Forescout Platform Reviews

I work as a Consultant in Forescout Platform. I usually recommend Forescout Platform for companies in the pharma sector, banking sector, automation, and automobiles. Every large organization is using Forescout Platform as of now because it is a NAC technology.

Forescout Platform has many features, and my favorite feature is that it has multiple methods to identify or discover the endpoints in your network, rather than focusing on only one technique or one method to identify the endpoints. It has several other methods to identify endpoints, and if one method fails, the endpoints can be found with a different method, giving you that vast area and more methods to identify the endpoints in your network.

When it comes to network segmentation in Forescout Platform, it is valuable. It is a basic NAC technology that shows all the endpoints connected in your network if your segmentation is correct, regardless of the location. It will show a compiled report in your dashboard that a particular device is connected in your network at a different location or geolocation. This is beneficial for the admin because on a single dashboard, you can see that this device is connected at that location, a different location, on that particular port and particular switch, and the whole detail is compiled in your dashboard.

The device inventory in Forescout Platform will help with inventory because every single service running on your endpoints that are connected to your network is displayed. Forescout provides you with a vast inventory, showing whatever service is running on a particular endpoint connected to your network. Every single thing, which services and which applications are running on your endpoint, can be easily controlled from Forescout Platform.

Third-party integration in Forescout Platform is good because several third-party vendors are available, such as Palo Alto and Check Point firewalls. You can connect them easily, and configuration is not complex or difficult.

Forescout Platform's automated threat response can manage potential breaches with options like SMTP relay, and in the policy section, you can enable notifications that trigger whenever a host or endpoint comes under particular policy criteria. It generates alerts that a customer can customize according to their use cases such as appliance health check, endpoint compliance, and sanity; every single thing can be adjusted simply by enabling the checkbox in that policy section.

When it comes to the effectiveness of Forescout Platform's real-time visibility in reducing the overall attack surface, I give it a 9 out of 10. In terms of visibility, if users are configured correctly and use Forescout Platform correctly, it definitely provides vast visibility.

When it comes to improving Forescout Platform, I have faced some issues recently, particularly with the switch integration part. When integrating a switch, it asks for the vendor type, and often it does not match. For example, one series of HP switches may not be found in that vendor list. This leads to frustration because you have to check again with different HP models, and once you integrate a switch, you cannot edit the vendor list without removing it.

Other issues are being worked on, particularly related to switch integration. I believe they will be fixed in the next upgrade or patch fix. There are no major issues, but the configuration changes needed for the switch model are necessary, and I think it would help if during integration, an admin user could check the password or credential used, as they currently cannot see the password after it is entered and saved.

I have been working with Forescout Platform for four years.

I rate technical support a 9 out of 10.

Positive

Before Forescout Platform, I also worked with Ivanti NAC. Both appliances are different with their work methods. If I have to choose one, I will definitely go with Forescout Platform because it provides more options to customize policies according to the customer's use case, which is more limited in Ivanti.

The price of Forescout Platform is reasonable and not overly costly.

Overall, I rate Forescout Platform a 9.5 out of 10. As of now, I am not thinking of any requirement for additional features in Forescout Platform to make it closer to a perfect score.

I find the licensing cost of Forescout Platform reasonable. I would say it is not very expensive. It is a good product for the price that anybody ends up paying for it.

One reason why my customers choose Forescout Platform is because it is a cloud-based product, so you don't have dependency on on-premises infrastructure. When it comes to authentication and all those things, since most authentication is already in the cloud, there is speed, which is a good factor that you need to consider. The implementation and support with the kind of documentation that's available are some of the advantages that we see with Forescout Platform.

Using Forescout Platform's network segmentation feature is something that we want to do, but at this point, it's still in an architectural view. If we find it truly useful, we would possibly look at using that also, but as of now, we have not.

Automated threat response helps manage potential breaches very much, because that's something that is very critical, especially to overcome zero-day attacks. That's something which is very important for any product to be integrated as a feature. I think that's really important. How it actually does this is something that we may need to evaluate once we go live or once we actually get into production mode.

At this point, I haven't come across many drawbacks of Forescout Platform, but I would like to give that some time and then possibly identify where they could improve. I see it as a good product for mid-sized companies when it comes to their requirements for NAC and cloud-based NAC solutions.

