access Manager
February 2026
Symantec Privileged Access Manager reportDownload Symantec Privileged Access Manager product report
 

Also Known As

Cisco ISE
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

Cisco Identity Services Engine offers robust authentication, posture profiling, guest and secure access, and dynamic policy management. Known for its seamless integration with Cisco tools and network access control features, it ensures secure device and user authentication across networks.

Cisco Identity Services Engine is renowned for its capabilities in managing authentication, guest access, and policy management through segmentation. Its TrustSec functionality, alongside RADIUS and TACACS+ support, provides enhanced security, further augmented by its ability to operate in diverse environments. Its scalability and integration with Cisco solutions aid in maintaining network visibility and access control. Challenges include the complexity of initial deployments, somewhat cumbersome documentation, and limited integration in multi-vendor environments. While encountering issues in stability and updates, the demand for better analytics and straightforward troubleshooting alongside cost-effective licensing is notable.

What are the key features of Cisco Identity Services Engine?
  • Authentication: Secures user and device access to networks using robust authentication protocols.
  • Posture Profiling: Provides in-depth analysis of device compliance with security policies.
  • Guest Access Management: Allows controlled network access for guest users through streamlined processes.
  • Dynamic Policy Management: Enables automatic adjustment of security policies based on real-time data.
  • Segmentation via TrustSec: Enhances security levels by segmenting network traffic based on identity.
What benefits or ROI should users expect from Cisco Identity Services Engine?
  • Comprehensive Security: Ensures enforceable security policies across network access points.
  • Enhanced Integration: Facilitates seamless collaboration with existing Cisco infrastructures.
  • Improved Compliance: Helps meet industry security standards for network access and user rights.
  • Increased Visibility: Provides detailed insights into network traffic and user activities.
  • Device Management Efficiency: Streamlines the process of managing diverse devices within a single framework.

Industries implement Cisco Identity Services Engine primarily for network access control, ensuring secure authentication and segmentation in both wired and wireless environments. Supporting policies like bring-your-own-device and compliance standards, ISE manages identity-based access control, especially beneficial for entities that require detailed user rights management and integration within enterprise networks.

Cisco

CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources.  It includes CA PAM Server Control (previously CA Privileged Identity Manager) for fine-grained protection of critical servers

Broadcom
 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
NEOVERA, Telesis, eSoft
Buyer's Guide
Network Access Control (NAC)
February 2026
Download Free Report
Find out what your peers are saying about Hewlett Packard Enterprise, Cisco, Fortinet and others in Network Access Control (NAC). Updated: February 2026.
DOWNLOAD NOW
884,933 professionals have used our research since 2012.

We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.