Forescout Platform Reviews

Forescout Platform's most valuable features are that it is very granular. We are able to cull out a lot of information about our particular device or endpoint. The configuration and the visibility are very seamless. Overall the solution is very easy to handle and it's very comprehensive.

We have visibility of all the hidden assets and there are various versions of implementations of an AV in our environment. From the Forescout Platform, we have clarity of the device, and all the different versions reported in a simple dashboard. The number of attacks has been minimal. After this installation, we didn't have any kind of noticeable incident.

I have been using the Forescout Platform for approximately one year.

The solution is very stable.

Forescout Platform is scalable.

We have approximately 4,000 people using the solution in my organization.

We have used the support and it has been good. However, sometimes we have missed them because of the timezone difference.

I rate the support from Forescout Platform a four out of five.

We have previously used Symantec Mac. We switched to the Forescout Platform because Symantec has certain inhibitions. Symantec doesn't have an agentless implementation and they don't have a roadmap.

I have done many POCs with many similar solutions, such as Aruba ClearPass and Cisco ISE.

The implementation of Aruba ClearPass was very difficult. When we tried other solutions, the initial learning is difficult and takes a lot of time. Forescout Platform has been straightforward to use.

Cisco ISE has a very difficult integration for us.

Initially, the implementation of the Forescout Platform took some time to figure out. The reason is we are a manufacturing unit and we have certain silos that are insulated areas where certain systems will not connect to the internet or to the LAN. Since there are many parts of it, we have to have an inclusive view of all those systems. It took a while for us to initially implement, but after a few months, everything worked well.

We have a help desk team for support of this solution. We have a few security people to handle it.  We don't require that much of people for maintenance.

The price of the solution is reasonable. We have paid for the license for five years. We have integration with Symantec AV for orchestration, and we have an additional license.

My advice to others is Forescout Platform is a good solution. It's fairly simple to deploy in an environment, far better than the other products in which we have done a POC, has good stability and performance. 

I highly recommend it.

I rate Forescout Platform a ten out of ten.

The product is used especially in scenarios where you have an abandoned server that did not have any updates or any security updates or a stable operating system, owing to which you had to shut it down in your environment. If, somehow, somebody tries to switch on an abandoned server, Forescout will check if the operating system and antivirus are updated or not, and if they are not, then it will immediately disconnect such a server from the network and isolate it.

The valuable feature of the product stems from the fact that it is easy to implement. The person who implemented the tool had a security team and a department that took care of the implementation and defined the policies along with everything else. For patching purposes, my company uses Ivanti Endpoint Management Software.

I have been using Forescout Platform for a year. I use the solution's latest version.

Stability-wise, I rate the solution an eight and a half to nine out of ten. I provide my ratings based on my experiences associated with the product. There is another team in my company that takes care of the configuration and implementation process attached to the product. I have not even seen the interface of the product except for a few of its features, including how its policies are made.

It may be a scalable solution, but I don't know much about it.

I believe that my company has implemented the tool for around 8,000 to 9,000 users.

The implementation of the tool was taken care of by the security team and not me.

The solution is deployed on the cloud and on an on-premises model.

The product may not yield any return on investment since it is only used to make your environment more reliable and secure.

Considering that my company is learning and implementing new things, the tool's UI and UX are okay.

I recommend the tool to others. I don't know what the competitive products of Forescout Platform are, but in our environment, they are the best.

The tool's policy enforcement capabilities are good and streamlined to our company's security operation.

I don't think there is any AI feature in Forescout Platform.

I rate the tool an eight out of ten.

I am using the Forescout Platform for access control, a central management dashboard of all endpoints, and blocking.

The most valuable feature of the Forescout Platform it's highly customizable and flexible.

If older network devices are used there can be some compatibility issues while using the Forescout Platform. Additionally, if the switches that are deployed in your infrastructure are not captured properly to the endpoints there might be some difficulties with Forescout Platform trying to monitor the network traffic. Traffic management is an area the vendor should work on.

I have been using the Forescout Platform for approximately four years.

I rate the stability of the Forescout Platform a seven out of ten.

We have security engineers and support workers using the solution.

I rate the scalability of the Forescout Platform a seven out of ten.

I rate the support of the Forescout Platform a seven out of ten.

Positive

The time frame for the implementation can vary depending on what needs to be configured. It is important to have support from the vendor for the setup, it is not easy.

We used assistance support for the implementation of the solution.

The solution is not priced low. There are no hidden costs.

I rate the price of the Forescout Platform a seven out of ten.

One support person is enough for the maintenance of the solution if everything was set up correctly.

I would recommend this solution to others.

I rate the initial setup of the Forescout Platform an eight out of ten.

We use the Forescout Platform to manage all of the devices connected to our network.

