The network access control is a valuable feature for us. It provides endpoint visibility of our network and controls who can access network resources. That's really powerful.
Network Security Manager at a tech services company with 501-1,000 employees
It provides endpoint visibility of our network and controls who can access network resources.
What is most valuable?
How has it helped my organization?
The problem with vendors like Cisco is that their solutions are limited their to own ecosystem, and in general they don't work well with other vendors. With virtual machines, it can actually collect data from a variety of different network solutions, such as Cisco, Bloomberg, etc. Any routing platform out there, you can import it today. It can basically integrate these products and you can use it for enforcement. You can use them to collect the data.
The other one is obviously that CounterACT can provide you with virtual ability to control who gets access to the network. It can act as a super-based machine and provide a level of security. It is integrated more easily than other vendors.
What needs improvement?
The integration with Sync can be improved. We would like to see better integration with some other popular vendors.
Also, the reporting needs improvement, as well as integration with PAL services. It also needs more options for different sizes of customers. It does really work well in the big departments. For smaller organizations it might be a little overkill of a solution.
What was my experience with deployment of the solution?
We've had no issues with deployment.
Buyer's Guide
Forescout Platform
November 2024
Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
We've had no issues with stability.
What do I think about the scalability of the solution?
We've had no issues with scalability.
How was the initial setup?
It's a little bit too complex. A little bit of simplification when it comes to deployment might actually be better.
What other advice do I have?
I think it is a good product and definitely fills the gap. I don't think we have many competitors at this stage. The major competitor is Cisco, but the biggest advantage of CounterACT is vendor agnostic. It means that it can work with a variety of different products. That is the biggest advantage.
Disclosure: My company has a business relationship with this vendor other than being a customer: We're partners.
Chief Operating Officer at a tech services company with 51-200 employees
If a machine becomes infected by a user accessing the web, it has the ability to immediately quarantine that machine, isolating it from the network.
What is most valuable?
- Alerting as to non-compliant machines
- Ability to quarantine infected machines
- Ability to determine if patches are not up to date
How has it helped my organization?
If a machine becomes infected by a user accessing the web, ForeScout has the ability to immediately quarantine that machine, isolating it from the network. Before this, someone would literally have to run down the hall and shut off a machine in the event of a breach and infection by malware.
What needs improvement?
It needs enhanced mobile support, but I have heard that this is coming.
For how long have I used the solution?
We've used it for six months.
What was my experience with deployment of the solution?
It took some time to get the policies set up and applied once ForeScout was physically in place. A dedicated resource and timely decisions from management can make this deployment faster. Make sure you account for anything and everything in your environment which has an IP address. We also had one device that was DOA but it was quickly replaced.
What do I think about the stability of the solution?
We have had no stability issues.
What do I think about the scalability of the solution?
Scalability was not a problem for this site as we have less than 1000 endpoints.
How are customer service and technical support?
Excellent. Our support engineer was extremely helpful and available.
Which solution did I use previously and why did I switch?
This was the first of its kind in the environment.
How was the initial setup?
With the assistance of the support engineer, it wasn't too bad. But it depends upon the state of your network. If everything is set up correctly, it will go much smoother. For example, having SNMPv3 activated everywhere is a requirement so that ForeScout can see everything.
What about the implementation team?
We used our in-house personnel with the support engineer guiding us along via WebEx.
What's my experience with pricing, setup cost, and licensing?
They are competitively priced for a medium-to-large sized organization.
Which other solutions did I evaluate?
This is not a very crowded segment for this kind of a product, and ForeScout is the best known of this small field.
What other advice do I have?
They also offer a monitoring service which is a good value if you do not have someone in house to monitor ForeScout on site. This can be full or part time. ForeScout is a powerful network access control tool that has some features found in insider threat solutions, though it is not exactly made for that.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Forescout Platform
November 2024
Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Instrutor at a tech services company with 1,001-5,000 employees
High capacity and good interface
Pros and Cons
- "The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."
- "In the next release of the solution, it could benefit from being more flexible to allow for more freedom."
How has it helped my organization?
Forescout Platform provides continuous security monitoring and mitigation.
What is most valuable?
The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good.
What needs improvement?
If you want to deploy a new solution to block, you can't do it by yourself. You need the Forescout to deploy these solutions. They could prove this by making it better.