I really haven't tested much on Forescout Platform's third-party integration. That's something possibly when we do the actual implementation that we may need to look into. I'm sure there is enough support that we can take when it comes to the current features and how we can actually do the integrations.

At this point, I've been focusing on implementation of Forescout Platform which is currently required for the customer. I would again say that I would need some more time to see anything more that we want to integrate. More automation and possibly a bit of agentic integration would really help. I'm sure some parts might already be in development, which might be a beta release or which might get released soon. Easier integration through APIs to automation platforms is something that would really help us when it comes to future requirements or future features that we're looking for from Forescout Platform.

It's been quite new to me working with Forescout Platform. We just started about four months ago since I started picking up Forescout Platform. It's something that I'm learning and we're trying to do that as part of our implementation solutions.

It is quite simple to implement Forescout Platform. I would not say very simple, but wherever we are stuck, we do get some good documentation support. We have some good training that we've gone through, so it looks like it's not a very difficult product to manage.

Not many staff are required to implement Forescout Platform. Currently, our team is around three people who are actually running it with one of them managing, so totally about four people, and we should be good with this. The team size depends upon the size of our customers. This is a mid-sized customer, so we are able to do this with this kind of a team.

We assess Forescout Platform's device inventory for helping track vulnerabilities and ensure patch compliance through penetration testing. We take help from companies which do the pen tests. We use the Nessus platform. That's where we come across all these vulnerabilities, and then we try to put our remediations for those.

I work on ClearPass and other solutions from a different vendor, and that was one of the implementations we were doing with ClearPass. Now we are doing something on ICE and I'm also doing something with Forescout Platform. Depending upon the customer requirements, we keep implementing the solutions that they prefer.

It depends upon the overall implementation plan of Forescout Platform. There's the planning, there's the pre-planning, then there is the planning, then there is the actual project, and then you go to the implementation and testing. Wherever we're working, we are still in the planning phase. We've had those trainings, but we still have about two to three weeks of planning left. We have an implementation timeline based on our customer requirements, which is typically around six weeks, and then we have a two-week testing period. That would be around a total of eight weeks for the implementation and testing. Then we do the cutover and final handover. Overall, the cycle is about four to six months, but it can vary based on a lot of timelines that we need to get, downtimes that we need to get from our customers, and other factors. On a scale from one to ten, I would rate support for Forescout Platform around eight. I would rate this review nine overall.

My main use case for Forescout Platform was to prevent unknown devices from entering my network. It was primarily used in a manufacturing company with IT and OT networks.

Forescout Platform was really useful for my operations team because everything is done automatically, eliminating the need for manual intervention.

One of the most valuable features of Forescout Platform is its automation, particularly the ability to automate remediation of rogue devices on the network. This feature allows us to quickly and automatically respond to network threats. 

Additionally, the platform enables automated policy enforcement, allowing us to simulate and test policies before enforcement, streamlining our security operations. This automation significantly reduces manual efforts and improves efficiency.

The console is a fat client, and a web interface would be preferable. This is the main issue I am facing as most applications now prefer web interfaces rather than fat clients.

I have used the Forescout Platform for five years.

The Forescout Platform is really stable. I would rate its stability as 9.5 out of ten.

Scalability can be costly since a physical box needs to be installed for every site. However, it's a straightforward process, and I would rate scalability as 7.5 out of ten.

I did not interact directly with customer service or technical support. I worked with a competent subject matter expert.

Neutral

I tried Topgut before choosing Forescout, as Topgut offered better automation. Eventually, I chose Forescout for its comprehensive features.

The setup is well-documented but not as simple as some other solutions. Key to success is ensuring access to all switches and firewalls for proper configuration.

Initially, the implementation team could consist of one or two people. One person to manage the console and another for network operations.

By using the Forescout Platform effectively, we can significantly decrease the workload on our staff, effectively freeing up about twenty percent of their time.

Installing a physical box on each site can be expensive. However, if it's not required to install one on every site, the pricing, although high, is justified as it is one of the best NAC products.

I evaluated Topgut as an alternative, however, it was not as comprehensive as Forescout.

