The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives the user intelligent, integrated protection through intent-based policy and compliance solutions.
N/A
Nmap
Score 8.7 out of 10
N/A
Nmap is a free, open source network discovery, mapper, and security auditing software. Its core features include port scanning identifying unknown devices, testing for security vulnerabilities, and identifying network issues.
$49,980
one-time fee
Pricing
Cisco Identity Services Engine (ISE)
Nmap
Editions & Modules
No answers on this topic
Nmap OEM Small/Startup Company Redistribution License - Quarterly Term Maintenance Fee
$7,980
Every Three Months per license
Nmap OEM Mid-Sized Company Redistribution License - Quarterly Term Maintenance Fee
$11,980
Every Three Months per license
Nmap OEM Enterprise Redistribution License - Quarterly Term Maintenance Fee
$13,980
Every Three Months per license
Nmap OEM Small/Startup Company Redistribution License - Annual Maintenance Fee
$14,980
per year per license
Nmap OEM Mid-Sized Company Redistribution License - Annual Maintenance Fee
All perpetual licenses include a six-month trial period during which you can cancel for any reason and receive a full refund of all money paid (including maintenance). The term license is only a 3-month commitment and cal also be terminated with full refund during the first 30 days of the initial quarter.
Cisco ISE integrates will with a Cisco solution such as firewalls, network switches and routers. It does an incredible job of granting access based on the role that an individual or groups have, and the ability to remove access to that individual or group is also east. In our environment ISE is used to authenticate external users that have access by vpn, and also to manage access to the large network infrastructure
If you're a sysadmin, or anyone who's had to deploy network services, you've almost certainly had to use Nmap at some point or other. Need to see what devices are on your LAN? Nmap can tell you that. Want to check which ports your web server has open to the internet? Nmap is your friend.
Nmap is a powerful command-line tool and has many options that require some reading of documentation to get the best out of (although generally straightforward). If the thought of working at the command-line scares you (presumably not if you're reading this review), then you may want a much simpler tool, or at least check out Zenmap GUI.
The most beneficial thing that I love about it, there are tons of things that I love about ISE and that it does well, but the most fascinating that I feel about is its integration with DNA center or Catalyst Center using PX Grid as the protocol wherein ISE acts as a policy server for the entire campus hand in hand with Catalyst Center to make sure that the policy policy follows the user and also in the background hand in hand with DNA Center or Catalyst Center makes sure microsegmentation is implemented so that east west traffic is blocked and takes care of the campus.
NMap provides a very fast and a very thorough network "sweep" that allows you to quickly map out exactly what's on your network.
NMap is highly configurable. The "canned" choices are very good in most instances, but using various switches and options, you can create a very specific scan and get exactly the results you're looking for.
NMap is easy to use. Even a new administrator will be able to use the graphical version (Zenmap) with efficiency right away.
The GUI version on Nmap could use some improvement with the options that are available to do scans. For example, they could make it easier to select options for the different types of scanning for people who are beginners
There are no abilities to schedule a scan in the Nmap tool.
An intensive scan sometimes takes too much time to complete.
For us the solution is very easily useable on its own. Perhaps that has to do because we started using ISE in the 1.2 days and have seen it grow during the years. Policy creation, etc. is all very visible and thus easy to use. Deployment of multiple nodes is also incredibly easy and flexible. You can easily add or remove nodes as you wish.
Nmap uses are very practical and I don't think there is a better tools for what Nmap does. It is open-sources that therefore there is no cost to use it. It offers a number of benefits, including but not limited to network mapping, port scanning and more. It is very reliable as a network scanning tool.
We do have to occasionally reboot the servers when they get low on memory, but we're also a few versions behind. Availability has generally been pretty good though with no major outages in the time that we've had it implemented.
Cisco support is second to none, both in terms of how you access support but also the knowledge of the individual support teams. If you focus on one technology and provide "manufacturer support" then you can rest assured that you are accessing Cisco's top individuals. I feel like this is a USP for Cisco support.
There is a very large support community and a robust selection of add-ons and scripts. Once you get the use down this is one of the most powerful tools and you can find anything you are looking for as far as examples on the web. While not having official support its not lacking by any means.
I did participate in the implementation of Cisco ISE and while there were times when it was confusing and we had a lot of trial and error, overall the experience was fine.
I think all give some visibility of device monitoring and management, but Cisco Identity Services Engine gives a good way to manage more details about the device in a centralized way that gives a wider range of monitoring and control than the other softwares individually. I don't think Cisco Identity Services Engine eliminates the need for these other software as of now, but there is potential for Cisco Identity Services Engine to be able to take over more of these roles.
Alternatives to Nmap (other IP scanners) are often much more limited in what they can do; They often only allow you to scan a specific subset of ports or a limited number of IP addresses in one command. Nmap is unrestricted in that regard. What makes Nmap stand out above the rest, is the complete network analysis package you get with it. It allows IP scanner, network deep-dives, hardware analysis, vulnerability analysis, encryption detailing, and so much more, in one free application
It's fully customised and comprehensive. only thing is you need to know what you want. Proper research and planning would save lots of time and effort .
I don't know about negatives because we haven't seen it right now, but positive impact is one is the roadmap we have. And now since we are going ahead with doing the deployment of Cisco ISE, we see that we are getting closure to, so at the end of the day, we have to make sure that operationally we stay excellent. So that's where operational excellence comes in. Cisco ISE is basically addressing that for us. Right now we are in a situation if there is a WIFI issue or if there is an authentication issue, it gets really difficult to isolate the problem. But with Cisco ISE , this functionality is going to come in. So we believe that it would be a good ROI.
