Cisco Identity Services Engine

Increase Visibility, Control Access, Contain Threats

Get a security policy management platform that automates and enforces context-aware security access to network resources. Identity Services Engine delivers superior user and device visibility to support enterprise mobility experiences and to control access. It shares data with integrated partner solutions to accelerate their capabilities to identify, mitigate, and remediate threats.


Video Data Sheet

Learn the benefits of the Identity Services Engine 2.0 (3:15 min.)

Watch Video

Leader in Network Access Control

Cisco is positioned as a leader in Gartner's Magic Quadrant for NAC.

Get Report

Features and Capabilities

Identity Services Engine helps IT professionals conquer enterprise mobility challenges and secure the evolving network across the attack continuum. It provides you with numerous capabilities, some of which are listed below.

Simplify guest experiences for easier guest onboarding and administration. Use the product's easily-customizable, branded mobile and desktop guest portals to create access in just minutes. The engine's dynamic visual workflows let you fully manage every aspect of guest access.

Streamline BYOD and enterprise mobility with easy, out-of-the-box setup for self-service device onboarding and management. Identity Services Engine includes an internal certificate authority, multi-forest Active Directory support, and integrated enterprise mobility management (EMM) partner software.

Centralize and unify network access policy management to provide consistent, highly secure access to end users, whether they connect to your network over a wired, wireless, or VPN connection.

Gain greater visibility and more accurate device identification. Identity Services Engine's superior device profiling and zero-day device profile feed service provides updated profiles for the latest devices. Combined, these two features help reduce the number of unknown endpoints (and potential threats) on your network.

Implement software-defined segmentation based on enterprise roles by using Cisco TrustSec technology embedded in existing infrastructure. Use Identity Services Engine to create flexible, role-based access control policies that dynamically segment access without added complexity. Traffic classification is based on endpoint identity, which can enable policy change without network redesign.With support for 250,000 active, concurrent endpoints, and up to 1,000,000 registered devices, our product allows enterprises to accelerate mobility projects across the extended network.

Share contextual data with partner solutions through Cisco Platform Exchange Grid technology within Identity Services Engine.

Contextual data improves the efficacy of partner solutions and accelerates the identification, mitigation, and remediation of network threats. Additionally, partner solutions, such as Lancope StealthWatch, can execute access policy changes in Identity Services Engine to contain threats and prevent their spread across the network.

For example, with Identity Services Engine, integrated partner solutions can more rapidly remediate threats and streamline network forensics and endpoint vulnerability remediation. They can also provide adaptive single sign-on to identity-federated devices, and even extend secure access to SCADA/control networks—all based on context and identity received from the engine.


Trust Your Network to a NAC Leader

Frost and Sullivan honors Cisco for global market leadership in Network Access Control

Get Details

Get Guest Access with ISE Express

See how anyone can easily design branded guest portals in minutes.

Go to ISE Express

Reduce Your Attack Surface

See how ISE provides complete endpoint visibility and network control. (PDF - 4.4 MB)

Download Infographic

Additional Resources