Overall, I would rate Forescout Platform as eight out of ten. 

It's a complete solution, easy to manage, and I have faced no issues. We have shifted from just being end users to implementing and reselling the platform as a partner.

We use the solution to configure several policies and for internal security purposes. We have configured switching and several devices in our infrastructure.

When users don't have the required updates, security patches, and antivirus, the tool blocks them from our network. It is the most valuable feature of the solution.

The solution should include integration with other firewalls. It currently does not support integration with solutions like Palo Alto. We also have some Chinese devices that Forescout Platform does not support.

I have been using Forescout Platform for three years.

Forescout Platform is a stable product, and we haven’t faced any issues with its stability.

Around 850 users work with Forescout Platform in our organization. I rate the solution’s scalability a nine out of ten.

The technical support is not very good. We initially had issues installing the solution, and the support we received was not good then. The support team took four to five months to resolve an issue we had integrating the tool with Brocade and Juniper switches.

The solution’s pricing is fine.

The solution has a compliance enforcement feature that sends non-compliant systems to quarantine. Forescout Platform is a good product that provides seamless integration with Cisco Juniper and other devices. We wanted Forescout Platform to integrate with our firewalls and some vulnerability patch management solutions.

Forescout Platform is currently the best product and top-of-the-line NAC solution in the market. I always recommend this product to other companies as well. We have 365 subsidiary companies. I work in the head office, and I always recommend it. This solution will be purchased by other companies in the next financial year.

Overall, I rate the solution ten out of ten.

Forescout Platform works as our next-gen solution, helping us monitor and manage devices connected or disconnected from the network. Additionally, it assists in remediating noncompliant devices.

Forescout Platform's most valuable aspect is its excellent device profiling for devices without agents, which is crucial for our work due to challenges with agent-based devices. Its isolation and blocking actions are particularly effective for network security. The device compliance feature helps us ensure device compliance through immediate actions like updating antivirus software. We have already integrated Forescout with antivirus and vulnerability assessment tools, allowing it to monitor vulnerability scores and automatically isolate devices if critical vulnerabilities are detected.

I'd like to see improvements in the reporting aspect of Forescout Platform. While the dashboards are good, the reports are lacking and need enhancement, especially in terms of standardization and customization options. Apart from that, all the features and functionalities are working well without any issues.

I have been using Forescout Platform for the past four years.

Forescout Platform is a stable solution. 

It is scalable since our environment covers more than thirty thousand endpoints.

I've had mixed experiences with technical support. While the distributor's support has been good, my interaction with Forescout support directly was disappointing. I opened a case four years ago but didn't receive helpful assistance, and my escalation didn't lead to a resolution. Overall, the platform's support hasn't been satisfactory.

I've had experience with a POC for Cisco ISE in the past, but it presented challenges as it required agents to function properly, which was difficult for us.

Setting up Forescout Platform was straightforward. 

Maintaining Forescout Platform is straightforward and user-friendly, making it easy to manage once everything is set up.

For deployment, we followed a centralized implementation strategy, which took about a month with just one person handling it.

I haven't personally seen a direct ROI or significant impact on operational costs or incident response time. I receive good support from our distributor, who conducts regular health checks and updates, but direct support from Forescout hasn't been proactive in my experience.

Forescout Platform's pricing is in the middle range, not too cheap or expensive.

I highly recommend Forescout Platform as it's an easy and effective solution, especially for device profiling without agents. 

Overall, I would rate it nine out of ten.

We use it to enforce maintenance tasking orders or time compliance network orders that are passed down. 

We can do a lot with Forescout. We use it to quarantine non-compliant machines. We use it to mitigate vulnerabilities. We can push patches, and we can push scripts through Forescout. For example, if we need to know how many Windows machines are using the 10.9 image or whatever, we can look that up easily.

We like pretty much everything that it does. Vulnerability remediation is valuable. We can narrow down a system and its properties. We can go granular on the properties of each endpoint, such as which operating system you're using. 

Logging would be one area for improvement. When we're troubleshooting, there are not a lot of clear things on Google that we can look up for ourselves. When we have an issue with it, we have to call the company to get the vendors involved. The logging of Forescout is horrible compared to other things that we've used. We don't use ISE, but based on what we heard from the users we've reached out to who do use ISE, the logging capabilities of ISE are better, and troubleshooting is so much easier with ISE than it is with Forescout.

