Want to learn the best practice for configuring Chromebooks with 802.1X authentication?

Sign up for a Webinar!

FreeRADIUS vs. Cisco ISE

Key Points
  • Cisco ISE provides complete network visibility and policy enforcement at a more significant expense, particularly with Cisco equipment.
  • FreeRADIUS offers a low-cost, open-source alternative appropriate for organizations that can handle setup and customization.
  • For a secure and cost-effective solution, FreeRADIUS, paired with SecureW2's PKI, provides excellent protection while reducing costs.
  • SecureW2 also offers a managed Cloud RADIUS service, designed for passwordless authentication with our PKI platform.

Cyber-attacks cost small businesses an average of $84,000 to $148,000, and 60% of those attacked go out of business in 6 months. As organizations continue to grow, it becomes more important for IT administrators to look for better solutions for managing their network infrastructure.

When trying to create the most secure network possible, it’s important to look at every facet of your system. Often this means comparing different methods of each protocol available – FreeRADIUS and Cisco ISE are prime examples of this. While there is some functional overlap between the two, they do have some differences in usage cases.

Regardless of which RADIUS you use the fact of the matter is that Public-key encryption is the best option for authenticating users with digital x.509 certificates, which you can configure with a Public Key Infrastructures (PKI). SecureW2 offers a turnkey PKI that comes with a state-of-the-art Cloud RADIUS, check out what one of our customers has to say.

So let’s compare and contrast the two and see which is more beneficial for your network.

Cisco ISE

Cisco ISE (Identity Services Engine) is a RADIUS Server + policy engine that is used as a gatekeeper for the network through a series of data points, and then acting on those points through integration with Cisco networking gear. ISE identifies, classifies, and tracks all endpoints connected to the network to allow the automation of policy provisioning.

Open integrations extend interoperability into the cloud. The team can integrate with cloud software-as-a-service (SaaS) security solutions. The biggest benefit of Cisco ISE is complete network visibility. IT administrators have full detail of all devices on the network and are provided with an easy GUI so administrators can navigate easily.

However, there is a big drawback with Cisco ISE that comes with its high cost. The cost is especially noteworthy when considering you will need to keep using Cisco products in order to maximize the usability of ISE.

 

FreeRADIUS

An often used RADIUS Server comes from FreeRADIUS. The benefits of FreeRADIUS can be summarized in 4 points:

 

  1. It’s the most popular RADIUS server in the world for a reason; It works like a charm
  2. It is a no-cost solution and it’s Open Source.
  3. It’s multithreaded, so it can process more than one transaction at a time.
  4. There are no license expenses, meaning that it costs the same to authenticate one device as it does hundreds.

 

That being said, it can be difficult for admins with little RADIUS experience to set up FreeRADIUS. It can also be difficult for organizations that have unique use cases to configure and customize FreeRADIUS.

However, many are unaware that FreeRADIUS offers consulting and support services at quite reasonable prices. Oftentimes it’s much cheaper to pay for FreeRADIUS services than paying for some of the traditional options. Compared to Cisco ISE, it’s going to be way less expensive. By using Network RADIUS’ Customization and Consulting Services (run by the creators of FreeRADIUS) you will be able to have a RADIUS server that is perfectly tailored to your environment, and best of all you will have no license costs!

Cloud RADIUS

Another solution comes from SecureW2’s Cloud RADIUS. Our team has designed the RADIUS to seamlessly integrate with any network infrastructure, while also providing an easy-to-use certificate onboarding service. If you want a set-and-forget RADIUS solution, while still maintaining bulletproof security, Cloud RADIUS is for you.

Our turnkey PKI solution and JoinNow onboarding software allow users to manually configure without the risk of any onboarding misconfigurations. JoinNow allows users to self-configure their devices for certificates in minutes. The process involves only a few clicks, and once completed, the user is equipped with a certificate and can be immediately authenticated. Our solution makes working with any IDP a breeze.

If you’re considering between Cisco ISE and FreeRADIUS, we recommend the latter of the two. FreeRADIUS is a much more cost-effective solution and you’re going to have a really awesome bespoke RADIUS Server through Network RADIUS. Additionally, SecureW2’s PKI and onboarding software can be easily integrated with FreeRADIUS, giving you the best of both worlds. If you’re interested in SecureW2, check out our pricing page to see how we can fit into your organization.

 

Learn about this author

Eytan Raphaely

Eytan Raphaely is a digital marketing professional with a true passion for writing things that he thinks are really funny, that other people think are mildly funny. Eytan is a graduate of University of Washington where he studied digital marketing. Eytan has diverse writing experience, including studios and marketing consulting companies, digital comedy media companies, and more.

FreeRADIUS vs. Cisco ISE