There are virtual machine limitations, this is not a solution that they use to protect my company.
In the next release of the solution, it could benefit from being more flexible to allow for more freedom.
For how long have I used the solution?
I have been using the Forescout Platform for approximately two years.
What other advice do I have?
Forescout Platform has the NAC solution and it is necessary to deployment. It's not exactly the same, but it can save some money rather than using another approach for NAC.
I rate Forescout Platform an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Consultant at a tech services company with 11-50 employees
Multiple useful features, effective device fingerprinting, and easily scaled
Pros and Cons
- "Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in."
What is our primary use case?
We are using the Forescout Platform for authentication and for 100% device visibility.
What is most valuable?
Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in.
There are features that you can protect your organization.
For how long have I used the solution?
I have been working with Forescout Platform for approximately eight months.
What do I think about the stability of the solution?
I have observed the solution to be stable.
What do I think about the scalability of the solution?
Forescout Platform is a scalable solution and it is easy to scale.
Forescout Platform is new to the market here in Pakistan and customers prefer Cisco. We recommend the Forescout Platform to our customers because they are comparable solutions. Many of them are considering the Forescout Platform for their upcoming project. Customers in the financial sector have been interested in the solution.
How are customer service and support?
I have been satisfied with their support. Their response to all of our queries has been very helpful.
Which solution did I use previously and why did I switch?
I have previously used Cisco ISE.
How was the initial setup?
The initial setup of the Forescout Platform is very straightforward when compared to Cisco. Cisco ISE is very complex.
The time it takes for the deployment depends on the availability of the customer, and the team. If the customer can provide some information as soon as possible then the deployment can be done within 60 days for a large organization. This can be between 1,000 to 20,000 endpoints.
What's my experience with pricing, setup cost, and licensing?
The cost of the solution depends on the customer's requirement because the customer is asking for different integration with a different product. Forescout Platform's price would start to get a bit higher. However, overall the price is a little expensive. It's can fit within the customer budget.
What other advice do I have?
My advice for someone looking to implement the Forescout Platform, it is a product that tells you what are the devices connecting your network. Without installing agents or without doing manual work, you can automatically know the inventory of your devices in your organization. It's a very good feature that you can discover all devices connected to the network, such as printers or iPhones. You do not need to categorize the devices or find the MAC address of the devices connected on the remote side.
I rate Forescout Platform a nine out of ten.
If the price was cheaper then I would rate the solution a ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Information Security Engineer at Regnans
Security and hygiene compliance solution effective for organizing guest portals, integrating switches, and creating policies
Pros and Cons
- "This solution can be used to organize guest portals, integrate switches, and create policies. Some of its standard use cases also include completing key process upgrades and anti-virus of Windows OS."
- "This solution is not that easy to scale but this depends on a company's needs."
What is our primary use case?
This solution can be used to organize guest portals, integrate switches, and create policies. Some of its standard use cases also include completing key process upgrades and anti-virus of Windows OS.
What needs improvement?
This solution could be improved if there was functionality or module integration to connect Forescout with open source, container areas or Terraform. It would also be useful if this solution could run with network plugins to Kubernetes.
For how long have I used the solution?
I have been using this solution for three years.
What do I think about the stability of the solution?
This is a stable solution but does require additional servers if we want to make use of the full functionality of the solution.
What do I think about the scalability of the solution?
This solution is not that easy to scale but this depends on a company's needs.
For our business, if we want to connect to the host, we can do it from one main office and can connect an inventory to those remote hosts from one point. If we want to collect spam traffic, for example, we cannot collect this traffic from one point, because a wider connection channel is needed. So in this case, we need to deploy an additional server for Forescout that will collect spam traffic and send method data to the main management server.
How are customer service and support?
We have hardly needed support from the Forescout team.
How was the initial setup?
The initial setup was not that straightforward and configuration took a long time and required technical specialists. When assisting customers, we need to have a technical specialist onsite to deploy the solution.
What other advice do I have?
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Solutions Architect at GTS
Stable and easy to set up but installation is not secure
Pros and Cons
- "The initial setup is easy, taking no more than two or three weeks."
- "The installation is not secure because it takes high admin privileges."
What needs improvement?
