Cisco IOS Security is great when there isn't enough budget to acquire advanced security solutions like ISE. We can use the Cisco IOS security features to secure our network as much as we can, we can do authentication using Radius, Port Security, and access lists to secure our traffic while eliminating the attacker from accessing our network.
It's very well suited for geographically dispersed organizations, where deploying and managing remote firewalls and other network security functions aren't practical. Once deployed, and the deployment isn't difficult after planning and understanding the data flows of the IoT devices, the system is easily managed and flexible. You're able to allow front line operations people to add devices into a role without sacrificing the integrity of the security model.
QoS. Cisco Quality of Service is top notch and handles prioritization of voice and video without issue.
Ease of implementation and configuration. Once you have a device configured, it is easy to use that configuration as a template for the rest. Export your config, update, the IP Address and Name at a minimum, then deploy to the next device.
Longevity! Sometimes it can be difficult to upsell a current Cisco client due to aging hardware. I have gone into a network that has 12 year old switches still running strong. I have only seen this with the Cisco brand. At that point, the upsell is the newer features and not the age of the device.
Cisco has the biggest and most trustful partner network in the world. Besides that, you can buy a service contract with the hardware and use the Cisco TAC to help to solve problems. That’s a key differential for Cisco comparing to other vendors.
It's pretty darned good for a new company. We had to hash through a couple of instances that no one had ever run into, but once we got to the right person on the engineering team, they were able to work through the solution pretty quickly. The nice thing is, unlike Cisco, once you fix something, you don't find three new things that have to be changed.
IOS Security is a bonus feature when you purchase Cisco devices. It is great to have a vendor provide equipment to go above and beyond the minimal needs for business operation. Having security at the downstream edge of our organization provides a sense of ease from potential attacks.
The cost and complexity vs. ISE is as different as Uber and Lift are from trying to take a taxi in Duluth, Minnesota. The complexity of Cisco's IoT security is a joke. It was going to take us over a year just to deploy all the Cisco equipment, and that was if we could have gotten it all working together. We got the entire project deployed in just under 3 months, and that includes working out all the bugs and logistics. Honestly, I don't think all the Cisco parts would have ever been running like Cisco promised it would. It's just way too complicated.
Cisco iOS security helped our business deploy a relatively safe solution for a small amount of money.
If you don’t have enough budget to invest in a robust and expensive firewall solution, you can safely use Cisco iOS security to protect your branch or remote office without compromise your network.
Because Cisco iOS security uses a simple command-line based interface, you can deploy standardized scripts and keep the operational costs low.
