My main use case for Cisco Identity Services Engine (ISE) is providing MAC technology and Network Admission Control, which allows us to enforce authentication for users as we implement Zero Trust for cybersecurity to enhance our cybersecurity.

Also, the great feature of Cisco Identity Services Engine (ISE) is using posture, which allows us to deploy conditions per the device or checklist for any request to join a device to our network and also profiling.

For a specific example of how I'm using Cisco Identity Services Engine (ISE) for network admission control or posture assessment in my environment, we have implemented the AAA and 802.1X integrating Cisco Identity Services Engine (ISE) with our edge switches, so any user wanting to join the network must first enter a username and password from the domain controller. After this, the switch will ask Cisco Identity Services Engine (ISE) for this user, and Cisco Identity Services Engine (ISE) will ask the domain controller if this user already exists or not. Based on the existence of the username and password provided, we can permit or deny access. We are also providing posture assessment on the device, checking if antivirus is enabled, the version of antivirus, and if it is updated or not, along with whether it is allowing our service, for example, confirming if the required service is open or disabled. After evaluating these conditions, we either allow the device to join our network or deny access.

The best features that Cisco Identity Services Engine (ISE) offers are its usability. MAC solution or MAC technology and Network Admission Control as a native technology are very difficult, but Cisco Identity Services Engine (ISE) makes it easier for users to have MAC technology with a simplified GUI and a stable product.

The GUI and usability stand out for me compared to other solutions I've seen, such as Meraki and ClearPass from HP.

Cisco Identity Services Engine (ISE) has powerful integration capabilities, and we have already integrated it with WSA, also implementing the PXGrid feature from Cisco to enhance integration with our WSA and ESA.

Cisco Identity Services Engine (ISE) has positively impacted my organization by protecting our network from unauthorized access, providing guest access for our guests, managing all switches, and allowing us to implement TACACS on Cisco Identity Services Engine (ISE), where we can monitor the admins of the switches without needing to create admin accounts on every switch.

Cisco Identity Services Engine (ISE) could be improved by allowing us to switch back to the legacy license, as the new license model is more complicated, and Cisco Identity Services Engine (ISE) does not provide a legacy-based license.

I have been using Cisco Identity Services Engine (ISE) for about six months.

The most powerful benefit of Cisco Identity Services Engine (ISE) is its stability.

The most notable aspect of Cisco Identity Services Engine (ISE) is its scalability. You can run an all-in-one deployment and switch to distributed mode as your company grows, relying on Cisco Identity Services Engine (ISE) to support your scalability needs.

TAC support from Cisco is a notable feature; it provides very professional support, and you can rely on them to resolve issues effectively. I would rate the customer support a ten.

Cisco Identity Services Engine (ISE) is the only solution I have used.

I have noticed measurable improvements in security and efficiency since implementing Cisco Identity Services Engine (ISE), as we have increased security significantly compared to before and everything has changed in security after we implemented it.

I have seen a return on investment as we save time controlling all switches using Cisco Identity Services Engine (ISE) TACACS, and we also save money because we increased security, stopped incidents, and reduced breaches and security breaches.

My experience with pricing, setup cost, and licensing indicates that the legacy license of Cisco Identity Services Engine (ISE) is more usable and affordable. I believe Cisco needs to reconsider their new license model.

I did not evaluate other options before choosing Cisco Identity Services Engine (ISE).

My advice for others looking into using Cisco Identity Services Engine (ISE) is to be well-prepared before implementing a MAC solution by checking all of Cisco Identity Services Engine (ISE)'s features and deciding what you want to implement, such as posture, profiling, or access control with 802.1X. The GUI and usability stand out for me compared to other solutions I've seen, such as Meraki and ClearPass from HP. I would rate this review a ten overall.

I am working with switches, wireless, and SD-WAN solutions, but regarding the opinion itself, it depends what one would like to get.

For what we do, the most useful feature in Cisco Identity Services Engine (ISE) is RADIUS authentication. We are using the guest portal as well, the Wi-Fi guest portal capability from Cisco Identity Services Engine (ISE).

The Wi-Fi guest portal feature allows us to give access to non-company devices on the locations we have for visitors.

We use the Cisco Identity Services Engine (ISE) profiling feature to onboard new devices whenever they're connected and assign them the correct profiles. It was mostly used when the ISE was deployed, but it's still used.

The adaptability of Cisco Identity Services Engine (ISE) policy enforcement can fit to the site we have depending on which kind of devices we have on site and then the needs for authentication, granting access and then assigning each device into its correct network for segmentation.