It doesn't have a lot of end-user support after the purchase of the license. There is no training either for Forescout. That's something that it's lacking. We need refresher training. The vendors came out and trained us whenever we first set up Forescout, but we have people coming and going all the time.

There are some things that we wish that it would do. We use ACAS, which is a reporting tool that scans our network and then lets us know what kind of vulnerabilities are on the network. It would be nice if there was a way to connect Forescout. I know ISE connects with our configuration management tools to push patches and things like that out to a large array of machines. With Forescout, we can push some patches out, but it can't handle anything on a large scale. So, we wish that Forescout would be able to handle more and connect to some of the other tools that we use. We have 15 different tools that do pretty much the same thing but in a different way to get a good picture of our network. It would be nice if we can condense that down or have something that is a central hub-type tool that can reach out to some of our other tools, compile the data better, and have that data in one place.

We've been using Forescout for probably four years.

It's pretty stable. We had some unexplained issues. We lost our ability to authenticate. So, about 30,000 phones went down. We had to get the Forescout vendors in here to figure out why that happened, and then we sent the logs up, but I don't think we got any clear answers on why it happened.

I'd like to see Forescout play well with some of our other tools to be able to link up.

In terms of its usage, from what we heard, there are around 14 bases that are using Forescout currently. For its maintenance, just one or two people are required. When you get too many hands in a cookie jar, you end up having problems. So, we got a couple of people in here who know Forescout and dig into it. We have a few people who just have read-only accounts. They go in and look up things, but they can't make any administrative changes.

When we had the authentication issue, they were already in the area. So, we got lucky when we called them. They don't offer a lot of vendor support, but one of our guys is Forescout certified and about to get out of the service. They're trying to recruit him onto their team. Anytime he calls, he can get a vendor here. The vendor will actually make a detour if they're somewhere else. If they're flying, they'll fly here to help us out with our Forescout. So, I can't say from an unbiased perspective how they are with other customers, but for us, anytime we call the vendor, the vendor will come and fix our stuff, but we're a unique case because we are a government organization.

The initial setup for Forescout is complex if you don't know anything about it. It took a couple of weeks to set it up. We were a test base, so we had the vendors out here setting it up. They did all the training and everything with us. It took a couple of weeks.

Forescout came out and helped us with its implementation. 

We have seen a return on investment. It has helped us out with what we need to do. Our main job here is to make the network more secure by getting after our vulnerabilities and everything else. It has definitely helped us, especially with the quarantining machines and helping out with some of the vulnerabilities. The ability to push PowerShell scripts and batch scripts through Forescout is key because we can target vulnerabilities through scripting. So, it's definitely worth it as a product.

It's about $160,000, but I'm not sure how long that is for or what it includes. Because we were a test base, we were provided with servers, but now, Forescout wants us to buy servers because those servers are now end-of-life or end-of-service. For our lifecycle management program, in order to get a refresh on those servers, we would have to buy servers or use our own network resources to house Forescout. Forescout takes up about 13 or 14 virtual CPUs. The RAM and other things are quite similar to ISE. I don't know if it's as demanding as ISE, but the hardware and software requirements for both products are quite similar.

ISE is probably more expensive. Our network is about 22,000 endpoint devices. So, three years with 25,000 endpoint devices with ISE was about $363,000. With Forescout, we're only paying $160,000, but I don't know if that's for a year. I know the last time we were provided Forescout licenses was probably four years ago, maybe even longer. We had purchased it, but the people who were involved in setting up Forescout had left and gone to another assignment. We didn't even know that we had Forescout. The servers were sitting on our server floor for probably a year and a half before we were finally like, "Hey, what's this?" We dug into it a little bit, found the contract, and then we were able to contact Forescout and get the vendors to come out and help us set them up and get Forescout running. Because we spent about $140,000 last time, it's going to be $160,000 now, but I'm not sure if that's a four or five-year contract. I'm not sure how long that contract would be for.

I would advise doing research on both ISE and Forescout.

