Forescout Platform Reviews

We use this solution for cyber-security purposes.

The 802.1X compliance authentication feature of this solution is very good.

We have found that the agent-based authentication, available within this solution could be improved.

The price-point for this solution is very high, which should be looked at in comparison with similar products currently on the market.

We have been using this solution for five years.

We have found this to be a stable solution.

We believe this product is easily scalable.

The technical support for this product has been good in our experience.

Neutral

The setup for this solution is very straightforward, but full deployment can take a number of years.

The cost of licensing for this product is quite high, but this cost covers all the features of the solution so it is a single payment for the term that has been selected.

I would rate this solution a seven out of ten.

We are using the Forescout Platform mostly for the Bring Your Own Device features. So we like it very much. We like the dashboard, the usability, and the Bring Your Own Device feature. That's our main usage of the Forescout.

We are really adapted to the product. So we find it perfect.

Now that I'm used to it I don't see many places to improve it. We really like it as it is. We think it's simple. We think it's very useful and we really like reports and everything. We like it very much.

The biggest disadvantage is the pricing. I can see that the product has value. I see that the product is really good. I think that the pro is it's really stable, but price-wise, I think it's bad. But you have to pay for quality. But the pricing can be a little bit improved in my point of view. It will be harder to choose if we start comparing features and prices and when we made the initial choice. Our choice was based mainly on features. There was no price comparison involved. I think that it is not in the same landscape. The landscape has changed and there are a lot of contenders in this field. The price scale could be improved.

I have worked with Forescout Device Visibility and Control Platform for two years.

The availability is one hundred percent available. So we don't have issues with that also, so very good.

The installation is small enough, it's 500 users and there are no issues with the performance. So our escalation costs, we are small so it's perfect. I've had no issues. The availability is one hundred percent available. So we don't have issues with that also, so very good.

Technical support was really great at the beginning of the setup. At the moment we don't use it because the product is very good. I cannot say if it's good or it's bad because we don't use it, we don't see any issues. It's very good. So for me, I cannot tell you if the support is fast or it's slow, or if it's good or bad because we don't use it. No, we don't use the support.

The initial setup was straightforward. We have help from the manufacturer, so to put it in place it was straightforward. We have been using it for two years now with no issues.

The pricing is really bad. We think that it's expensive. So the pricing part is expensive.

I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place. That's the main recommendation is to do a proof of concept. If they do, they will buy it. 

I would rate Forscout Device Visibility and Control Platform at a nine out of ten.

We use this solution for Network Access Control to prevent rogue devices connecting into the network.

This product allows monitoring and control of the PC fleet across the company.

The most valuable features are remote access and administration scripts.

We experienced some detection issues when checking compliance for the Sophos agent.

CounterACT is a very flexible product in terms of deployment where the users will have a Layer 2 or Layer 3 deployment depending on their network infrastructure while maintaining the product's features regardless of which deployment. For larger scale projects which includes multiple sites, CounterACT can be easily deployed in a centralized or decentralized manner. Besides that, deploying CounterACT introduces almost little-to-no network infrastructure changes.

Integration with third-party products is also an important feature of CounterACT. While many of their competitors' products can only be integrated within their own portfolio, CounterACT manages to integrate with today's top security products to cover the security gaps that many solutions may introduce. CounterACT also provides a ControlFabric platform which may allow the users to integrate all of their security and network solutions into CounterACT.

As a distributor's engineer working on CounterACT, there are a few vast changes that I have seen after deploying CounterACT for our customers. A few of our customers reportedly had an easier time with their auditors on endpoint compliance, where they would only need to generate and turn in CounterACT's report. This saves both the customer's and the auditor's time.

Another improvement that we can see is automated security, where the customers would not need to manually turn on and off the switch ports for their guests. CounterACT automatically recognizes these guest and provides a self-registration feature to their guest while still maintaining the customer's network security posture.

There are few areas which will need vast improvements. The CounterACT graphical user interface could use a revamp as it may not look appealing enough to the end users.

Another area which the CounterACT should improve is their ability to deliver a more precise error messages to their users. At times, the error messages are not clear enough and are too technical to understand. Some of their error messages are not generic, as they are only understandable by the ForeScout engineers.

I've used it for three years.

There were no issues with deployment.

There are few issues with CounterACT that need more attention, mainly it's ability to process and perform discovery faster. At times, CounterACT takes too long to determine the endpoints, which may cause delays to the end users.

CounterACT could also use a more stable management console interface. This is because there will be times where CounterACT takes too long to login to its management console.

Another issue with CounterACT is that it does not provide very meaningful error messages when some error occurs. The error messages are hidden and it does not show unless the users click on a specific button or mouse over to the problematic elements.

There have been no issues scaling it.

The Customer Service is very responsive and helpful. They managed to resolve most of our issues with the products without much hassle.

The Technical Support is very responsive and helpful. They managed to resolve most of our issues with the products without much hassle.

Initial setup is very straightforward because there are only a few network configurations needed to be done. It does not require any downtime and could be deployed at any time during production hour. There are a few endpoint configurations that need to be done, which users can do so through their Microsoft ActiveDirectory or desktop management tools or software.

We implemented the solutions with our S.I. To ensure a smooth implementation, it is crucial to have all the endpoints and network requirements ready and configured before CounterACT is installed. It is recommended to start with the default policies and work on these policies to meet customers' requirements.

As we are an implementer, we do have an ROI for all our products.

For pricing and licensing, CounterACT is not an overly expensive product. They can fit most of our customers' budgets.

