We performed a comparison between Cisco ISE (Identity Services Engine) and Cisco Secure Firewall based on real PeerSpot user reviews.
Find out in this report how the two Cisco Security Portfolio solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Being able to authenticate wired users through 802.1X is valuable as it enhances our security."
"The product is stable."
"SGTs are valuable because they make it easy to enforce policies, instead of pushing them across all the other platforms."
"The most valuable features are the ability to retrieve information about Active Directory user names, viewing the log files to see which MAC address tried to connect with the created SSIDs, portal designing for your company, hotspot tools, and creating network rules for WiFi access."
"The ability to allow or deny hosts onto the network is valuable. It provides great security to the network environment."
"It does what it's supposed to. We use a certificate-based authentication method for corporate-managed devices. That means when a user walks in with their managed laptop and plugs it into the network, it chats with Cisco ISE in the background, allows it on the network, and away they go."
"Cisco ISE scales exceptionally well."
"RADIUS is the best feature because it supplies authentication to our entire campus."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched."
"We have been using a 5520 for seven years in our datacenter and we are satisfied by this version."
"The implementation is pretty straightforward."
"Network segmentation is the most valuable feature."
"The most valuable feature we have found to be the VPN because we use it often."
"The stability of the solution is very good. We can see that it gets even better with every release."
"All the rules are secure and we haven't had a significant malware attack in the five years that we've been using ASA Firewall. It has been a tremendous improvement for our network. However, I can't quantify the benefits in monetary terms."
"The initial setup was a little bit complex. It's not that simple because it requires a lot of prerequisites for the solution to get a hold on."
"It could be less monolithic. It's one huge application, and it does everything under the sun, so it's hard to deal with and upgrade and manage."
"The ISE software needs to be improved so that it is easier to administer."
"Cisco ISE has numerous features that are impractical, and I won't utilize them since they require payment."
"We do tend to run into a lot of issues with ISE when it comes to bugs."
"ISE is a little clunky. The front-end feels like it is from the 1980s."
"Automation [is an area for improvement]. It seems like everywhere I look, automation is super important. Automation and integrations. That's the area it could be improved..."
"The initial setup process is complex since there are so many big components."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"The maturity needs to be better."
"If the implementation was easier, it would be a lot better for us."
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."
"The inclusion of an autofill feature would improve the ease of commands."
"It would be great if some of the load times were faster."
"I think they need to review their whole UI because it feels like it was created by a whole bunch of different teams of developers who didn't fully talk to each other. The net policy screen is just a mess. It should look like the firewall policy screen, and they should both act the same, but they don't. I feel like it's two different buildings or programming, who don't talk to each other, and that really annoys me."
"More intuitive support for SIP services are needed. This took a long time to configure properly for the user."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Cisco Security Portfolio with 136 reviews while Cisco Secure Firewall is ranked 4th in Cisco Security Portfolio with 404 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Cisco Secure Firewall is rated 8.2. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and Portnox CORE, whereas Cisco Secure Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Netgate pfSense, Meraki MX and Sophos XG. See our Cisco ISE (Identity Services Engine) vs. Cisco Secure Firewall report.
See our list of best Cisco Security Portfolio vendors.
We monitor all Cisco Security Portfolio reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.