Cisco Identity Services Engine (ISE) vs. Snort

One scenario I already mentioned is authentication integration. So that works well. We haven't run any situation where it is not suited, so we haven't run into that situation. So I am not really sure that would it work or not. But right now, so far so good.

Incentivized

If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.

Incentivized

• The most beneficial thing that I love about it, there are tons of things that I love about ISE and that it does well, but the most fascinating that I feel about is its integration with DNA center or Catalyst Center using PX Grid as the protocol wherein ISE acts as a policy server for the entire campus hand in hand with Catalyst Center to make sure that the policy policy follows the user and also in the background hand in hand with DNA Center or Catalyst Center makes sure microsegmentation is implemented so that east west traffic is blocked and takes care of the campus.

Incentivized

• IPS detection.
• DoS detection.
• Packet logging.

Incentivized

• I guess the user experience itself, it's sometimes a little bit slow, but this is also dependent on the platform and the scale of the deployment of course. But actually functionality-wise it's really, really good. But yeah, it could sometimes be a little quicker to react on the good front.

Incentivized

• At times can be unstable with Cisco bugs, require frequent upgrading.
• FTD images that are being pushed for ASAs are less efficient from an administration standpoint, no CLI.

Incentivized

We are so very reliant on Cisco Identity Services Engine at this point that finding another solution would be a big hassle for us.

Incentivized

For us the solution is very easily useable on its own. Perhaps that has to do because we started using ISE in the 1.2 days and have seen it grow during the years. Policy creation, etc. is all very visible and thus easy to use. Deployment of multiple nodes is also incredibly easy and flexible. You can easily add or remove nodes as you wish.

Incentivized

We do have to occasionally reboot the servers when they get low on memory, but we're also a few versions behind. Availability has generally been pretty good though with no major outages in the time that we've had it implemented.

Incentivized

yes it does. depending on where you coming from. Logs are pretty busy same as report. it also depending on devices count and design.

Incentivized

Cisco support is second to none, both in terms of how you access support but also the knowledge of the individual support teams. If you focus on one technology and provide "manufacturer support" then you can rest assured that you are accessing Cisco's top individuals. I feel like this is a USP for Cisco support.

Incentivized

Training can only cover certain areas, there are a lot of areas training just can't cover. You have to learn by doing it.

Incentivized

I did participate in the implementation of Cisco ISE and while there were times when it was confusing and we had a lot of trial and error, overall the experience was fine.

Incentivized

In our case, the entire core of our network is based on Cisco technologies as well as user access. For this reason it was the simplest choice given that both by integration and by knowledge of the platform it was the solution with the least complexity and the best adoption curve offered us.
At the level of capabilities, they seemed really similar to us, each option having some point where it surpassed the others and others where it was surpassed.

Incentivized

For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a Barracuda Web Filter, but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like. Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.

Incentivized

Cisco ISE was competitively priced and Cisco was able to leverage some of our existing contracts to help ease the purchase.

Incentivized

It's fully customised and comprehensive. only thing is you need to know what you want. Proper research and planning would save lots of time and effort .

Incentivized

• Cisco ISE is fairly expensive, but I feel that the time it saves our team is well worth it.
• We have been able to roll this our to all of our teams, and they can each manage their own device and it is really convenient to have each team mange their own devices
• Once it is deployed and configured, it seems like there isn't much upkeep, so we don't have to hire someone to manage it we do it by committee.

Incentivized

• Being open source, ROI on free is hard to beat for something that works.
• I believe it greatly enhances the security of my network.