For what we're doing so far, it's quite easy for us; we are not doing too much complicated stuff, so it's quite easy for us to onboard a new site into the current policy we have.

The most useful feature in Cisco Identity Services Engine (ISE) is RADIUS authentication. We are using the guest portal as well, the Wi-Fi guest portal capability from Cisco Identity Services Engine (ISE).

The Wi-Fi guest portal feature allows us to give access to non-company devices on the locations we have for visitors.

We use the Cisco Identity Services Engine (ISE) profiling feature to onboard new devices whenever they're connected and assign them the correct profiles. It was mostly used when ISE was deployed, but it's still used.

The adaptability of Cisco Identity Services Engine (ISE) policy enforcement can fit to the site we have depending on which kind of devices we have on site and then the needs for authentication, granting access and then assigning each device into its correct network for segmentation.

For what we're doing so far, it's quite easy for us; we are not doing too much complicated stuff, so it's quite easy for us to onboard a new site into the current policy we have.

Cisco Identity Services Engine (ISE) has simplified guest access management for us without compromising security for our organization.

The log capacity in Cisco Identity Services Engine (ISE) could be enhanced because today natively on the ISE can only have a look at the logs from the day before. You cannot search into the oldest logs; you have to use another tool for that. This can be blocking if you don't have any log consolidation solution. To do a search for an issue or something that happened two days ago, you cannot search directly in there.

The capacity of Cisco Identity Services Engine (ISE) could be enhanced.

Something between one week and one month for the log capacity would be nice.

Sometimes when we have upgrades or failovers with Cisco Identity Services Engine (ISE), we had some minor issues. It took something around two or three days before it came back to a stable situation.

For the size of our company, Cisco Identity Services Engine (ISE) is a scalable solution. It's working fine.

It's working fine because we are using many other Cisco products, so the interaction between Cisco tools is fine. However, you can have some latency issues depending on where your devices are. We don't have many devices spread on other geographies than EMEA; we have some of them in APAC, but for a really big deployment, scalability could force you to deploy more complex architectures. In this case, that would be the only drawback.

I have contacted Cisco support.

Their support is really good. Cisco support has pretty good teams for support and every time we had good answers and we could somehow solve the issues we had.

The setup of Cisco Identity Services Engine (ISE) was done by a third party, by a subcontractor. It would be hard for me to tell you how easy or not it was because the person was used to deploy this product already, but it wasn't that long, so we migrated from the previous environment to the current one we are using. Deployment or upgrade was quite acceptable.

Setup and migration of Cisco Identity Services Engine (ISE) took something around two weeks because this one is handling all the authentication we have worldwide. We took our time to make sure that migration was fine and we also merged. We had separated ISEs before, so we merged into a consolidated one, which is why it took more time.

I haven't faced any other kind of issues or difficulties with Cisco Identity Services Engine (ISE).

The biggest benefit of Cisco Identity Services Engine (ISE) as a product for me is that it is stable and reliable.

On a scale of 1-10, I would rate Cisco Identity Services Engine (ISE) a 9.

We use it for network access control.

It isolates the bring your own devices and the guests from the corporate network. It also segregates connections when a user comes in and connects. There is a certain profile review that goes on to confirm that the device is allowed to access resources on the network.

The policies allow us to enforce certain rules on the network to be able to screen our users more effectively. It allows us to have more visibility to what the users are trying to do on the network, which really helps us know how to control them.

There is value because it helps us secure the network and prevents certain things from happening which could cause financial loss. This demonstrates good value for money.

They should make their integrations with other manufacturers less restrictive. They should work on their integration with other vendors.

The integrations with the switches and the wireless controllers are not really straightforward. There is what they call the best practice for them, but it may not be what we have on-premise. We have to find a workaround with certain configurations to make them work.

We have been using the solution since 2021.

I am just working with the switches and Cisco Identity Services Engine (ISE).

It works and does what it is supposed to do. It is stable.

It is pretty scalable.

We have used customer service.

I have not used any previous solutions and am not sure about others.

It is a bit complicated. The implementation took us about two months.

It is deployed on-premises.

I have not compared with other vendors, but the license is reasonably priced.

The cost is about 100 million Ugandan shillings, which converts to approximately $30,000 per year.

I have considered trying Juniper and D-Link switches.

I am only using the Cisco Identity Services Engine (ISE) and the switches. Higher licensing is required for additional features. I rate this solution 8 out of 10.

I use Cisco Identity Services Engine (ISE) for wireless authentication and device administration.

Cisco Identity Services Engine (ISE) is good with device administration.

