Forescout Platform Reviews

Asset Discovery. 

We were not able to accurately see devices in our network and/or have the ability to either remove rogue devices from the network or move them off to another VLAN. With corporate owned assets, we also have the ability to see if something is missing or not up-to-date on a product, then we have the ability to push the update down to the asset. 

We have not integrated the wireless access points into the product, but we are able to gain better visibility with wireless access points for mobile devices to do the same thing.

We are now able to see the assets connected to our network and classify them based on certain criteria that we can define. We still have a ways to go in getting things setup and more networks defined on what we want to see. Forescout is allowing us to gain that visibility with a few clicks of the mouse. Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy.

There are so many to list: 

• The policies and what you can do with them is amazing. 
• The ability to narrow down devices online versus offline.
• Get the MAC Addresses last attributed with a device or IP address on a device and connect that to its switch port or router. This is very beneficial when assisting in tracing back physical connectivity, if needed. 
• The ability to move a device off the network is very useful. The hardest part is showing the help desk what they need to do when troubleshooting a device connectivity issue.

When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies. I could see after doing this repeatedly that it may lead to some premature clicking in an area that you may not have wanted, depending on how your segments are setup, and may cause issues later down the road.

Just a few months.

In using the product for a short period of time, we have not had any issues with it. This product so far has proven to be top notch and do what is designed to do. The visibility into the network makes things an ease.

It is highly scalable and easy to implement.

Customer service and technical support are very responsive. We had one issue integrating a module and had a response within 30 minutes of opening the ticket, then we had a resolution shortly afterwards.

We did not use a different solution other than best guess or a manual Nmap with port scanning tools to find out what was on a network segment, which was very time consuming.

Our network is fairly complex. However, the setup of this application was straightforward. It has great documentation on what ports/protocols are needed when communicating with other devices. The documentation was easy to read.

We implemented with Professional Services from Forescout.

Time savings in finding rogue devices as well as identifying potentially unwanted devices on the network has saved the organization time and money.

It might not be the cheapest solution, but you get what you pay for.

Senior management used this product before and already did a comparison of other products.

The product has proven to be worth the cost and time savings alone in finding rogue devices. It helps with ROI and increasing our security posture. You can't protect what you don't know about or can't see.

Mostly, I use this solution for endpoint compliance, antivirus updates to block malicious traffic access to the internal network, and for visibility, to see who is connected to the network and the infrastructure.

I can integrate Forescout with products from multiple vendors in my environment, and also, the integration is searchable. It can be used with 802.1X and non-802.1X to integrate with my existing network. I don't need to upgrade any existing networks in my system, and I don't need to replace existing devices to integrate with Forescout. I find value in not having to spend money upgrading existing devices and networks.

Other solutions have TACACS+, but Forescout does not. In the next release, I would like to see Forescout have accounting.

I've been working with this solution for around two years.

The scalability varies. If you have 1000 endpoints, Forescout recommends the 2000 endpoint plan. Depending on the scalability you choose, the hardware and license can be extended.

We currently have three people who use this solution, including an
IT security person, an administrator, and a technical person.

For technical support, they have ActiveCare Basic, ActiveCare Advanced, and ActiveCare Premium. Mostly, I have used ActiveCare Advanced for technical support requests, and they have responded depending on the severity and also my support plan.

With regard to initial setup, it can take a bit to customize policies. Forescout requires in-depth knowledge to customize policies to monitor endpoint visibility.

It takes around one or two hours to deploy the software and have it up and running. This includes configuration and integration with the existing network. Customization takes a long time because some departments require more customization.

I had a consultant do the deployment, and it could have been better.

You can have a flexible license depending on your environment.

If you are looking for a NAC solution and you want to integrate the existing network infrastructure without upgrades or without replacing existing devices, then you should go with Forescout. Also, if you don't want to run an agent in the endpoint, Forescout is the way to go because it does not require an agent. It is optional. If you are concerned about having to run too many agents in your endpoint and don't want to add an another agent, this solution is a good choice.

Because Forescout has flexible integration and flexible pricing, I would give it a general rating of nine out of ten.

I use Forescout Platform in the construction industry to monitor connections to our cloud for ERP and file services.

Forescout Platform has made it possible to block people working near our construction sites who should not have access to our network.

Forescout Platform's best feature is asset management.

Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns.

I've been using Forescout Platform for about half a year.

Forescout Platform is stable.

Forescout Platform is scalable.

I previously used Portnox and ISE.

Forescout Platform is very complex to implement because it has a lot of features, and all of them need to be configured.

We used a third-party team.

Forescout Platform isn't cheap, but it's the best solution for the environment I'm dealing with. We paid between $20,000 and $25,000 for a three-year license with maintenance.

I evaluated FortiNAC, and Forescout Platform is more robust and advanced.

I'd give Forescout Platform a rating of nine out of ten.

Our primary use of the Forescout Platform is to enhance network security. It is deployed in an on-premises environment, although there is interest in exploring cloud-based solutions.

Automated policy enforcement is particularly valuable as it significantly reduces the need for manual intervention, thus enhancing efficiency and security.

Customer support could be improved by providing direct assistance from Forescout employees or specialists at customer sites to enhance the support experience and effectiveness.

The scalability also needs some enhancement.

I have been working with the Forescout Platform for two years.

Forescout Platform's stability is rated at eight out of ten.

Presently, there are twenty five engineer architect using the solution. I would rate the scalability a six out of ten. 

The customer service could be improved, specifically regarding direct support presence.

