Cisco Identity Services Engine (ISE) vs. Fortinet FortiGate

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cisco Identity Services Engine (ISE)
Score 8.9 out of 10
N/A
The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives the user intelligent, integrated protection through intent-based policy and compliance solutions.N/A
FortiGate
Score 8.6 out of 10
N/A
FortiNet FortiGate is a firewall option with high integrability. It offers a variety of deployment options and next-gen firewall capabilities, including integration with IaaS cloud platforms and public cloud environments.N/A
Pricing
Cisco Identity Services Engine (ISE)Fortinet FortiGate
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cisco Identity Services Engine (ISE)FortiGate
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsFortiGate pricing starts at $250 for home office use, up to $300,000 for large enterprise appliances. Must contact sales team for pricing.
More Pricing Information
Community Pulse
Cisco Identity Services Engine (ISE)Fortinet FortiGate
Considered Both Products
Cisco Identity Services Engine (ISE)
Chose Cisco Identity Services Engine (ISE)
In our case, the entire core of our network is based on Cisco technologies as well as user access. For this reason it was the simplest choice given that both by integration and by knowledge of the platform it was the solution with the least complexity and the best adoption …
FortiGate

No answer on this topic

Features
Cisco Identity Services Engine (ISE)Fortinet FortiGate
Firewall
Comparison of Firewall features of Product A and Product B
Cisco Identity Services Engine (ISE)
-
Ratings
Fortinet FortiGate
8.6
52 Ratings
0% below category average
Identification Technologies00 Ratings8.850 Ratings
Visualization Tools00 Ratings8.250 Ratings
Content Inspection00 Ratings8.851 Ratings
Policy-based Controls00 Ratings8.852 Ratings
Active Directory and LDAP00 Ratings8.649 Ratings
Firewall Management Console00 Ratings7.751 Ratings
Reporting and Logging00 Ratings8.152 Ratings
VPN00 Ratings9.051 Ratings
High Availability00 Ratings9.347 Ratings
Stateful Inspection00 Ratings9.250 Ratings
Proxy Server00 Ratings8.438 Ratings
Best Alternatives
Cisco Identity Services Engine (ISE)Fortinet FortiGate
Small Businesses
NinjaOne
NinjaOne
Score 9.1 out of 10
pfSense
pfSense
Score 9.4 out of 10
Medium-sized Companies
Cisco Meraki MX
Cisco Meraki MX
Score 9.1 out of 10
pfSense
pfSense
Score 9.4 out of 10
Enterprises
Cisco Meraki MX
Cisco Meraki MX
Score 9.1 out of 10
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
Score 9.5 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cisco Identity Services Engine (ISE)Fortinet FortiGate
Likelihood to Recommend
8.8
(113 ratings)
8.7
(79 ratings)
Likelihood to Renew
9.6
(3 ratings)
7.0
(5 ratings)
Usability
7.0
(3 ratings)
8.6
(20 ratings)
Availability
8.9
(3 ratings)
8.0
(3 ratings)
Performance
9.0
(1 ratings)
9.0
(2 ratings)
Support Rating
7.0
(6 ratings)
9.0
(27 ratings)
In-Person Training
-
(0 ratings)
10.0
(1 ratings)
Implementation Rating
8.9
(3 ratings)
5.0
(5 ratings)
Configurability
8.0
(1 ratings)
7.0
(2 ratings)
Contract Terms and Pricing Model
8.0
(2 ratings)
8.0
(1 ratings)
Ease of integration
6.1
(3 ratings)
7.0
(2 ratings)
Product Scalability
8.0
(1 ratings)
7.0
(3 ratings)
Vendor post-sale
10.0
(1 ratings)
8.0
(2 ratings)
Vendor pre-sale
9.0
(1 ratings)
8.0
(2 ratings)
User Testimonials
Cisco Identity Services Engine (ISE)Fortinet FortiGate
Likelihood to Recommend
Cisco
Cisco ISE integrates will with a Cisco solution such as firewalls, network switches and routers. It does an incredible job of granting access based on the role that an individual or groups have, and the ability to remove access to that individual or group is also east. In our environment ISE is used to authenticate external users that have access by vpn, and also to manage access to the large network infrastructure
Read full review
Fortinet
Fortinet FortiGate addressed an immediate security issue we had a few years ago. The device gave us a much clearer picture of the activities on our network and also more importantly, increased our awareness of threats from the internet as a whole. Fortinet FortiGate helps us to mitigate these threats with regular signature updates from Fortiguard labs, identifying certain characteristics which, once recognised by Fortinet FortiGate, can be harnessed to deploy powerful 'playbooks'.