I would rate Forescout an eight out of ten because it doesn't have a lot of end-user support after the purchase of the license. There are not a whole lot of training resources, and there is not a whole lot of troubleshooting help. 

We use the tool for security in the banking and insurance industry. 

I help customers use the Forescout Platform for compliance enforcement. We can specify what needs to be installed on devices connecting to the network, like antivirus, updates, and security software.

For improvements, I think technical support could be enhanced. The time zone difference makes remote support difficult - I'm in Indonesia, and they're in the US. Maybe the Forescout Platform could provide engineers from Asia Pacific.

I have been working with the product for two to three years. 

I help customers implement the product. Sometimes, it has difficulties, especially with internal networks. We can face challenges integrating with firewalls. Implementation usually takes 1-3 months with two people. The product needs maintenance after deployment.

I rate the solution a seven out of ten. I usually recommend it to bigger companies, not smaller ones.

The product is used especially in scenarios where you have an abandoned server that did not have any updates or any security updates or a stable operating system, owing to which you had to shut it down in your environment. If, somehow, somebody tries to switch on an abandoned server, Forescout will check if the operating system and antivirus are updated or not, and if they are not, then it will immediately disconnect such a server from the network and isolate it.

The valuable feature of the product stems from the fact that it is easy to implement. The person who implemented the tool had a security team and a department that took care of the implementation and defined the policies along with everything else. For patching purposes, my company uses Ivanti Endpoint Management Software.

I have been using Forescout Platform for a year. I use the solution's latest version.

Stability-wise, I rate the solution an eight and a half to nine out of ten. I provide my ratings based on my experiences associated with the product. There is another team in my company that takes care of the configuration and implementation process attached to the product. I have not even seen the interface of the product except for a few of its features, including how its policies are made.

It may be a scalable solution, but I don't know much about it.

I believe that my company has implemented the tool for around 8,000 to 9,000 users.

The implementation of the tool was taken care of by the security team and not me.

The solution is deployed on the cloud and on an on-premises model.

The product may not yield any return on investment since it is only used to make your environment more reliable and secure.

Considering that my company is learning and implementing new things, the tool's UI and UX are okay.

I recommend the tool to others. I don't know what the competitive products of Forescout Platform are, but in our environment, they are the best.

The tool's policy enforcement capabilities are good and streamlined to our company's security operation.

I don't think there is any AI feature in Forescout Platform.

I rate the tool an eight out of ten.

We have two main use cases: wired networks and wireless networks. In the wireless scenario, our main focus is on authenticating users to ensure compliance before granting access to our private network.

We use the Forescout Platform for device visibility and control in our network. It's very helpful for tracking malicious or unusual activity. We use it to track which ports are open, which machines are running specific services, and to identify vulnerabilities. For example, there was a vulnerability related to SMB, and we could use the product to determine which machines inside our organization were allowing SMB traffic.

The tool's most valuable feature is its ease of configuring and controlling endpoints, particularly in building policies for endpoint management. Its interface is simple to use and offers good visibility.

When compared with other solutions, the Forescout Platform's standout feature is its ability to integrate with various systems. This capability is particularly valuable as it supports the implementation of a zero-trust architecture. We are currently in the process of constructing our zero-trust architecture, wherein the tool serves as a pivotal component.

The solution's compliance capabilities have indeed been very beneficial for our organization. Unlike other solutions, it allows us to implement controls swiftly. Typically, transitioning to a blocking mode with other solutions would take around six months. However, we achieved this with the Forescout Platform within just one month.

The product needs to improve its support. I know a case that dragged on for about one and a half years. They eventually suggested professional services and closed the ticket. We followed their advice, engaging the account manager and professional service team, only to discover that the issue was a bug. After reopening the case, it's been about six months, and the problem still hasn't been resolved.

Forescout Platform's support often takes a long time to respond to tickets. Even after we reply, there's another lengthy wait for feedback, and their responses sometimes seem to delay resolution with unnecessary questions. For instance, they might ask for details about previous issues. Meanwhile, competitors may offer temporary solutions but often lack or are unsatisfactory regarding technical or research and development support from Forescout Platform's team.

Another area where it can improve is when dealing with multiple sites and overlapping subnets. While it works well for individual sites, it struggles when managing several sites with overlapping subnets, especially with authentication portals.

