Forescout Platform Reviews

The most valuable feature for us is the real-time alerting of newly connected devices, whether they are approved or unapproved devices on our network.

Since our implementation of CounterACT, it has kept us aware of unapproved devices attempting to connect to our network which pose security threats.

The reporting could be a bit more intuitive and user friendly.

I have used CounterACT for two years.

There were many issues with deployment, but these were largely due to our own network architecture issues.

There were many issues with stability, but these were largely due to our own network architecture issues.

There were many issues with scalability, but these were largely due to our own network architecture issues.

I'd rate ForeScout's technical support as fair-to-good.

We did not have a previous NAC solution in place prior to CounterACT.

The initial setup was complex.

We used a vendor team for the implementation.

Do your homework ahead of time. Ensure that you have up-to-date network maps and that understand your network's architecture.

• Guest management
• Antivirus compliance monitoring
• USB connection management

The bank has been able to manage host connection on the network, manage antivirus, and restrict the use of USB on the bank’s systems.

The patch management ability of the solution needs to be re-examined.

We've used it for five years.

There have been no issues with the deployment.

There have been no issues with the stability.

There have been no issues with scaling it.

Customer service is above average.

Technical support is above average.

It's straightforward to set up.

We used a vendor team alongside an in-house one.

The ROI is commensurate with the price.

The product is expensive.

To get the best out of the solution, the organization’s networks team must be willing to take ownership and provide assistance where required. Use tools like Gigamon during deployment and avoid spanning directly from Cisco switches.

• Rogue detection and blocking
• Guest registration
• Full visibility of network hosts
• Threat protection

We are provided with real-time visibility and control of devices accessing our network.

• Reduce false positives
• Reduce bugs
• Improve on host classification
• Increase the Nigerian partner base

We've been using it for over two years.

No major issues.

No major issues.

No major issues.

It's good, but certainly it needs improvement especially on the side of the partners.

Initial setup was straightforward. All it required was to integrate traffic sniffing/monitoring and management ports into our core switch, and instruct the core switch to mirror every traffic to the device through the sniffing port. The rest was simply to define all our network segments on the device and integrate all access switches via SNMP.

We implemented it through ForeScout's only Nigerian partner, and this is what I would advise everyone interested in the solution to do.

It is quite expensive, but there are specs for small companies as well.

Cisco ISE was also evaluated, but the CT10000 was easier to implement and integrate into our environment.

You can go ahead, but you will need good network skills to get the maximum benefits from it.

I would also advise that you don't activate all the add-on features, but use it solely for its primary function - visibility and rogue detection/blocking.