The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives the user intelligent, integrated protection through intent-based policy and compliance solutions.
N/A
Red Hat Virtualization (discontinued)
Score 6.1 out of 10
N/A
Red Hat Virtualization (formerly Red Hat Enterprise Virtualization, broadly known as RHEV) is an enterprise level server and desktop virtualization solution. Red Hat Virtualization also contains the functionality of Red Hat Enterprise Virtualization for Desktop in later editions of the platform.
Cisco ISE integrates will with a Cisco solution such as firewalls, network switches and routers. It does an incredible job of granting access based on the role that an individual or groups have, and the ability to remove access to that individual or group is also east. In our environment ISE is used to authenticate external users that have access by vpn, and also to manage access to the large network infrastructure
RHEV is well suited for organizations that need a cost-effective and flexible solution for their environment. As its vendor-independent software, easily install on any type of hardware. RHEV provides a GUI interface to manage the software, which makes the management of the software easier for the end-user. RHEV is best for non-production or less critical applications. RHEV can be easily integrated with other REDHAT software.
The most beneficial thing that I love about it, there are tons of things that I love about ISE and that it does well, but the most fascinating that I feel about is its integration with DNA center or Catalyst Center using PX Grid as the protocol wherein ISE acts as a policy server for the entire campus hand in hand with Catalyst Center to make sure that the policy policy follows the user and also in the background hand in hand with DNA Center or Catalyst Center makes sure microsegmentation is implemented so that east west traffic is blocked and takes care of the campus.
1- RHVM API is pretty slow, especially after creating a VM it is not possible to retrieve the VM details (i.e VM's MAC Address) fast enough, where we need to place a pause in our Ansible Playbook, make the automation process slow.
2- RHV is still using collected to monitor the hypervisors which is deviating from Red Hat policy for other RHEL based applications to use PCP to monitor, which is richer in features.
3- It will be great if it is possible to patch the hypervisors using other tools such as satellite and not only via RHVM.
4- In the past Red Hat used to present patches in the z release (i.e. 4.3.z), and features in the y release (i.e 4. y), but starting from 4.4 that is mixed together wherein the Z release you get both patches and features, that is not good because that requires a lot of time to test when we patch as it includes features as well.
5- Engineering team has to be more reactive when new feature is requested.
For us the solution is very easily useable on its own. Perhaps that has to do because we started using ISE in the 1.2 days and have seen it grow during the years. Policy creation, etc. is all very visible and thus easy to use. Deployment of multiple nodes is also incredibly easy and flexible. You can easily add or remove nodes as you wish.
We do have to occasionally reboot the servers when they get low on memory, but we're also a few versions behind. Availability has generally been pretty good though with no major outages in the time that we've had it implemented.
Cisco support is second to none, both in terms of how you access support but also the knowledge of the individual support teams. If you focus on one technology and provide "manufacturer support" then you can rest assured that you are accessing Cisco's top individuals. I feel like this is a USP for Cisco support.
I think our system integrators lacks some competencies and this has led to an implementation that is still perfectible. (i.e. dedicating an interface for intra-cluster communication)
I think all give some visibility of device monitoring and management, but Cisco Identity Services Engine gives a good way to manage more details about the device in a centralized way that gives a wider range of monitoring and control than the other softwares individually. I don't think Cisco Identity Services Engine eliminates the need for these other software as of now, but there is potential for Cisco Identity Services Engine to be able to take over more of these roles.
RHEV is an excellent product, includes more features, is less expensive, and has rock solid reliability and is backed with the best Red Hat Support in the industry. RHEV uses KVM under the hood which is used by all the big players in the industry (AWS, Rackspace, etc) to lower their overall costs and improve efficiency and profits and that's why RHEV is an excellent solution!
It's fully customised and comprehensive. only thing is you need to know what you want. Proper research and planning would save lots of time and effort .
I don't know about negatives because we haven't seen it right now, but positive impact is one is the roadmap we have. And now since we are going ahead with doing the deployment of Cisco ISE, we see that we are getting closure to, so at the end of the day, we have to make sure that operationally we stay excellent. So that's where operational excellence comes in. Cisco ISE is basically addressing that for us. Right now we are in a situation if there is a WIFI issue or if there is an authentication issue, it gets really difficult to isolate the problem. But with Cisco ISE , this functionality is going to come in. So we believe that it would be a good ROI.
