Cisco Identity Services Engine (ISE) is identity security software that many enterprises rely on for access policy management as well as user and network monitoring.
Cisco is a top vendor in both the networking and cybersecurity software spaces, and with this product, Cisco offers users a solution for both managing and improving the internal user experience (UX) across the enterprise.
See below for a comprehensive examination of Cisco ISE and how this software differs from other identity and access management (IAM) and network access control (NAC) and products on the market:
A Closer Look at Cisco ISE
Also read: Top Network Security Trends
The identity security market
The identity security market offers a range of solutions across IAM and NAC, which is a subset of IAM.
The identity and access management market reached $13.4 billion in 2021 and is expected to grow to $34.5 billion in 2028, according to Fortune Business Insights.
The network access control market should reach $2.1 billion in 2022 and is projected to reach $15.3 billion by 2032, according to Fact.MR.
Cisco ISE is most often labeled as NAC software, but some reviewers consider the platform to be a more comprehensive IAM. These are some of the platform’s top competitors in both NAC and IAM:
- HPE Aruba ClearPass Policy Manager
- The Forescout Platform
- FortiNAC by Fortinet
- Pathlock
- Okta
- IBM Security Verify Access
- Oracle Cloud Infrastructure Identity and Access Management
Learn more about the network security market.
Key features of Cisco ISE
The Cisco Identity Services Engine focuses on customizable policy development and enforcement, making it a strong support for enterprise networks that want to implement a zero-trust strategy.
Some of its top features that support zero trust and administrative network visibility include:
- Dynamic visibility across network users and devices
- Network segmentation with automation available for both IT and operational technology (OT) infrastructure
- Built-in network monitoring with administrative customization
- Automated threat containment
- Security support for software-defined guest and regular user access
- Granular user permissioning
- Secure wired access
- Device compliance management
- Integrations with existing security ecosystem
- Bring-your-own-device (BYOD) compatibility
Cisco ISE use cases
Whether Cisco ISE is used on its own for identity policy management or implemented with other Cisco portfolio software, ISE supports a variety of industries and their enterprise network security goals.
For universities and other campus-based networks, such as Indiana State University, ISE helps network administrators assign, monitor, and continually manage user roles on the network:
“ISE streamlines policy management and makes it very easy to look at different aspects of a user, the workstation, the environment, or the way they’re connecting into our network. And it helps us assign them the appropriate role very quickly … We’ve got a good posture established, and users are happy because they can connect in. We’re able to set up guest registration, so when people come in, they can self-register on our campus and use our wireless. We’re leveraging this tool to give them some freedom.” -David Pifer, assistant director of network engineering services at Indiana State University, customer statement on Cisco ISE
Financial institutions choose to combine Cisco ISE with other Cisco network security management solutions to add protections for sensitive enterprise data and create efficiencies for device and user deployment.
Farm Credit Mid-America integrated ISE with the Cisco DNA Center and experienced the following benefits:
“We went from receiving the equipment in our facility to configuring it, training our staff, and bringing it into production in less than eight weeks! This not only is a testament to our IT team, who was able to learn quickly and deploy the system, but also to the solution itself, which is intuitive and makes it easy for users to get things done!” -Mike Everett, VP and chief security officer at Farm Credit Mid-America, customer statement on Cisco ISE integrated with Cisco DNA Center
Great Southern Bank integrated Cisco ISE with Cisco ACI fabric, which helped them manage policies and performance better across the segmented data fabric:
“ACI has been rock solid, and we can see the connectivity and performance of workloads and applications in addition to switches. Having full visibility of our data centers and the ability to make changes across both of them is so much better and easier from an operational standpoint.” -Ville Laakso, head of enterprise technology at Great Southern Bank, customer statement on Cisco ISE integrated with Cisco ACI
Cisco ISE differentiators
Customer support resources
Cisco gives extensive support to customers across its portfolio. For ISE, Cisco provides product documentation and data sheets, an ISE community, deployment guides, demos and webinars, and focused technical support.
Many customers also choose to add Cisco Customer Experience (CX) security services to their purchase, with managed service offerings like zero trust strategy, managed detection and response (MDR), and Talos incident response.
Contextual approach to data
Cisco takes a contextual approach to both data access and data insights on ISE. User access can be adjusted based on certain tags, such as user and endpoint identity, device identity, time, location, posture validation, authentication protocols, threat, vulnerability, and access type. Contextual labeling leads to smart analytics, which helps administrators monitor user patterns over time to detect anomalies and better classify users and devices.
Cisco partners and portfolio
In addition to Cisco’s considerable portfolio of network security solutions, the company adds international value to Cisco ISE through its partners. Cisco ISE Technology Partners and Cisco Security Technical Alliances are two of the external initiatives the company uses to connect its security products and services to other top players in the market, ensuring that customers can manage enterprise security with minimal technology silos.
Learn more about managing enterprise data: Top Data Management Platforms & Software
Cisco ISE ratings
Review site | Rating |
Gartner Peer Insights | 4.4/5 |
TrustRadius | 8.7/10 |
G2 | 4.5/5 |
Peerspot | 3.8/5 |
Cisco ISE pricing
Cisco does not list pricing online for Cisco ISE. To learn what pricing and feature packages are available, prospective customers need to contact the Cisco sales team for more information.
Conclusions
Cisco ISE is a strong zero-trust policy management product for several network and industry types. The software’s balance of initial access with granular administrative permissions and insights is particularly valuable for sprawling networks with different user types, such as large enterprises. The full life cycle for onboarding and user device management is covered through Cisco’s automated approach and helps companies manage a fluctuating set of users.
One of the main reasons customers invest in Cisco ISE is because of Cisco’s reputation in network security. Cisco is one of the most highly rated and widely used vendors in network security, and the company’s extensive resources make it a comprehensive security vendor.
Cisco ISE is one piece of Cisco’s greater collection of IAM and security offerings. Especially when it’s integrated with Duo and other tools that focus on user-level security and monitoring, enterprises find that Cisco ISE solves a variety of their identity security challenges.
Read next: Top 10 Enterprise Networking Companies