Cisco Identity Services Engine (ISE) is very good at device administration. This is one of the best features. Other than that, for the wireless authentication and network access control (NAC) use cases, it is not a solid product because there are better products for NAC than Cisco Identity Services Engine (ISE).

Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.

I have been working with Cisco Identity Services Engine (ISE) for around four years or more.

The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication. Device administration runs smoothly. Authentication and NAC use cases do not. I would rate the stability as four out of ten.

Scalability is limited. Factors like architecture, business nature, and legal limitations such as GDPR affect it. I would rate it as four or five out of ten.

Technical support is poor. It heavily relies on a reactive approach, and resolving issues can take a long time. Simple issues can take 72 hours or more than six months for resolution. I rate the technical support as one out of ten.

We also use Forescout. We use both Cisco Identity Services Engine (ISE) and Forescout simultaneously.

The initial setup is challenging. For enterprises, it can take months due to VM setup requirements, poor tech support, and Cisco Identity Services Engine (ISE) having many bugs. Small setups might take a day, but larger enterprise setups are much longer.

Cisco tech support and professional services are poor, lacking clear requirements and solutions.

The return on investment for Cisco Identity Services Engine (ISE) is difficult to gauge due to complexities. For enterprise customers, it comes at a lower cost and is comparatively cost-effective. Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.

Setup costs vary. Cloud solutions are expensive, while on-prem setups with shared environments are cheaper but not effective. Dedicated resources are needed due to the demanding nature of Cisco Identity Services Engine (ISE), making large organizational costs significant.

For small organizations, it's effective - not for larger ones.

We have evaluated and used Forescout alongside Cisco Identity Services Engine (ISE).

For small setups and if the backend infrastructure is Cisco-based, Cisco Identity Services Engine (ISE) is suitable. However, for large organizations with mixed infrastructure, other solutions should be considered. I would rate it four out of ten based on my experience from the last year.

The primary use case of Cisco Identity Services Engine (ISE) is to serve as a security solution that can specify the endpoints in an organization for segmentation. This involves defining the reachability domain for each endpoint in an organization.

It automates pushing access lists or authorizations and offers profiling to define and manage endpoints. It provides profiling to help organizations define the type and points of the endpoints, building security rules, and providing health checks to ensure endpoints comply with rules.

The solution offers automation and real-time visibility, which aids in monitoring and troubleshooting issues with endpoints.

The product provides feedback about the network based on endpoint behavior, assisting in understanding the network's current state.

The solution is integrated with other Cisco devices and can offer automation for an organization, making deployments more dynamic and providing real-time visibility. It gives feedback on what is happening within the network and assists mostly with troubleshooting.

Additionally, it's considered highly reliable and scalable.

The licensing scheme is complex and could use enhancement to provide more options. Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features. The complex licensing schema and the need for improvement in pricing are primary areas for improvement.

The Cisco Identity Services Engine (ISE) has been deployed for a long time in various environments.

Cisco Identity Services Engine (ISE) is considered very reliable and stable. Although it is not one hundred percent reliable theoretically, in practice, it offers great reliability.

The solution is described as very scalable, and there are minimal issues with scalability.

Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.

Setup is not about deploying ISE itself, but rather about managing the number of switches and endpoints in the organization. After initial deployment, routine upgrades and backups are part of the normal process.

A specific implementation team is not mentioned, but deployment complexity varies depending on the organization size and manpower available.

Cisco ISE is more expensive but covers a lot of features. The pricing scheme could be improved. Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.

Detailed mentions of other solutions include HPE ClearPass and Fortinet. However, these are mentioned for comparison purposes rather than as alternatives considered before using Cisco ISE.

It is suggested to keep the review anonymous and refrain from making personal information public.

I'd rate the solution eight out of ten.

We used it mainly for network access control and full stream for devices.

The product is expensive. It would also be a good add-on to have some machine learning.

I have been using Cisco Secure Firewall for one year.

The product is stable.

The solution is scalable.

The initial setup is straightforward.

It's also recommended for clients during deployment. You're making everything very efficiently managed within the policies. The deployment is also very smooth, allowing you to configure your rooms easily. Once the initial setup is done, it becomes straightforward to understand, especially regarding Windows maintenance.

It was deployed to protect the network from unauthorized users but does not contribute directly to operational efficiency.

Cisco ISE doesn't come cheap but it's still valid working.

We recommend it to our customers.

Cisco ISE provides authentication for various applications. It can integrate with other applications to manage access, including Privileged Access Management for those applications. For a comprehensive environment, Cisco ISE should be able to integrate and provide asset management for an IT organization or any organization.

Overall, I rate the solution an eight out of ten.