We performed a comparison between Forescout Platform and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Microsoft Defender for Cloud is highly regarded for its automated processes, advanced threat analysis, and extensive security measures, including protection against ransomware and access controls. Forescout users say the product could be better at resolving connectivity and license issues. Users also want more compatibility with different devices and operating systems, along with better logging and troubleshooting capabilities. Microsoft Defender for Cloud could use enhancements in automation and ease of use.
Service and Support: Some users reported positive experiences with Forescout support, but others requested better responsiveness and training. Some Defender for Cloud users reported positive experiences with Microsoft, while others complained that the solution's outsourced support lacked technical knowledge.
Ease of Deployment: Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive. The initial setup of Microsoft Defender for Cloud is described as straightforward, but the deployment time may vary depending on specific requirements.
Pricing: The total cost of Forescout Platform can be high depending on the level of customization and integration required. Microsoft Defender for Cloud is in the mid-to-high pricing tier. While some users find it expensive, others believe it offers good value.
ROI: Forescout Platform yields a solid ROI by improving network access control and overall security. Microsoft Defender for Cloud streamlines security tasks and saves users money by consolidating various solutions.
Comparison Results: Our users prefer Forescout Platform over Microsoft Defender for Cloud. Users appreciate its agentless visibility, policy flexibility, and seamless integration with multiple vendors. It also provides comprehensive device and version clarity and excellent support. Microsoft Defender for Cloud falls short in terms of visibility and flexibility compared to Forescout Platform. Forescout Platform is also considered to be more cost-effective than Microsoft Defender for Cloud.
"Obtaining visibility into the network and connected devices is very simple with this tool. It takes me three minutes to do a base deployment when all the parameters are available."
"The most valuable feature is the ease of deployment, which does not require the use of an agent."
"Provides a good overview of all devices on a network."
"Forescout is easy to integrate with a lot of end systems."
"The best parts of Forescout Platform are its orchestration features, discovery capabilities, classification buckets, and flexibility in creating policies."
"Forescout CounterACT has allowed us to better open our access and control wireless access globally from our HQ. This allows us to monitor the network access for every office globally. This has improved overall security, reducing risk and opening up the opportunity to provide greater end user flexibility."
"The most valuable feature of Forescout Platform is that it has everything that Aruba has at significantly less cost."
"The 802.1X compliance authentication feature of this solution is very good."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"The entire Defender Suite is tightly coupled, integrated, and collaborative."
"Most importantly, it's an integrated solution. We not only have Defender for Cloud, but we also have Defender for Endpoint, Defender for Office 365, and Defender for Identity. It's an integrated, holistic solution."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"Defender is user-friendly and provides decent visibility into threats."
"The solution is very easy to deploy."
"For the user, the policy that they have implemented sometimes needs adjustments. Sometimes the features that the customer asks for aren't involved in the main installation, and I need to bolt an add-on in. However, I never know if this policy is the right one when I do this."
"The licensing costs are quite high. With the amount of hardware we have, we need too many licenses to make the product effective and it's ultimately just too costly."
"Two things can be improved in the Forescout Platform. First of all, the support for some certain proprietary protocols from other vendors, but they are very widely used. If the TechEx from Cisco, was added to Forescout, then it will be a full solution for me."
"The product needs to improve its support. I know a case that dragged on for about one and a half years. They eventually suggested professional services and closed the ticket. We followed their advice, engaging the account manager and professional service team, only to discover that the issue was a bug. After reopening the case, it's been about six months, and the problem still hasn't been resolved."
"The solution needs more definitive pricing. The costs are hard to nail down."
"In the next release of the solution, it could benefit from being more flexible to allow for more freedom."
"The initial setup was complex."
"They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"The solution's portal is very easy to use, but there's one key component that is missing when it comes to managing policies. For example, if I've onboarded my server and I need to specify antivirus policies, there's no option to do that on the portal. I will have to go to Intune to deploy them. That is one main aspect that is missing and it's worrisome."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"I would suggest building a single product that addresses endpoint server protection, attack surface, and everything else in one solution. That is the main disadvantage with the product. If we are incorporating some features, we end up in a situation where this solution is for the server, and that one is for the client, or this is for identity, and that is for our application. They're not bundling it. Commercially, we can charge for different licenses, but on the implementation side, it's tough to help our end-customer understand which product they're getting."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
Forescout Platform is ranked 3rd in Network Access Control (NAC) with 69 reviews while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Forescout Platform is rated 8.4, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our Forescout Platform vs. Microsoft Defender for Cloud report.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.