We performed a comparison between Cisco ISE (Identity Services Engine) and F5 BIG-IP Access Policy Manager (APM) based on real PeerSpot user reviews.
Find out in this report how the two Network Access Control (NAC) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable thing in ISE is the adoption of EAP deep that came in [version] 2.7, so we can do authentication based on user and machine certificates in one authentication."
"Improves switch account management."
"The feature that I most like is that it can notify me whenever someone plugs in their device, which is not allowed. I get notifications for new laptop devices. I think the user interface looks good compared to previous versions."
"The product is useful for device administration."
"The most valuable feature is AnyConnect Posture because it scans all the programs on the workstation and checks if the antivirus is up to date, as well as the cryptographic keys on our SSD."
"It integrates with the rest of our platform, like our firewall, and helps us a lot. It also does a good job establishing trust for every access request."
"Cisco ISE is a powerful solution. It gives us the ability to control who's accessing our network, and Cisco has made it very easy."
"Authentication is the most valuable feature because it puts our company at another level of security."
"F5 BIG-IP APM is relatively easy to use."
"In my opinion, the GUI is perfect with the configuration options provided. F5 BIG-IP has given customization options and policy configuration tools in the GUI. It's good and good enough to work."
"The tool is reliable and easy to configure."
"We have seen a return on investment from F5 BIG-IP Access Policy Manager. It provided access at a time when we didn't have it."
"The product allows us to create customized portals for your users."
"The most valuable feature is the virtual IP creation. It's our most frequently used feature."
"The portal access was very good."
"The solution is stable and reliable."
"ISE is a little clunky. The front-end feels like it is from the 1980s."
"I would like to see integration with other vendors, and the RADIUS integration needs to be improved a little bit."
"It would be helpful for us to know what needs to be deployed, configured, and what changes we need to make to our devices when we don't receive the specific login which is an indication of a lack of connection or incorrect configuration."
"The upgrades could be better. Every time we try to do an upgrade, we have problems. It's a pain."
"It is a good product, but in order to use all of the functions of the product, you must have a good understanding of the product. You must know how to use and manage it. It is a little bit complicated to configure and manage. It must be simplified to make it easy to manage for end users. In the initial stage, we found ISE complicated for end users. It was not easy to manage it or to write authentication and authorization protocol. They must improve its management and make it easy for end users. The monitoring and reporting capabilities can be improved because end users want to quickly see what is happening in their network. There were some restrictions in working with other vendors. It should also have a better and easy integration with other vendors."
"Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product."
"Automation [is an area for improvement]. It seems like everywhere I look, automation is super important. Automation and integrations. That's the area it could be improved..."
"It would be nice if it could be configured easily by default."
"The technical support’s response time must be improved."
"In my opinion, the GUI side needs some improvement based on my usage. Sometimes, it doesn't work as efficiently as the CLI side."
"We do not have knowledgeable support teams locally."
"Integrating identity providers and single sign-on solutions can simplify user authentication and access control."
"The initial setup was complex."
"The solution’s GUI looks very old."
"F5 BIG-IP APM disconnects when you leave it for long enough, but that is natural for IT solutions to do. That's a little bit frustrating."
"I'd suggest improved documentation integration directly within the GUI. Right now, finding comprehensive documentation often requires going to external websites like the community portal."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
More F5 BIG-IP Access Policy Manager (APM) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 135 reviews while F5 BIG-IP Access Policy Manager (APM) is ranked 7th in Network Access Control (NAC) with 13 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while F5 BIG-IP Access Policy Manager (APM) is rated 8.2. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of F5 BIG-IP Access Policy Manager (APM) writes " Facilitates packet inspection, modification, and offloading and offers visibility and troubleshooting capabilities, allowing for pre-production server testing". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager and ExtremeControl, whereas F5 BIG-IP Access Policy Manager (APM) is most compared with Citrix Gateway, CyberArk Privileged Access Manager, Ivanti Connect Secure, Microsoft Remote Desktop Services and Microsoft Entra ID. See our Cisco ISE (Identity Services Engine) vs. F5 BIG-IP Access Policy Manager (APM) report.
See our list of best Network Access Control (NAC) vendors.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.