The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives the user intelligent, integrated protection through intent-based policy and compliance solutions.
N/A
WatchGuard Network Security
Score 8.7 out of 10
N/A
WatchGuard Network Security is a network security and firewall software. WatchGuard includes secure Wi-Fi, multi-factor authentication, and network intelligence products and services designed for SMB’s.
Cisco ISE integrates will with a Cisco solution such as firewalls, network switches and routers. It does an incredible job of granting access based on the role that an individual or groups have, and the ability to remove access to that individual or group is also east. In our environment ISE is used to authenticate external users that have access by vpn, and also to manage access to the large network infrastructure
One scenario where WatchGuard Network Security is well-suited for a task is when a site needs to be whitelisted. For example, if a site is whitelisted and hosted in a country blocked by geolocation, we can bypass the block and route traffic to the site. This is particularly helpful with CDN's.
The most beneficial thing that I love about it, there are tons of things that I love about ISE and that it does well, but the most fascinating that I feel about is its integration with DNA center or Catalyst Center using PX Grid as the protocol wherein ISE acts as a policy server for the entire campus hand in hand with Catalyst Center to make sure that the policy policy follows the user and also in the background hand in hand with DNA Center or Catalyst Center makes sure microsegmentation is implemented so that east west traffic is blocked and takes care of the campus.
We have been renewing and purchasing new equipment for the last 20 years. This is because the equipment is easy to use and manage and also quite affordable. Compared to other products, Watchguard just works and has not had the issues with device security seen in other products. They have been a reliable partner.
For us the solution is very easily useable on its own. Perhaps that has to do because we started using ISE in the 1.2 days and have seen it grow during the years. Policy creation, etc. is all very visible and thus easy to use. Deployment of multiple nodes is also incredibly easy and flexible. You can easily add or remove nodes as you wish.
Although it might take some time to figure out, we have been able to use WatchGuard's online reference library and tech support to create/implement/modify all of our filtering rules and exceptions needed. There really has not been a shortcoming other than perhaps a learning curve.
We do have to occasionally reboot the servers when they get low on memory, but we're also a few versions behind. Availability has generally been pretty good though with no major outages in the time that we've had it implemented.
Availability has always been a strong point of this product, it is rare that watchguard does not have a solution for customers' network monitoring needs.
The performance of WatchGuard Network Security is very good, in the years that we have used the solution we have only had a single error and Watchguard itself was able to solve it. Furthermore, when purchasing any product, the partner always evaluates the capacity of the solution to recommend the most appropriate product for our needs.
Cisco support is second to none, both in terms of how you access support but also the knowledge of the individual support teams. If you focus on one technology and provide "manufacturer support" then you can rest assured that you are accessing Cisco's top individuals. I feel like this is a USP for Cisco support.
We have only had to contact them once during the initial set up to help bring the internet back on line. After that for the most part our systems have been automated, and could easily be checked form their online FAQ and Knowledge base that they provide. Everything else is easily handled from their browser based interface
We participate to a in person training and the three days of learning was really useful and complete to gain skill to solve the major part of the problem we encounter during our life. And more the in person training give us the opportunity to create a network with other WatchGuard partner.
I think our system integrators lacks some competencies and this has led to an implementation that is still perfectible. (i.e. dedicating an interface for intra-cluster communication)
I had my key information for setting up the firewall, and they assisted me in finding the settings and appropriate places to enter data. They also helped troubleshoot when I didn't understand some of their feature concepts, and we got it running.
I think all give some visibility of device monitoring and management, but Cisco Identity Services Engine gives a good way to manage more details about the device in a centralized way that gives a wider range of monitoring and control than the other softwares individually. I don't think Cisco Identity Services Engine eliminates the need for these other software as of now, but there is potential for Cisco Identity Services Engine to be able to take over more of these roles.
I was not involved with the decision making for WatchGuard versus another product. However, I know WatchGuard is significantly less expensive than other brands. My overall preference would be Ubiquiti due to their continuous improvement of the product with tons of great features. I know WatchGuard is making great advances, but the progress seems slower in comparison.
It's fully customised and comprehensive. only thing is you need to know what you want. Proper research and planning would save lots of time and effort .
This product is very scalable since previously everything related to Watchguard was on premises but that has now changed with the inclusion of watchguard cloud. Now the product has evolved to have full control of firewalls at the cloud level.
I don't know about negatives because we haven't seen it right now, but positive impact is one is the roadmap we have. And now since we are going ahead with doing the deployment of Cisco ISE, we see that we are getting closure to, so at the end of the day, we have to make sure that operationally we stay excellent. So that's where operational excellence comes in. Cisco ISE is basically addressing that for us. Right now we are in a situation if there is a WIFI issue or if there is an authentication issue, it gets really difficult to isolate the problem. But with Cisco ISE , this functionality is going to come in. So we believe that it would be a good ROI.