Read full review
Pros
Cisco
  • The most beneficial thing that I love about it, there are tons of things that I love about ISE and that it does well, but the most fascinating that I feel about is its integration with DNA center or Catalyst Center using PX Grid as the protocol wherein ISE acts as a policy server for the entire campus hand in hand with Catalyst Center to make sure that the policy policy follows the user and also in the background hand in hand with DNA Center or Catalyst Center makes sure microsegmentation is implemented so that east west traffic is blocked and takes care of the campus.
Read full review
Fortinet
  • SD-WAN - Load balancing of Internet traffic is a USP of Fortigate and makes it stand tall in the competition. Be it 3 or more Internet Links, multiple Subnets/segments of users to distribute and bandwidth load balancing for links and users. SLA based monitoring of Internet Links / MPLS links, makes it even better to choose the links on the basis of performance (Latency, packet loss, Jitter etc).
  • SSL VPN configuration - As we all have WFH force (to some extend or all employee) during Covid-19, it is impossible to plan BCP without having a SSL VPN. In Fortigate, the SSL VPN configuration is very easy with the help of wizard. The deep CLI-level debugging is also very helpful in troubleshooting. Type of tunnel can be easily configured - Full Tunnel or Split Tunnel for SSL.
  • Explicit Proxy - This is also a great feature to shape and re-route the traffic, configuring the Proxy on the Firewall itself. We are using this feature in Pilot for now, and planned to rollout in few weeks looking at the success rate of the POC.
Read full review
Cons
Cisco
  • Trustsec needs more documentation and configuration best practice examples
  • The licensing model can be difficult to explain and understand for customers
  • Difficult to get an accurate benchmark to know exactly how many Cisco Identity Services Engine nodes and the size of the deployment should be
Read full review
Fortinet
  • Documentation is missing a great deal of detail and assumes the customer and just guess and fill in the blanks themselves
  • Fortinet has lots and lots of video guides on topics that only a small percentage of customers would ever need
  • The documentation and video guides do not get updated so most is only relevant to older software versions
Read full review
Likelihood to Renew
Cisco
We are so very reliant on Cisco Identity Services Engine at this point that finding another solution would be a big hassle for us.
Read full review
Fortinet
Fortinet's products have kept improving with new software releases and they continue to deliver great value. Their support is also very good. I believe that as a small enterprise, their products have given us competitive advantage delivering features and functionality that enable us to innovate and do things better. They also continue to be a leader in the markets they serve.
Read full review
Usability
Cisco
For us the solution is very easily useable on its own. Perhaps that has to do because we started using ISE in the 1.2 days and have seen it grow during the years. Policy creation, etc. is all very visible and thus easy to use. Deployment of multiple nodes is also incredibly easy and flexible. You can easily add or remove nodes as you wish.
Read full review
Fortinet
The firewall runs very well, firmware updates are fairly quick but you must follow the upgrade path. Neglecting this step will cause a lot of pain. If you decide to go with Fortinet FortiGate switches and/or access points, they can be managed within the firewall which is great. We're also using the FortiAnalyzer which easily plugs into the firewall for any reporting you may require.
Read full review
Reliability and Availability
Cisco
We do have to occasionally reboot the servers when they get low on memory, but we're also a few versions behind. Availability has generally been pretty good though with no major outages in the time that we've had it implemented.
