TrustRadius: an HG Insights company

Cisco Identity Services Engine (ISE)

Score9 out of 10

301 Reviews and Ratings

What is Cisco Identity Services Engine (ISE)?

The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives the user intelligent, integrated protection through intent-based policy and compliance solutions.

Read more details.

Media

Screenshot of Cisco Identity Services Engine (ISE)

Screenshot of Cisco Identity Services Engine (ISE)

Pros

  • Robust authentication and authorization for network devices and user access
  • Flexible and centralized policy management for granular control
  • Effective device profiling and categorization

Cons

  • Complex and time-consuming upgrade process
  • Non-intuitive and complicated user interface/navigation
  • Difficult-to-understand and layered licensing model

Cisco Identity Services Engine (ISE) Review

Use Cases and Deployment Scope

Currently, we use it for device administration for all of our switches and routers. We also use it for things like our F5s. We also use it for wired 802.1X and MAB security, as well as endpoint security.

Pros

  • It does a great job of authenticating users. Anytime one of our users logs into the network, before they're ever able to do anything inside the network, they have to authenticate with Cisco Identity Services Engine. We can do that with IoT devices as well, and it enables us to send down customized access lists that control access right at the port. So even from the beginning, before they're able to do anything else, we're controlling what they can and cannot access.

Cons

  • I would say the biggest thing about Cisco Identity Services Engine right now—and it's the same thing it's always been—is that it can be extremely complicated. There is a bit of a learning curve to it. They've made quite a bit of improvement since the early days, but still, unless you use it often enough, you're going to have a bit of a hike to get to the point where you're really good at it. I would say that's probably the biggest problem with it. There's a lot of stuff there, so it's understandable, but that's probably the biggest hurdle you have to overcome.

Return on Investment

  • Well, we're subject to a lot of compliance rules. The nice thing about Cisco Identity Services Engine is that when you're trying to lock everything down in the financial industry, it makes it a lot easier to do, that's for sure. When we're doing auditing and things like that, we can pull the reports right out of Cisco Identity Services Engine with no problem. We do that annually, and it meets a lot of our auditing requirements, which is very helpful.

Other Software Used

Cisco Secure Workload, Cisco Duo, Cisco Secure Firewall Management Center, Cisco Catalyst Switches

Usability

Cisco Identity Services Engine (ISE) - a powerhouse in the network

Use Cases and Deployment Scope

Cisco Identity Services Engine is the niche when it comes to east-west traffic inspection. We are minimally implementing Cisco Identity Services Engine currently, with an initiative to increase implementation to include Profiling and possibly Posturing. Cisco Identity Services Engine integrations with Active Directory, Software Defined Access, and Secure Firewall make a rock-solid environment with hands-free security a breeze.

Pros

  • Micro-segmentation where access is tied to Security Group Tags allowing a mix-and-match of different variety of access to be possible.
  • Along with AD integration, Cisco Identity Services Engine will leverage Groups to grant more granular access.
  • Cisco Identity Services Engine-Secure Firewall integration allows for even more granularity to access resources.

Cons

  • Badly need to work on visualization tools and documentation for a more polished interface.
  • Context help is more needed to uncover many obscure areas.
  • Database handling algorithms need speed enhancements, as searching takes an extended long time for hits to appear.

Return on Investment

  • ROI is easily achieved by 85% with Cisco Identity Services Engine
  • Profiling rolled out new devices seamlessly by 90%
  • Posturing secured the network environment by more that 95%

Cisco Identity Services Engine (ISE) Product review

Use Cases and Deployment Scope

We use Cisco Identity Services Engine (ISE) for Logical Segmentation across different endpoints types, and zero trust access across across network infrastructure was the key problem which we were working to address

Pros

  • Dot1x authentication
  • Guest Portal integration with External Identity provider
  • Data Connect

Cons

  • Observability across ISE infrastructure, today its run as black box
  • Better load distribution method across nodes
  • Application startup time
  • Upgrade need to be inline, don't have to spin up new infrastructure for every new major release

Return on Investment

  • Visibility and block Unwanted devices right on spot.
  • Integration with other ecosystem for better visibility

ISE AAA expert tool

Use Cases and Deployment Scope

To autenticate users, to have the control to which the user can access in my network, to have visibility of what is doing the users in the network.

Pros

  • Autenticate users
  • Design the autorization of what the users can do in the network.
  • To see what are doing the users in the network.

Cons

  • An easy way to manage backups.
  • Best PxGrid ISE side functionality.
  • Easy way to configure telemetry.

Return on Investment

  • A great option to improve your enterprise security.
  • An easy way to see what your users is doing in your enviroment
  • I great tool to define the way that users connect through your network.

Alternatives Considered

FortiNAC

Other Software Used

Cisco Catalyst SD-WAN, Cisco Cyber Vision, Cisco Catalyst Center

Cisco Identity Services Engine (ISE) Review - Personal Experience

Use Cases and Deployment Scope

I use Cisco Identity Services Engine (ISE) to for auth users and devices connecting our networks, typically TACACS.

The scope of the use cases range from user to services accessing the network covering AAA.

Pros

  • Authentication of users connecting into the network devices
  • Authentication of devices and services connecting to other apps
  • Authorization and Accounting of user access
  • Alarms/Alerts - monitoring of the network features (certs, license, etc)

Cons

  • Managing self-cert
  • Self healing functionality for DNS

Return on Investment

  • Cisco Identity Services Engine (ISE) helps us to monitor who/what is connected to our networks and when. This is a positive.
  • Cisco Identity Services Engine (ISE) gives indication of what needs attention or troubleshooting.
  • The fact that my org relies heavily on Cisco Identity Services Engine (ISE) without negative impact on ROI is a positive.

Other Software Used

Infoblox DDI (BloxOne), Qualys Context XDR, Cacti