Cisco Identity Services Engine (ISE) vs. Tripwire Enterprise

Cisco Identity Services Engine is well suited for k12 and SLED customers who have a need for greater physical security. They don’t want anyone and everyone to have open access to the network or be able to plug a random device in. Cisco Identity Services Engine isn’t good for customers that want a completely hands off approach to network administration. It requires a good deal of effort to implement initially and some ongoing effort to manage and optimize it on the backend. Some teams are just too lean or don’t have a large enough business to justify needing a solution that’s tailored towards networks of 50+ users.

Incentivized

Tripwire Enterprise is great for hosting/data center environments and it greatly helps where console screenshots and reporting fill a lot of our client internal audit needs for security and change control.

Incentivized

• The most beneficial thing that I love about it, there are tons of things that I love about ISE and that it does well, but the most fascinating that I feel about is its integration with DNA center or Catalyst Center using PX Grid as the protocol wherein ISE acts as a policy server for the entire campus hand in hand with Catalyst Center to make sure that the policy policy follows the user and also in the background hand in hand with DNA Center or Catalyst Center makes sure microsegmentation is implemented so that east west traffic is blocked and takes care of the campus.

Incentivized

• It allows us to track development changes for engineer accountability.
• Tripwire Enterprise also allows us to monitor changes/updates being done to our systems in our hosting centers.
• We use the software to track user access and critical system changes.

Incentivized

• There are many pages spread out that do the same thing or are slightly different depending on how you access them
• The individual pages can be small and be overly segmented into different tabs when a sub-heading on a longer page would be more readable and teachable
• Although the API is well connected to other existing software since the ID lets them synchronize well, other device details tend to not populate for custom API integrations. Apparent redundancy in the API fields as well, though most of my experience with it is looking up and modifying endpoints

Incentivized

• In previous versions the management console was a little hard to navigate in some respects.
• I'm sure this has changed over time but we hope the reporting system has gotten more granular.
• I really don't have to many cons for this product, I recommend it for every company I work for!

Incentivized

We are so very reliant on Cisco Identity Services Engine at this point that finding another solution would be a big hassle for us.

Incentivized

For us the solution is very easily useable on its own. Perhaps that has to do because we started using ISE in the 1.2 days and have seen it grow during the years. Policy creation, etc. is all very visible and thus easy to use. Deployment of multiple nodes is also incredibly easy and flexible. You can easily add or remove nodes as you wish.

Incentivized

We do have to occasionally reboot the servers when they get low on memory, but we're also a few versions behind. Availability has generally been pretty good though with no major outages in the time that we've had it implemented.

Incentivized

yes it does. depending on where you coming from. Logs are pretty busy same as report. it also depending on devices count and design.

Incentivized

Cisco support is second to none, both in terms of how you access support but also the knowledge of the individual support teams. If you focus on one technology and provide "manufacturer support" then you can rest assured that you are accessing Cisco's top individuals. I feel like this is a USP for Cisco support.

Incentivized

Training can only cover certain areas, there are a lot of areas training just can't cover. You have to learn by doing it.

Incentivized

I did participate in the implementation of Cisco ISE and while there were times when it was confusing and we had a lot of trial and error, overall the experience was fine.

Incentivized

So we have Aruba ClearPass manager, so we evaluated that one as well that what is the future around it, but we found Cisco ISE better, so that's why we made a decision to move to Cisco. So we evaluated CPPM, which is an Aruba product, Aruba platform.

Incentivized

Honestly, I haven't used other products to do what Tripwire does, it's always my first recommendation.

Incentivized

Cisco ISE was competitively priced and Cisco was able to leverage some of our existing contracts to help ease the purchase.

Incentivized

It's fully customised and comprehensive. only thing is you need to know what you want. Proper research and planning would save lots of time and effort .

Incentivized

• Of course, there were some recent changes on the licensing front because when the product was started with Cisco, the licenses were lifetime for some of the licenses at least. And with recent versions, they changed that to also get yearly-based or perpetual licenses. And yeah, this of course for most of our customers increased the cost of the system by quite a great margin. All in all, I guess it is worth it.

Incentivized

• Tripwire has been a positive business impact for us because of its trusted name. Our customers require software like Tripwire because they know their data and security concerns are in good hands when it's deployed.
• The ROI for Tripwire is also a positive for our business because of the time and man power saved in due diligence and reporting for our clients' internal auditing.

Incentivized