The interface is easy to use.

The 802.1X configuration, which is difficult for all switches, is not required. It makes it easier to work with switches and IoT devices.

Forescout Platform is too expensive, so the price should be reduced.

Although Forescout manages endpoints and network devices, there is no capability for user management. This is something that should be added. For example, if I find that something is wrong in the services and need to disable a user's access, there should be no need to go to Active Directory and disable the user there. As it is now, computers and devices can be disabled, but not users.

I have been using Forescout for one year and am preparing to get my certificate.

This is a stable solution.

The Forescout Platform is easy to scale. We have more than 200,000 endpoints and at least 150,000 users.

I am working in the Security Operations team, which does not contact Forescout technical support directly. They are not responsible for the types of problems we have, such as checking for computer compliance and installing a new computer.

The complexity of the initial setup depends on the environment. I am managing an enterprise environment, so any deployment or any implementation will not be easy. Generally, however, Forescout is not difficult to configure.

This is a good product and I recommend it.

I would rate this solution a nine out of ten.

We use the solution for network access. 

The Forescout Platform's most valuable features include its agentless configuration, which allows for easy integration with switches, and its broad customizability of rules and conditions for policy configuration. By leveraging its Network Access Control capabilities, the tool controls network access, allowing administrators to enforce policies tailored to the organization's needs. 

The tool is agentless. If it encounters any issues or undergoes shutdown, it doesn't disrupt the entire network.

Forescout Platform would benefit from using AI. Everything has to be set up manually, but AI can learn and suggest rules over time. It also lacks visualization, and some interface configurations need improvement. The visualization seems a couple of years behind compared to other products.

Therefore, visualization and interface components need enhancement. A few pages can be improved for better design compatibility with current standards compared to other products available today. The solution doesn't have a widget-based dashboard. Also, the visualization isn't as customized as Splunk's analyzer. I believe it could incorporate a similar design approach into its dashboard.

I have been using the product for six months. 

I rate the solution's stability a nine out of ten. 

I rate the tool's scalability an eight out of ten. 

I haven't contacted the tool's support yet.

I've had experience setting up the Forescout Platform along with other products like Splunk. In my opinion, the Forescout Platform is the easiest to set up. The main configuration task is enabling the spam switch on the network. Configuring policies can be complex, but that's more related to management than the Forescout platform. I rate its ease of deployment an eight out of ten. 

The installation itself takes no more than a day. However, depending on how quickly customers can define their desired policies, the full deployment process can take up to three months.

The tool's pricing is expensive but reasonable.

We have only done POC, and it hasn't progressed to production. Our customers are small and medium businesses, mostly from the banking domain. I rate it an eight out of ten. 

We use the Forescout Platform primarily for asset management.

The federal government's continuous diagnostics and mitigation programs are the focus of the current project I'm working on. 

It's one of the tools that has given the federal government visibility into network devices and everything.

The most common complaint I hear about Forescout is about their technical support.

Some sort of highly scalable platform, such as a private cloud, that can be distributed across a network quickly and grow rapidly, would be beneficial.

I believe that the overall user experience has not always been preferable.

I have been working with Forescout Platform since 2018.

I haven't had enough direct experience with the current project to know, but I know the federal government has a variety of various stages of Forescout deployment, but I believe it's just different versions of the CounterACTs appliances and such.

It has a place in terms of stability. I believe Forescout is likely to compete with other NAC tools used by agencies, such as Cisco ISE and new EDR tools that are entering the market. I believe, will be considered. But, overall, the asset management, is effective.

In terms of our deployment, it's basically just buying more CounterACT appliances whenever we need to scale up. It can be done, but it's not scalable in the way that a cloud deployment is, it's somewhere in the middle.

We have a large number of users, in our organization. 

It has been implemented in a large number of federal agencies, including the Departments of Health and Human Services, Agriculture, and the Treasury. It's quite large.

I believe that the current state should be maintained. I don't believe there are any major plans to increase our usage. Maybe just upgrades or future license upgrades, or something like that.

Technical support needs improvement. They are not very responsive to existing customers.

My interactions with them have been satisfactory, but I've heard from federal agencies that they had difficulties because they brought it to us.

When we arrived, Forescout was still in the process of being deployed. I don't believe they had the kind of capability that Forescout provides prior to our arrival. If anything, they had different NAC tools.

Because of the way it is deployed, the initial setup was complex.

I would rate the initial setup a three out of five.

It took a long time to complete. It's a massive deployment, depending on the agency, it could take at least six months to get it up and running and collect the data we require. Some of it is still ongoing.

To my knowledge, Forescout did the majority of the deployment.

We are Forescout Platform integrators, consultants, and partners.