The installation is not secure because it takes high admin privileges.
For how long have I used the solution?
What do I think about the stability of the solution?
Forescout is stable.
How was the initial setup?
The initial setup is easy, taking no more than two or three weeks.
What's my experience with pricing, setup cost, and licensing?
Forescout is more expensive than Cisco because Cisco gives high discounts.
What other advice do I have?
Forescout is better for smaller organizations in sectors like education or hospitality. I would rate Forescout as five out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
GM Technical Management at PT. DATACOMM DIANGRAHA
Quite stable, with an agentless deployment that is easy to do
Pros and Cons
- "The most valuable feature is the ease of deployment, which does not require the use of an agent."
- "Better integration with third-party vendors is needed because as it is now, the list of third-party solutions that we can integrate and automate is quite limited."
What is our primary use case?
We are a solution provider and we are currently implementing this product for our customers.
One of the reasons we use Forescout is to differentiate between our employees and guests in the office. For employees, we want to make sure that all of the Wi-Fi devices connected to our infrastructure comply with our security regulations. For guests, or for subcontractors, our goal is to monitor and regulate access.
This also provides us with the ability to use automation during our compliance and review. For example, we can automate processes with third-party solutions such as Splunk, or our own firewall can have an automatic response based on the compliance results from Forescout.
What is most valuable?
The most valuable feature is the ease of deployment, which does not require the use of an agent.
We are satisfied with the interface.
What needs improvement?
Better integration with third-party vendors is needed because as it is now, the list of third-party solutions that we can integrate and automate is quite limited. We would like to see the list of vendors expanded to be broader.
The types of products that we would like to integrate with are firewalls, patch management solutions, and SIEM applications, for example.
For how long have I used the solution?
We have been working with the Forescout Platform for about two years.
What do I think about the stability of the solution?
It is quite stable and we have not experienced any issues.
What do I think about the scalability of the solution?
I thinking that Forescout scales well enough.
How are customer service and technical support?
We are satisfied with technical support and have not had any problems with them.
How was the initial setup?
The initial setup is pretty straightforward. The length of time required for deployment depends on the number of use cases that we want to implement. For example, integration with different products will take longer to deploy than a simple REST API access or integration with Active Directory.
I would say that on average, it might take between two weeks and one month to deploy.
What about the implementation team?
We have a system integrator to assist with deployment.
What other advice do I have?
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Director of Information Technology at a non-profit with 1,001-5,000 employees
Blocks rogue devices to help keep our data secure
Pros and Cons
- "The most valuable feature is the blocking of USB devices."
- "The ability to block external devices in Mac is lacking and needs to be added."
What is our primary use case?
We needed this solution in order to block rogue devices (laptops, phones, etc) and block external devices.
How has it helped my organization?
ForeScout has given us the ability to block unwanted devices.
What is most valuable?
The most valuable feature is the blocking of USB devices.
What needs improvement?
The ability to block external devices in Mac is lacking and needs to be added.
For how long have I used the solution?
We have been using ForeScout CounterACT for three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Forescout Platform Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Network Access Control (NAC) IoT Security Endpoint Compliance Extended Detection and Response (XDR)Popular Comparisons
Cisco Identity Services Engine (ISE)
Aruba ClearPass
Fortinet FortiNAC
F5 BIG-IP Access Policy Manager (APM)
Sophos Network Access Control
Ruckus Cloudpath
macmon Network Access Control
ExtremeControl
Ivanti NAC
Genian NAC
Impulse Point SafeConnect
Buyer's Guide
Download our free Forescout Platform Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- PRICING FOR FORESCOUT CT10K APPLIANCE
- ForeScout vs. Cisco ISE
- What are the main differences between Cisco ISE and Forescout Platform?
- Comparison of Aruba Clearpass, Bradford Networks and Forescout NACs
- How would you compare Cisco ISE (Identity Services Engine) vs Forescout Platform?
- PRICING FOR FORESCOUT CT10K APPLIANCE
- When evaluating Network Access Control, what aspect do you think is the most important to look for?
- Which is the best choice of Zero Trust Network Access (ZTNA)?
- What is your recommended Network Access Control (NAC) solution for an enterprise?
- Cisco ISE (Identity Services Engine) vs Fortinet FortiNAC: which solution is better and why?