Cisco Identity Services Engine

Microsegmentation software

Network security software

Features
Ease of use
Ease of management
Quality of support
Affordability
Market presence

Take the quiz to check if Cisco Identity Services Engine and its alternatives fit your requirements.

Get started

Pricing from

Free Trial

Free version unavailable

User corporate size

Small

Medium

Large

User industry

What is Cisco Identity Services Engine

Cisco Identity Services Engine (ISE) is a network access control (NAC) and policy platform used to authenticate users and devices, assess posture, and enforce access policies across wired, wireless, and VPN networks. It is typically used by enterprise network and security teams to implement identity-based access control, guest/BYOD onboarding, and device profiling. ISE integrates with Cisco network infrastructure and security tools to apply segmentation policies (for example, via Security Group Tags) and to centralize AAA services (RADIUS/TACACS+).

Mature NAC and AAA services

ISE provides centralized RADIUS and TACACS+ services for network authentication and device administration. It supports common enterprise NAC workflows such as 802.1X authentication, guest access, and BYOD onboarding. This makes it a fit for organizations standardizing identity-based access control across campus and branch networks.

Identity-based segmentation controls

ISE can assign and manage group-based policy attributes (such as Security Group Tags) that downstream network devices can use to enforce segmentation. This supports policy decisions based on user, device type, posture, and location rather than only IP addressing. It is commonly used to implement segmentation in environments with compatible switching, wireless, and firewall enforcement points.

Broad enterprise integrations

ISE integrates with directory services and certificate infrastructures for identity and authentication workflows. It also connects with endpoint security, MDM/UEM, and network infrastructure components to inform posture and access decisions. These integrations help operationalize access policies across heterogeneous user/device populations.

Segmentation depends on infrastructure

Many segmentation outcomes rely on enforcement by compatible network devices and correct end-to-end configuration. In mixed-vendor or legacy environments, feature parity and enforcement consistency can be harder to achieve. This can limit how uniformly policies apply across all network segments.

Complex to design and operate

Deployments often require careful planning for authentication methods, certificates, network device configurations, and policy structure. Troubleshooting can involve multiple systems (supplicants, PKI, RADIUS, switches/APs, and identity stores). Organizations frequently need specialized skills to implement and maintain the solution at scale.

Not a full microsegmentation platform

ISE focuses on network access control and identity-driven policy rather than providing comprehensive workload-level microsegmentation across data centers and clouds. For east-west workload segmentation, organizations often pair it with additional tools that map application dependencies and enforce host/workload policies. This can increase overall architecture complexity and cost.

Plan & Pricing

Plan	Price	Key features & notes
Essentials	Not listed on Cisco website — contact Cisco or authorized resellers/partners for pricing.	Base services: AAA and 802.1X, Guest (hotspot, self-register, sponsored), Easy Connect (Passive ID), basic context sharing. Intended for core access control functions..
Advantage	Not listed on Cisco website — contact Cisco or authorized resellers/partners for pricing.	Includes all Essentials features plus Profiling, BYOD, pxGrid integrations, TrustSec (Group-Based Policy), Endpoint Analytics visibility and enforcement, Rapid Threat Containment (Adaptive Network Control)..
Premier	Not listed on Cisco website — contact Cisco or authorized resellers/partners for pricing.	Includes all Advantage and Essentials features plus Posture (compliance), Mobile Device Management (MDM) compliance, Threat-Centric Network Access Control (TC-NAC), and the most complete feature set for compliance and advanced enforcement..

Notes:

Cisco ISE subscription licensing is nested: Premier includes Advantage and Essentials; Advantage includes Essentials. License quantity is based on the maximum number of concurrently active endpoints. Cisco uses Smart Licensing (Cisco Smart Software Manager) for subscription management..
Cisco does not publish list prices for ISE subscription tiers on its public product pages; pricing is provided via Cisco sales, authorized partners/resellers, or cloud marketplaces (AWS/Azure). If you need exact list prices or minimum paid cost, contact Cisco or an authorized reseller..

Seller details

Cisco Systems, Inc.

San Jose, California, USA

1984

Public

https://www.cisco.com/

https://x.com/Cisco

https://www.linkedin.com/company/cisco/

Tools by Cisco Systems, Inc.

Webex Connect

›

Splunk Infrastructure Monitoring

›

Cisco Edge Intelligence

›

Cisco IoT Control Center

Splunk Cloud Platform

›

Cisco Application Centric Infrastructure (ACI)

›

Cisco Data Center Network Manager

›

Splunk Synthetic Monitoring

›

Splunk AppDynamics

›

Splunk Real User Monitoring

›

Splunk Observability Cloud

Cisco FindIT Network Management

›

Cisco DNA Center

›

Cisco Catalyst Center

›

Cisco Webex Support

›

Cisco Cloud Services Router 1000V

›

Best Cisco Identity Services Engine alternatives

Tufin Orchestration Suite

›

Illumio

›

Zscaler Private Access

Generative AI & LLM	AI code generation software AI image generators software AI video generators AI writing assistants Large language models (LLMs) software
Agents, autonomous & workflow automation	AI chatbots software AI customer support agents software Bot platforms software General-purpose AI agents
Vertical AI	Data science and machine learning platforms Machine learning software
Sales	CPQ software CRM software E-signature software Sales enablement software
Marketing	Email marketing software Marketing automation software SEO tools Social media management tools
Security	Antivirus software Firewall software Identity and access management (IAM) software
Analytics	Analytics platforms Data visualization tools
Collaboration & productivity	Collaborative whiteboard software Video conferencing software
Commerce	E-commerce platforms Payment processing software
Content management	Document management software Knowledge base software Website builder software
Customer service	Customer service automation software Customer success software Help desk software Live chat software
Development	Cloud platform as a service (PaaS) software
ERP	Accounting software ERP systems Expense management software Project management software
HR	Applicant tracking systems (ATS) Payroll software Time tracking software
IT infrastructure	Data warehouse solutions ETL tools Infrastructure as a service (IaaS) providers iPaaS software
IT management	Business process management software Robotic process automation (RPA) software Workflow management software

Cisco Identity Services Engine

What is Cisco Identity Services Engine

Mature NAC and AAA services

Identity-based segmentation controls

Broad enterprise integrations

Segmentation depends on infrastructure

Complex to design and operate

Not a full microsegmentation platform

Plan & Pricing

Seller details

Tools by Cisco Systems, Inc.

Best Cisco Identity Services Engine alternatives

Popular categories

Generative AI & LLM

Agents, autonomous & workflow automation

Vertical AI

Sales

Marketing

Security

Analytics

Collaboration & productivity

Commerce

Content management

Customer service

Development

ERP

HR

IT infrastructure

IT management