Forescout Platform Reviews

We are using the Forescout Platform mostly for the Bring Your Own Device features. So we like it very much. We like the dashboard, the usability, and the Bring Your Own Device feature. That's our main usage of the Forescout.

We are really adapted to the product. So we find it perfect.

Now that I'm used to it I don't see many places to improve it. We really like it as it is. We think it's simple. We think it's very useful and we really like reports and everything. We like it very much.

The biggest disadvantage is the pricing. I can see that the product has value. I see that the product is really good. I think that the pro is it's really stable, but price-wise, I think it's bad. But you have to pay for quality. But the pricing can be a little bit improved in my point of view. It will be harder to choose if we start comparing features and prices and when we made the initial choice. Our choice was based mainly on features. There was no price comparison involved. I think that it is not in the same landscape. The landscape has changed and there are a lot of contenders in this field. The price scale could be improved.

I have worked with Forescout Device Visibility and Control Platform for two years.

The availability is one hundred percent available. So we don't have issues with that also, so very good.

The installation is small enough, it's 500 users and there are no issues with the performance. So our escalation costs, we are small so it's perfect. I've had no issues. The availability is one hundred percent available. So we don't have issues with that also, so very good.

Technical support was really great at the beginning of the setup. At the moment we don't use it because the product is very good. I cannot say if it's good or it's bad because we don't use it, we don't see any issues. It's very good. So for me, I cannot tell you if the support is fast or it's slow, or if it's good or bad because we don't use it. No, we don't use the support.

The initial setup was straightforward. We have help from the manufacturer, so to put it in place it was straightforward. We have been using it for two years now with no issues.

The pricing is really bad. We think that it's expensive. So the pricing part is expensive.

I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place. That's the main recommendation is to do a proof of concept. If they do, they will buy it. 

I would rate Forscout Device Visibility and Control Platform at a nine out of ten.

We needed this solution in order to block rogue devices (laptops, phones, etc) and block external devices.

ForeScout has given us the ability to block unwanted devices.

The most valuable feature is the blocking of USB devices.

The ability to block external devices in Mac is lacking and needs to be added.

We have been using ForeScout CounterACT for three years.

The most important feature is that this solution works well without a 802.1x feature. You can use CounterACT to implement that feature and also have a very granular control of your devices, including shadow devices.

We were searching for a solution that could help us not only to detect and manage unauthorized access, but also to implement 802.1x on our infrastructure. And when we were working to reach that goal, we found other improvements from using CounterACT, such as antivirus installation, P2P control, and shadow IT -- and that's another plus for them.

The best improvement they could make would be reporting and better integration with AD. Last but not least, a management web interface would be nice in the next version/release.

We've used it for about a year.

We had no issues with the deployment.

We have an HA cluster in place that works very well. We've had no issues with stability.

We had no issues scaling it for our needs.

Fortunately, for now, we've had no need to call technical support.

We didn't have a NAC solution in place. This is the very first solution we've tried mostly because other solutions have 802.1x as a mandatory requirement.

It was not so easy to deploy in our environment, the learning curve for this solution is quite hard.

From my experience, it is impossible to implement this kind of solution in-house. You need a consultant or a trained person who can do this job.

We use this solution for Network Access Control to prevent rogue devices connecting into the network.

This product allows monitoring and control of the PC fleet across the company.

The most valuable features are remote access and administration scripts.

We experienced some detection issues when checking compliance for the Sophos agent.

CounterACT is a very flexible product in terms of deployment where the users will have a Layer 2 or Layer 3 deployment depending on their network infrastructure while maintaining the product's features regardless of which deployment. For larger scale projects which includes multiple sites, CounterACT can be easily deployed in a centralized or decentralized manner. Besides that, deploying CounterACT introduces almost little-to-no network infrastructure changes.

Integration with third-party products is also an important feature of CounterACT. While many of their competitors' products can only be integrated within their own portfolio, CounterACT manages to integrate with today's top security products to cover the security gaps that many solutions may introduce. CounterACT also provides a ControlFabric platform which may allow the users to integrate all of their security and network solutions into CounterACT.

As a distributor's engineer working on CounterACT, there are a few vast changes that I have seen after deploying CounterACT for our customers. A few of our customers reportedly had an easier time with their auditors on endpoint compliance, where they would only need to generate and turn in CounterACT's report. This saves both the customer's and the auditor's time.

Another improvement that we can see is automated security, where the customers would not need to manually turn on and off the switch ports for their guests. CounterACT automatically recognizes these guest and provides a self-registration feature to their guest while still maintaining the customer's network security posture.

There are few areas which will need vast improvements. The CounterACT graphical user interface could use a revamp as it may not look appealing enough to the end users.

Another area which the CounterACT should improve is their ability to deliver a more precise error messages to their users. At times, the error messages are not clear enough and are too technical to understand. Some of their error messages are not generic, as they are only understandable by the ForeScout engineers.

I've used it for three years.

There were no issues with deployment.

There are few issues with CounterACT that need more attention, mainly it's ability to process and perform discovery faster. At times, CounterACT takes too long to determine the endpoints, which may cause delays to the end users.

CounterACT could also use a more stable management console interface. This is because there will be times where CounterACT takes too long to login to its management console.