Most agencies, I believe, have NAC engineers who manage it, and they most likely have training skillsets for it. I would say that most shops require two to three, three to four people to maintain.

In terms of ROI, I've never seen any data.

I don't have pricing information.

There are no additional costs that I am aware of.

They evaluated other solutions before choosing the Forescout Platform.

Before you begin deploying it, I would suggest that you define how you intend to use it. Just have an end state in mind so that you can build towards it and ensure you have all the functions you need for the design in place. Whatever you want to do with the data that comes out of it, try to define it first.

I would rate Forescout Platform a six out of ten.

We primary use the Forescout appliances to identify, segment, and control all of our internal, manufacturing, automation, and IoT networks. In addition, we use Forescout to deploy guest wireless by utilizing self-registration to allow employees and guests onto our network. Forescout is also responsible for maintaining and showing us all threat data, such as vulnerabilities. We also use it to identify and prevent all malicious network scans throughout our entire network. These powerful tools allow us to secure our network end-to-end.

Before our implementation of Forescout, we had no Network Access Control. This allowed all users, trusted and unknown, to access our internal infrastructure. This was a burden because we are in the contract manufacturing sector where each independent contractor brings in their own infrastructure and it is up to us to secure these networks. Since implementing CounterACT, we have been able to isolate and segment all unknown devices, providing strict requirements for device on boarding. Since implementing Forescout, our environment is significantly more secure.

The biggest benefit to our organization is the fact that being in manufacturing you have many different types of devices. Only a small section of these types of devices support dot1x authentication. This makes Network Access Control very difficult to implement. With Forescout, the difficulty becomes significantly less. Being able to actively identify the client without a certificate allows you to control every device on your network regardless of the make, model, and software running. This allows for end-to-end security.

The product could be improved in different ways: 

• The speed of identification
• More guest management features (i.e. extending time frames)
• Sometimes, the identification profiles completely change after device upgrades. It would be beneficial to keep or merge these records if enough correlating data points exist, so as not to segment devices. 

Some of the features introduced into the product line could have better documentation, which could provide for an overall better experience for administrators.

We have been using Forescout CounterACT for over a year now. We have been very impressed.

Forescout is one of the most stable pieces of software that I have ever worked with. Their updates are timely, and their software has an assortment of plugins and bolt-ons. Having a software this flexible would normally present itself with bugs, but we have not run into any software issues with their plugins, modules, or software in general.

We run virtual appliances. We have needed to bring up a fully functional data center in less than 15 weeks. Forescout takes less than a day to implement. Their product is very scalable.

Tech support is very good and knowledgeable. 

They need to handle their Tier 1 cases differently. The biggest negative regarding Forescout is their support. Not having the ability to get instantly transferred to a support engineer for Tier 1 cases is pretty ridiculous. In addition to the support, they can take their time getting to you, which is another frustrating item.

The initial setup is very simple. The logic behind policies makes it very straightforward. With that being said, policies can be very complex, and if you are not careful, they could have unintended results.

Brite Computers was a phenomenal asset. I would rate them as a 10 out of 10.

The ROI is priceless. How can you put a price on someone's privacy?

We went with the virtual appliance option. The biggest cost to running these types of appliances would be to either have multiple virtual appliances at every data center or running Remote SPAN hardware to provide you the real-time network visibility.

We primarily evaluated Cisco ISE. We looked at Cisco ISE and were in the process of demoing it. We looked elsewhere because the MAC Authentication Bypass feature was not a workaround that we wanted to implement for over half of our environment.

The product has been fantastic for us, meeting our needs. We have hardly had any bugs to speak of. With that being said, please allow Tier 1 cases to be directly transferred to an available engineer. 

We are using the Forescout Platform for controlling the access to the network for devices.

Forescout Platform could improve the integration or compatibility with other solutions, such as Chinese-made and other market solutions. They do not have any integration with H3C,  RUCKUS Switching, Lenovo, CommScope, IBM Switching etc. which are network/Communication Brands. They do not have integration with new solutions in the market. They do integrate well with Brocade, Cisco, Juniper, and quite a few more but they could expand the integration. 

I have been using the Forescout Platform for approximately three years.

Forescout Platform is stable, it is great.

The stability of the Forescout Platform is good.

I had an issue with the license at the beginning but the support fixed the situation promptly the same day.

I rate the support from Forescout Platform a five out of five.

There are two main solutions in the market, Cisco ISE, and Forescout Platform. If we compare both of them, the Forescout Platform is best. The solution is top of the line. If someone wants to choose a NAC solution, I will definitely recommend it.

We needed this solution for our organization, it was essential. We have received a return on investment.

Cisco ISE

I would recommend this solution to others, it is the best in the market at this time.

I rate Forescout Platform a ten out of ten.