Neutral

The setup process is straightforward.

Forescout's pricing is noted for its attractiveness, with potential discounts depending on partnership levels.

The comparison with Nozomi suggests a switch due to Forescout's more appealing pricing strategy.

Overall, I would rate the solution an eight out of ten. 

We use the solution for network admission control. It manages the admission of endpoints to the networks.

Firstly, I like the stability. Secondly, the ease of deployment— it's not complex. Thirdly, there's a great support team that becomes actively engaged whenever we encounter issues. Their technical support is amazing. Fourthly, good documentation is available. We have detailed information about the product.

For sales purposes, the product has limitations. It does not support the TACACS+ protocol. This creates a need for another product to work with.

I have been using this solution for the past two and a half years.

The product is stable. Once you deploy it, you don't need to touch it again.

The solution is highly scalable. I currently use it for corporate use within my company and for other clients. We have three to four engineers for deployment and maintenance tasks.

We have rarely contacted customer service and support, as the website is straightforward.

The initial setup was straightforward and not complex. The deployment process took six weeks. It's shorter than the typical six months for similar products.

The deployment process involves an initial assessment, checking the security policy against the required tasks, preparing the network for deployment, and then the deployment itself.

I recommend using the solution because it gives verified control over the environment. It has a great visibility feature. Also, it gives visibility on what's happening on the network. Proceed with the prerequisites, particularly the initial assessment. It has to be conducted properly. Otherwise, the solution might not follow a straightforward path.

The first step is the initial assessment, followed by the second step of collecting clear requirements. Clarity in requirements is crucial because the solution can be directed in any direction you tell it to go. Therefore, you need to know exactly what you need to do. Overall, I rate the product a nine out of ten.

I had to gain visibility across my network and be able to block any unknown device connected to my network and this is what I use Forescout Platform for.

The most valuable features of the Forescout Platform are ease of management and outstanding visibility. The visibility is simple to obtain.

Forescout Platform could improve the costs of integrations.

I have been using the Forescout Platform for one year.

The stability of the Forescout Platform is good.

Forescout Platform can scale very easily. You can deploy as many servers as you want, and it's highly scalable. There is console to manage all the Forescout servers which make for easy scalability. 

Forescout Platform is used by only the network and security administrators. There is a total of 10 people using it.

Forescout Platform is very simple to deploy. We did the deployment within a few hours, and I gained visibility at the end of the day. I had visibility across my whole network.

Forescout Platform does not require a lot of maintenance. It is a low-maintenance platform.

We need to pay for integration for each integration that we want to do and there is an additional license fee. This adds more costs. It is not something that anyone can afford. If you want to integrate this with a lot of other tools, it can be costly.

The initial cost of the Forescout Platform was $200,000 for three years. There are only additional costs for upgrades.

My advice to others is to use the Forescout professional services. They are offering a fixed price to deploy the solution, and it's major pain relief as you are talking with experts committed to achieving your objectives.

I rate Forescout Platform a ten out of ten.

Forescout Platform allows actions to be automated, which reduces the response time to any suspicious or malicious activity.

The best parts of Forescout Platform are its orchestration features, discovery capabilities, classification buckets, and flexibility in creating policies.

Forescout Platform sometimes returns false positives, so there's some fine-tuning to be done there. There are also some limitations with the Mac and Linux versions - the company claims they're agentless, but they're actually agent-based. In addition, there are a few actions that don't work in conjunction when we apply multiple actions, such as wanting to send a notification and isolate a device. In the next release, I would want to see better compatibility and visibility on the cloud front, and the system needs to keep up with upcoming technologies and trends.

I've been working with Forescout Platform for four years.

Forescout Platform is stable.

Forescout Platform is scalable.

The initial setup was very simple.

I would rate Forescout Platform's pricing as four out of five.

I would give Forescout Platform a rating of eight out of ten.

Endpoint visibility, policy flexibility, compatibility and integration with other products.

Automation! One broad example is that we can now stop network threats right away and without intervention.

Forescout is constantly adding new features, so this may change as of this writing, but sometimes the switch management interface doesn't display accurate information which relates to false positives on individual switch access errors.

1 year

None that were Forescout related. CounterACT always opens a bunch of little IP sessions with endpoints, ake sure you have a large enough connection table on your firewall if you plan to put it behind one.

Minor. Had to reinstall one virtual appliance, which is painless when you have an Enterprise Manager.

No, this is one of the products strengths.

10 out of 10. Very responsive and address concerns quickly.

9 out of 10. Really fast response, high level of competency.

I switched from Cisco NAC because it is reliant on 802.1X, and has no other function than to ensure endpoints have authenticated via your method of choice.

Straightforward. Setup is simple with a solid, pre-defined set of policies that you build on and customize as you learn.

In house.

Without access specific numbers, we now have the ability to instantly shut down internal malicious hosts or traffic, refuse or restrict access to non-compliant hosts, discover risks on the network we didn't know were there, and automate the remediation of a multitude of security risks. As I work for an organization that spends a lot on security administration, at a minimum, the cost savings must have already paid for the product.

Palo Alto

Make sure to plan for all endpoints. If you want full coverage of your networks, account for anything that has an IP address. For example, a busy core switch can have 20+ IP addresses, and each one goes against your license count. Also, if you plan to have it behind a firewall, take into consideration your firewall's connection limitations. Although CounterACT isn't really a heavy bandwidth user, it does open a ton of short connections on a constant basis. The more you tune these down, the less accurate your real time host information becomes.