I think the Forescout Platform could use some extra features or improvements in the future. Specifically, it could be better at working with other security tools. For example, when it connects with VPNs or security scanners, it could work a bit better. The tool has already made some efforts in this area, but I think it could do even more to make these devices work together

I have been working with the product for two years. 

I rate the product's stability a ten out of ten. 

My company has 800 to 1000 endpoints and approximately 500 users. I rate the tool's scalability an eight out of ten. Forescout Platform is fully operational in our company, managing all our devices. We plan to use it more in the future because we're setting up a zero-trust architecture. This will allow our staff to work remotely, even from home.

I have used Cisco before. When deciding which product to switch to, we picked the Forescout Platform because it was more stable and easier to upgrade.

I rate the tool's ease of deployment a ten out of ten. It is easy to manage and implement. With the help of our partner, it took about one to two weeks at most to deploy this solution. This includes setting up the policies, implementing them, and ensuring the product is operational. Building the policies initially took around two to five days. However, refining and enhancing the policies took approximately three weeks in total.

We required a team of one senior engineer and one regular engineer to deploy this solution. The regular engineer was primarily responsible for implementing the Forescout Platform. In contrast, the senior engineer was involved in specific areas, such as integration and troubleshooting issues during deployment.

We currently only need one engineer for maintenance. The solution is mostly up and running, requiring minimal intervention. On average, the engineer spends about five minutes daily checking for issues or addressing complaints.

I rate the overall product an eight out of ten.

We use the Forescout Platform for radius authentication, as well as visibility control and enforcement. Such as discovery, classification, control, and orchestration for all possible use cases.

This is clearly the best product for the NAC use cases in this field for Forescout. It is difficult to implement. I wouldn't say it's complicated in that sense. It all depends on who is using it. 

If people don't understand the product, it's obviously complicated because it has multiple components that are difficult to mix and match and bring into the environment, which we faced a couple of years ago. But now that we know how the products and different licensing models work, we can bring in the right components, such as modules and all. It's kind of like once you know the product is simple.  Otherwise, you must understand that this is somewhat complicated.

The product is excellent. As a product, there is nothing to complain about. However, they should improve their overall support.

Let me provide an example. Assume you are in the United Kingdom, and you are also familiar with the cars in your neighborhood, and any manufacturer you have heard of. And let's say Forescout is one of the niche products, similar to Rolls-Royce. You know that Rolls-Royce is good, but you need some kind of information accessibility to use that.

The comfort is good, and you can obviously drive it, but you need to understand all of the features. You need that level of knowledge, that level of information is clearly not available.

First and foremost, that information is not accessible. 

The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service.

Things they should have told you ahead of time are that if you run into problems during the deployment, they will keep asking you to engage the product's professional services, which they will charge you for.

And from the standpoint of support, they should be adaptable. When they are aware that customers have made significant investments in these expensive licenses. And it is expected that they will receive adequate assistance. That is where they are falling short.

You own a Rolls-Royce, but you are having trouble making the most of its features and functions.

I have been working with Forescout Platform for five or six years.

I am working with the latest version.

Forescout Platform is a stable solution.

If you do it correctly in terms of configuration and deployment. If you know the necessary prerequisites, yes it is very stable.

The Forescout Platform is scalable.

We are using it, and we have currently rolled out this solution to 55% of our organization.

We have approximately 400,000 users.

We also use Cisco ISE. I am working with the latest version which is version 3.1.

It is expensive and there are extra costs for the support.

The price depends on your environment. We do get a discount.

It is expensive because you have to pay for their CSM, the customer's access manager, and their professional services on top of that, and they charge you roughly $400 per hour, which is overhead. I find it to be expensive.

It is purely based on the use case. If they have any issues with OT or IoT, this is the best solution. Otherwise, they can rely on other products if they are a typical non-manufacturing or non-healthcare organization.

ISE is also extremely expensive. They can look for anything cheaper than this. It is dependent on the use cases.

Because IoT and OT products are widely used in healthcare and manufacturing, and Forescout is the best.

I would rate Forescout Platform an eight out of ten. They mostly fail to provide support during and after deployment.