We managed to evaluate Cisco ISE. Cisco ISE is a complex solutions to deploy where it only supports users who use Cisco switches.

ForeScout CounterACT is a much more appealing product because of the market here in Malaysia, where the users uses multiple brands of switches with complex network infrastructure. CounterACT could easily adapt to these environments without any changes made to the customer's network infrastructure.

ForeScout CounterACT is like a Pandora's box, which contains a lot of functionalities that can be used to improve the customer's daily operation tasks and reduces manual workforce. It is recommended that the implementer understand what CounterACT can be used to do as different customers' business functions could use different functions of CounterACT.

We use this solution to implement compliance on our client's systems and prevent access from outside the organization.

The virtual firewall available on this solution is great and assists us in securing our servers. Additionally, the threat prevention feature provides complete visibility. It is very helpful in detecting, blocking and monitoring heavy scanning on the system.

The security features can be improved because we use it for sensitive information, such as compliance. Additionally, the system controls could be better.

We have been using this solution for approximately one year.

The solution is stable and provides real-time monitoring for users, switches and other available features.

The solution is scalable. We recommend it for all companies. It can be installed in enterprise, and we currently have it for over 4000 users.

The initial setup was easy to integrate with the customer's environment. It doesn't have any downtime. I rate the setup process an eight out of ten.

We implemented this solution through an in-house team.

I don't have details on the licensing costs or pricing because it changes frequently, and a different department deals with it.

I rate this solution an eight out of ten. The solution is good, but the systems control and security features could be better.

Right now, we are looking to implement the solution in a hospital where a lot of people come to the lobby and are outsiders or guests. The VOD and guests' mobile phones will be able to connect to the Wi-Fi. This is the latest use case we are working on.

The solution offers very good management.

It allows for good detection of all the vendor products we have on-site.

The solution is very similar to other solutions, so it's not hard to figure out how to use it.

The solution could always improve by adding more features to make it more robust.

I deployed the solution for one project about a year and a half ago. I may implement another one for another project this year.

The scalability is quite good. It does depend on the complexity of the setup, but for our purposes, we've never run into any issues.

We've never had to contact technical support. We've never had a need to do so yet. I can't speak to the level of service they provide. We have our own team in-house that will troubleshoot if we run into problems.

The initial setup is pretty straightforward. It's not complex.

It took us about one week to deploy the solution. It didn't take long to set everything up.

I'm basically focusing on the product line right now. It's pretty good. The nice thing about it is that at last, we have a kind of software that's very easy to work with.

While most people in most of the cases do not want to go for Mac, in the case of cybersecurity, I believe it is very important to do so. In enterprise cases, the common culture is the DYD. Organizations need to add some sort of network access control to prevent many issues.

I'd rate the solution itself eight out of ten overall. It's quite good, but it could always continue to improve.

We've been able to use the solution for a couple of tasks including using it to monitor for anti-virus compliance. We also use it to monitor the health of the security history of our endpoints.

It's a great solution. We use it for the internet here and it's been helpful. It's a great product for our Mac PCs and we can implement it to both our wireless and our wired network.

It's very quick.

The compliance aspects of the solution are excellent and one of the solution's best features. It helps us maintain the compliance of our endpoints.

In terms of physical tools, we are very satisfied.

In our organization, the solution provides us with a sound perimeter. 

The user interface is quite simple.

The version we're currently on, 8.6, has a lot more plugins than past versions. Now you can plug in anything you want. It helps us to utilize the product more fully.

There's always room for improvement for the solution. Off the top of my head, I really can't determine anything that is lacking right now. Basically there is no room for improvement that I can describe.

The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup.

The solution has very good uptime, and we have had no issues at all in terms of stability.

We didn't have any issues with the ForeScout scalability. So far, we've agreed with the pricing required for both the hardware and the software. 

We haven't been in touch with technical support, so I can't speak to their level of service and how they interact with clients.

The solution is not that simple, however, it's not complex, either. It's a solution that does so much it needs a bit of understanding to properly use it. Once team members go for basic training, they should be able to handle it. The basic training will also give team members a networking background to be able to master the solution. It's not very difficult, but a person will have to be a bit technical.

I'd advise companies to ensure their teams are well trained in ForeScout before starting implementation of any kind. Those setting up and using the solution should have a basic background in networking. If users are comfortable with configuring, they can create processes for the environment. That way, it will be deployed properly.

Teams should also test the solution first before they launch so there won't be any surprises. If they need to make changes, they need to manage the process properly.

I'd rate the solution nine out of ten. If it was a bit less complex, I'd give it perfect marks.

The most important feature is that this solution works well without a 802.1x feature. You can use CounterACT to implement that feature and also have a very granular control of your devices, including shadow devices.

We were searching for a solution that could help us not only to detect and manage unauthorized access, but also to implement 802.1x on our infrastructure. And when we were working to reach that goal, we found other improvements from using CounterACT, such as antivirus installation, P2P control, and shadow IT -- and that's another plus for them.

The best improvement they could make would be reporting and better integration with AD. Last but not least, a management web interface would be nice in the next version/release.

We've used it for about a year.

We had no issues with the deployment.

We have an HA cluster in place that works very well. We've had no issues with stability.

We had no issues scaling it for our needs.

Fortunately, for now, we've had no need to call technical support.

We didn't have a NAC solution in place. This is the very first solution we've tried mostly because other solutions have 802.1x as a mandatory requirement.

It was not so easy to deploy in our environment, the learning curve for this solution is quite hard.

From my experience, it is impossible to implement this kind of solution in-house. You need a consultant or a trained person who can do this job.