Read full review
Fortinet
We had didn't any hardware failures at our two main office locations and upgraded our units last year after using them for about 5-6 years
Read full review
Performance
Cisco
yes it does. depending on where you coming from. Logs are pretty busy same as report. it also depending on devices count and design.
Read full review
Fortinet
Good performance and really good integration. We have integration with Microsoft AD.
Read full review
Support Rating
Cisco
Cisco support is second to none, both in terms of how you access support but also the knowledge of the individual support teams. If you focus on one technology and provide "manufacturer support" then you can rest assured that you are accessing Cisco's top individuals. I feel like this is a USP for Cisco support.
Read full review
Fortinet
The Support team at Fortinet is excellent. They can not only help you configure the device for what you are trying to do, they offer suggestions on improving rules, and troubleshooting issues. Their response time is fast, ensuring you are up and running immediately with no questions asked. We had a hard drive failure in one of our Fortinet Fortigate appliances. The tech answered immediately, and started rebuilding the drive after some preliminary investigations. After rebuilding, there were still errors and issues, so they dispatched a brand new Fortinet Fortigate appliance. The tech then backed up the configurations for when the new device came in, which showed up in a few hours. A restore of the configuration took less than a minute, and there were no more errors or issues.
Read full review
In-Person Training
Cisco
No answers on this topic
Fortinet
I received it a couple years afters use it and it was just to confirm my knowledge about the tool.
Read full review
Online Training
Cisco
Training can only cover certain areas, there are a lot of areas training just can't cover. You have to learn by doing it.
Read full review
Fortinet
No answers on this topic
Implementation Rating
Cisco
I did participate in the implementation of Cisco ISE and while there were times when it was confusing and we had a lot of trial and error, overall the experience was fine.
Read full review
Fortinet
Make sure that you have the most current version of FortiOS. Make sure all Fortigates are on the same version
Read full review
Alternatives Considered
Cisco
I think all give some visibility of device monitoring and management, but Cisco Identity Services Engine gives a good way to manage more details about the device in a centralized way that gives a wider range of monitoring and control than the other softwares individually. I don't think Cisco Identity Services Engine eliminates the need for these other software as of now, but there is potential for Cisco Identity Services Engine to be able to take over more of these roles.
Read full review
Fortinet
[Fortinet] FortiGate is not only cost effective but it gives the comprehensive security against the APT attacks and gives the complete traffic visibility and granular control. You can easily create the VDOMs (Virtual firewall) within a Fortigate firewall and customize the dashboard as per your requirement if you have multiple VDOMs within a single firewall.
Read full review
Contract Terms and Pricing Model
Cisco
Cisco ISE was competitively priced and Cisco was able to leverage some of our existing contracts to help ease the purchase.
Read full review
Fortinet
No changes needed to terms and conditions.
Read full review
Scalability
Cisco
It's fully customised and comprehensive. only thing is you need to know what you want. Proper research and planning would save lots of time and effort .
Read full review
Fortinet
My environments are pretty small (less than 100 users per location) so no issues here.
Read full review
Return on Investment
Cisco
  • I don't know about negatives because we haven't seen it right now, but positive impact is one is the roadmap we have. And now since we are going ahead with doing the deployment of Cisco ISE, we see that we are getting closure to, so at the end of the day, we have to make sure that operationally we stay excellent. So that's where operational excellence comes in. Cisco ISE is basically addressing that for us. Right now we are in a situation if there is a WIFI issue or if there is an authentication issue, it gets really difficult to isolate the problem. But with Cisco ISE , this functionality is going to come in. So we believe that it would be a good ROI.
Read full review
Fortinet
  • The pricing given to us for our firewall was well within what we were already spending for other vendors solutions and had the added value of eliminating a separate expense for a dedicated web filtering appliance.
  • We have also adopted Fortinet's security fabric approach and thus changed vendors for our switch and AP devices. These devices have come at reduced prices as compared to another previous vendor we were using, particularly in relation to ongoing annual maintenance costs.
Read full review
ScreenShots