Another issue with CounterACT is that it does not provide very meaningful error messages when some error occurs. The error messages are hidden and it does not show unless the users click on a specific button or mouse over to the problematic elements.

There have been no issues scaling it.

The Customer Service is very responsive and helpful. They managed to resolve most of our issues with the products without much hassle.

The Technical Support is very responsive and helpful. They managed to resolve most of our issues with the products without much hassle.

Initial setup is very straightforward because there are only a few network configurations needed to be done. It does not require any downtime and could be deployed at any time during production hour. There are a few endpoint configurations that need to be done, which users can do so through their Microsoft ActiveDirectory or desktop management tools or software.

We implemented the solutions with our S.I. To ensure a smooth implementation, it is crucial to have all the endpoints and network requirements ready and configured before CounterACT is installed. It is recommended to start with the default policies and work on these policies to meet customers' requirements.

As we are an implementer, we do have an ROI for all our products.

For pricing and licensing, CounterACT is not an overly expensive product. They can fit most of our customers' budgets.

We managed to evaluate Cisco ISE. Cisco ISE is a complex solutions to deploy where it only supports users who use Cisco switches.

ForeScout CounterACT is a much more appealing product because of the market here in Malaysia, where the users uses multiple brands of switches with complex network infrastructure. CounterACT could easily adapt to these environments without any changes made to the customer's network infrastructure.

ForeScout CounterACT is like a Pandora's box, which contains a lot of functionalities that can be used to improve the customer's daily operation tasks and reduces manual workforce. It is recommended that the implementer understand what CounterACT can be used to do as different customers' business functions could use different functions of CounterACT.

We use this solution to implement compliance on our client's systems and prevent access from outside the organization.

The virtual firewall available on this solution is great and assists us in securing our servers. Additionally, the threat prevention feature provides complete visibility. It is very helpful in detecting, blocking and monitoring heavy scanning on the system.

The security features can be improved because we use it for sensitive information, such as compliance. Additionally, the system controls could be better.

We have been using this solution for approximately one year.

The solution is stable and provides real-time monitoring for users, switches and other available features.

The solution is scalable. We recommend it for all companies. It can be installed in enterprise, and we currently have it for over 4000 users.

The initial setup was easy to integrate with the customer's environment. It doesn't have any downtime. I rate the setup process an eight out of ten.

We implemented this solution through an in-house team.

I don't have details on the licensing costs or pricing because it changes frequently, and a different department deals with it.

I rate this solution an eight out of ten. The solution is good, but the systems control and security features could be better.

Forescout Platform provides continuous security monitoring and mitigation.

The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good.

If you want to deploy a new solution to block, you can't do it by yourself. You need the Forescout to deploy these solutions. They could prove this by making it better.

There are virtual machine limitations, this is not a solution that they use to protect my company.

In the next release of the solution, it could benefit from being more flexible to allow for more freedom.

I have been using the Forescout Platform for approximately two years.

Forescout Platform has the NAC solution and it is necessary to deployment. It's not exactly the same, but it can save some money rather than using another approach for NAC.

I rate Forescout Platform an eight out of ten.

Our primary use case is for device compliance and access control.

Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it. 

The pricing, technical support, stability, scalability, initial set up, interface, dashboards, management, and monitoring are fantastic. They are excellent. 

The licensing of the solution is pretty simple. The process of deploying the solution is pretty straightforward. The dashboard, in terms of monitoring and management, is pretty simple. Maybe because I have a very robust technological background is why I don't struggle with these things. In terms of management, deployment, and support, although I really don't require their support, so far, so good.

Truth be told, I'm good with it. I'm yet to have something with the solution that I don't feel comfortable with. It's fine. I've not seen a cause or a reason why I should want something to be changed, but that doesn't take out the fact that there's always room for improvement. What I would love to see is a situation where my Forescout can integrate with different security technologies. Where it can share contextual information bidirectionally. I had written to Forescout about this and they told me they have that functionality already. So I think that settles it. They can share device context with the security technology and that technology can also be shared with Forescout. To build a form of connective strategy towards security. They have a dedicated module for the security technology I'm concerned about.

But with that software, I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy I talked about. So far, it's good. It meets my requirements that I had concern about.

I have been using Forescout Platform for one year.

In terms of scalability, my deployment architecture is central, so it scales with respect to the number of devices I have to add to my network. The licensing is based on the number of devices you have currently with regards to the future growth in the number of connected devices to your IT network or to your IT infrastructure. That gives you room to scale. So if I know that in the next two years, I would have an additional 50 or 100 users connecting to my network, either directly or remotely, I go for an appliance that accommodates that growth. Which is what I currently have.

So there's room to scale. Then the licensing is based on the number of devices you have currently. So if I have more devices come to my network, I can just acquire more licenses to take care of them. So I think that's fine.

I've been very conversant with the technology for areas where I've experienced some challenges and I had to fix it up myself, but it's straightforward.

In terms of support, I've had to reach out to technical support. He was readily available and we made progress. So support is also good. My experience so far has been good. That's why I told you earlier that it's difficult for me to really point to somewhere where I could make an improvement.

On a scale of one to ten I would give Forescout Platform a nine.