We performed a comparison between Cisco ISE (Identity Services Engine) and Cisco Secure Firewall based on real PeerSpot user reviews.
Find out in this report how the two Cisco Security Portfolio solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Authentication is the most valuable feature because it puts our company at another level of security."
"SGTs are valuable because they make it easy to enforce policies, instead of pushing them across all the other platforms."
"I like that Cisco ISE is easy to use."
"ISE's most valuable feature is integration between IT and OTs."
"The features that do work, work well, and we use it on a daily basis."
"The most valuable feature is the flexibility of the policy sets."
"I love the policy sets, they are really nice and dynamic."
"Typically, the installation is pretty simple."
"Cisco Secure Firewall has improved our customers' security posture because it offers Next-Gen features, granularity, and reporting on the back of it. You can see the amount of users accessing Office 365, for example, and whether they're having a good or bad experience. You can see the threats that are coming into your network. You can see anyone who is compromised from within your network."
"Basic firewalling is obviously the most valuable. In addition to that, secure access and remote access are also very useful for us."
"Their performance is most valuable."
"The content filtering is good."
"Cisco's technical support is the best and that's why everybody implements their products."
"Its VPN and ASN features are very stable."
"I have found the most valuable feature to be the access control and IPsec VPN."
"This product is pretty stable."
"Cisco ISE could be simplified somewhat. I would also prefer certificate-based authentication over confirmation-based authentication for all the processes. It's possible for us to do a workaround, but the process needs to be simplified."
"Cisco ISE has almost all the features we are looking for now, but sometimes the configuration, such as the conditions, is a little difficult to understand and not so easy to navigate."
"The solution can lag somewhat as we have a large database."
"The area where things could be improved is education. It's complicated to deploy initially because you have to know what you're getting into."
"I would like for the next release to be easier to implement and to limit its dependencies around ISE, Windows, the network as a whole, etc."
"The user interface could be more user-friendly."
"In the next release, I would want to see this kind of solution in the cloud as opposed to on prem because when enhancements are made to the software, if it's in the cloud, it's overnight. I mean you're not going to have to respin the servers that the license sits on, it's all microservices kinds of things in the cloud. That would be my recommendation. If I'm a customer, that's what I'm looking at - for cloud based software subscriptions."
"Cisco ISE's real-time data analytics for database logging could be improved."
"The solution has not had any layer upgrades. It does not have layer five and upwards, it only has up to layer four. This has caused some problems for us."
"We use the FTD management platform for the boxes. The GUI that manages multiple Firepower boxes could be improved so that the user experience is better."
"At times the product is sluggish and slow"
"I have used Fortinet, Palo Alto, and Check Point previously and I prefer the process of everything working together."
"If you need to reschedule a call with the support team when you face a new issue with the product, then it may get a bit of a problem to get a hold of someone from the support team of Cisco."
"I was just trying to learn how this product actually operates and one thing that I see from internal processing is it does fire-walling and then sends it to the IPS model and any other model that needs to be performed. For example, content checking or filtering will be done in a field processing manner. That is something that causes delays in the network, from a security perspective. That is something that can be improved upon. Palo Alto already has implemented this as a pilot passed processing. So they put the same stream of data across multiple modules at the same time and see if it is giving a positive result by using an XR function. So, something similar can be done in the Cisco Firepower. Instead of single processing or in a sequential manner, they can do something similar to pile processing. Internal function that is something that they can improve upon."
"The scalability has room for improvement."
"We had an event recently where we had inbound traffic for SIP and we experienced an attack against our SIP endpoint, such that they were able to successfully make calls out... Both CTR, which is gathering data from multiple solutions that the vendor provides, as well as the FMC events connection, did not show any of those connections because there was not a NAT inbound which said either allow it or deny it."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Cisco Security Portfolio with 138 reviews while Cisco Secure Firewall is ranked 4th in Cisco Security Portfolio with 404 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Cisco Secure Firewall is rated 8.2. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and BeyondTrust Endpoint Privilege Management, whereas Cisco Secure Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Netgate pfSense, Meraki MX and Sophos XG. See our Cisco ISE (Identity Services Engine) vs. Cisco Secure Firewall report.
See our list of best Cisco Security Portfolio vendors.
We monitor all Cisco Security Portfolio reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.