Cisco ISE It's mostly there if you can afford it.
February 11, 2023

Cisco ISE It's mostly there if you can afford it.

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Cisco Identity Services Engine (ISE)

We are using ise succesfully in securing our network with 802.1x and tacacs. We are moving towards Zero Trust and integrated with our MDM with SCCM to validate compliance of critical patches. This is working ok. Next we wanted to verify the vulnerability score from our scanners. We can connect to our Tenable server with api but we cannot run a credentialed scan on a newly discovered device. We can kick off a ping and nmap scan but that doesn't give us a vulnerability score. So when people connect to the vpn and we try to scan them to make sure that they are safe we fail.

Pros

  • 1x authentication with Dynamic Vlan assignment depending on what they should have access to.
  • TACACS/Admin access with RBAC using AD
  • provides great logs

Cons

  • the UI is usually very slow
  • Native Password change portal for local identities(tacacs users)
  • ability with RBAC to show the policies but restrict access to modify. Right now you can only show or hide but not restrict control of what they can do. This is not very helpful for our tier 2 admins that are trying to troubshoot issues as they don't see the policies. The work around is giving full read only admin account which isn't always ideal
  • Securing the network
  • helping to know what is being plugged in and where
  • tracking exceptions for the rules
Cisco ise is great at what it does. There are much cheaper solutions, but that also comes with it's disadvantages of the support that is usually there. But when you are up against Free Radius....what more is there to say for a lot of the smaller companies that is going to be their go to solution

Do you think Cisco Identity Services Engine (ISE) delivers good value for the price?

No

Are you happy with Cisco Identity Services Engine (ISE)'s feature set?

Yes

Did Cisco Identity Services Engine (ISE) live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Cisco Identity Services Engine (ISE) go as expected?

Yes

Would you buy Cisco Identity Services Engine (ISE) again?

Yes

NetBrain, SolarWinds ipMonitor, SolarWinds IP Address Manager (IPAM)
Ise does great for controlling TACACS and Radius authentications. It is pretty easy to make rules very granular. There is a learning curve but that comes with anything.

I wish the licensing a was a lot easier and not so expensive. I feel like you would be able to reach more markets as the price alone pushes people away. It's the idea that you would sell more and make up the margins lost.

Comments

More Reviews of Cisco Identity Services Engine (ISE)