Cisco ISE It's mostly there if you can afford it.
February 11, 2023
Cisco ISE It's mostly there if you can afford it.
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Cisco Identity Services Engine (ISE)
We are using ise succesfully in securing our network with 802.1x and tacacs. We are moving towards Zero Trust and integrated with our MDM with SCCM to validate compliance of critical patches. This is working ok. Next we wanted to verify the vulnerability score from our scanners. We can connect to our Tenable server with api but we cannot run a credentialed scan on a newly discovered device. We can kick off a ping and nmap scan but that doesn't give us a vulnerability score. So when people connect to the vpn and we try to scan them to make sure that they are safe we fail.
Pros
- 1x authentication with Dynamic Vlan assignment depending on what they should have access to.
- TACACS/Admin access with RBAC using AD
- provides great logs
Cons
- the UI is usually very slow
- Native Password change portal for local identities(tacacs users)
- ability with RBAC to show the policies but restrict access to modify. Right now you can only show or hide but not restrict control of what they can do. This is not very helpful for our tier 2 admins that are trying to troubshoot issues as they don't see the policies. The work around is giving full read only admin account which isn't always ideal
- Securing the network
- helping to know what is being plugged in and where
- tracking exceptions for the rules
Cisco ise is great at what it does. There are much cheaper solutions, but that also comes with it's disadvantages of the support that is usually there. But when you are up against Free Radius....what more is there to say for a lot of the smaller companies that is going to be their go to solution
Do you think Cisco Identity Services Engine (ISE) delivers good value for the price?
No
Are you happy with Cisco Identity Services Engine (ISE)'s feature set?
Yes
Did Cisco Identity Services Engine (ISE) live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Cisco Identity Services Engine (ISE) go as expected?
Yes
Would you buy Cisco Identity Services Engine (ISE) again?
Yes
Comments
Please log in to join the conversation