Forescout Platform Reviews

This solution can be used to organize guest portals, integrate switches, and create policies.  Some of its standard use cases also include completing key process upgrades and anti-virus of Windows OS.

This solution could be improved if there was functionality or module integration to connect Forescout with open source, container areas or Terraform.  It would also be useful if this solution could run with network plugins to Kubernetes. 

I have been using this solution for three years. 

This is a stable solution but does require additional servers if we want to make use of the full functionality of the solution. 

This solution is not that easy to scale but this depends on a company's needs. 

For our business, if we want to connect to the host, we can do it from one main office and can connect an inventory to those remote hosts from one point. If we want to collect spam traffic, for example, we cannot collect this traffic from one point, because a wider connection channel is needed. So in this case, we need to deploy an additional server for Forescout that will collect spam traffic and send method data to the main management server.

We have hardly needed support from the Forescout team. 

The initial setup was not that straightforward and configuration took a long time and required technical specialists. When assisting customers, we need to have a technical specialist onsite to deploy the solution. 

I would rate this solution an eight out of ten. 

The installation is not secure because it takes high admin privileges.

Forescout is stable.

The initial setup is easy, taking no more than two or three weeks.

Forescout is more expensive than Cisco because Cisco gives high discounts.

Forescout is better for smaller organizations in sectors like education or hospitality. I would rate Forescout as five out of ten.

The use case is for a compliance check for the users who get into your organization. We identify the host for Windows PC, Mac, Linux, and servers. These are some of the use cases for user control and policy management. Some of the other use cases are to kill some applications and peer-to-peer applications. It's mainly for visibility and control, and we also integrate with various firewalls and other system security solutions. For example, LogRhythm, Splunk, Qreader, McAfee Orchestrator, and Trend Micro.

I work on multiple technologies and security technology. The solution is deployed on-premise. We don't use it for our own company. We are the system integrators and we deploy for various customers across the region we work with and we deploy most of the verticals.

This is far better than any other Mac solution. Within three or four days, we have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly.

When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with.

They already support some 63,000 plus vendor models. They are also upgrading it, and they have two million plus devices in a single deployment. Maybe there are some legacy tools with support. I know they're working very hard on the OT infrastructure and OT side of integration, but I'm not into OT side.

I have been using this solution for three years.

I don't see any issue with stability. I'm not hearing from any customers who are reporting any issues about stability. They are mostly looking for compliance and operation security.

The solution is absolutely scalable.

Technical support is good. I don't see any issues. The type of support you get depends on the contract that you sign. They're timely and the support is good.

The amount of time it takes for deployment depends on how many branches you have, whether it's a central deployment or a hybrid. It depends on how you want to use the solution. It varies but if it is only central deployment for a couple of branches, we can do it in a minimum of one month.

The number of people it takes for deployment just depends. One engineer can do it, but you also need support from the customer. You should have very good system administrators, or some network engineers to support you in terms of various authentication integrations. There should be a minimum of one from the deployment side, two from the customer side.

I would rate this solution 7 out of 10. I'm not sure about the OT side, but the visibility, control, orchestration, dashboard, and reporting are all good.

My advice is that you really need to understand the prerequisites of the use cases if you want to deploy the solution. You should also understand what kind of services they should open and the security rules—a firewall. They should have a clear understanding of how it is being designed and the architecture. If you know, it's easy for deployment, otherwise you will get stuck.

Forescout Platform provides continuous security monitoring and mitigation.

The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good.

If you want to deploy a new solution to block, you can't do it by yourself. You need the Forescout to deploy these solutions. They could prove this by making it better.

There are virtual machine limitations, this is not a solution that they use to protect my company.

In the next release of the solution, it could benefit from being more flexible to allow for more freedom.

I have been using the Forescout Platform for approximately two years.

Forescout Platform has the NAC solution and it is necessary to deployment. It's not exactly the same, but it can save some money rather than using another approach for NAC.

I rate Forescout Platform an eight out of ten.

We are using the Forescout Platform for authentication and for 100% device visibility.

Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in.

There are features that you can protect your organization.

I have been working with Forescout Platform for approximately eight months.

I have observed the solution to be stable.

Forescout Platform is a scalable solution and it is easy to scale.

Forescout Platform is new to the market here in Pakistan and customers prefer Cisco. We recommend the Forescout Platform to our customers because they are comparable solutions. Many of them are considering the Forescout Platform for their upcoming project. Customers in the financial sector have been interested in the solution.

I have been satisfied with their support. Their response to all of our queries has been very helpful.

I have previously used Cisco ISE.

The initial setup of the Forescout Platform is very straightforward when compared to Cisco.  Cisco ISE is very complex.

The time it takes for the deployment depends on the availability of the customer, and the team. If the customer can provide some information as soon as possible then the deployment can be done within 60 days for a large organization. This can be between 1,000 to 20,000 endpoints.

The cost of the solution depends on the customer's requirement because the customer is asking for different integration with a different product. Forescout Platform's price would start to get a bit higher. However, overall the price is a little expensive. It's can fit within the customer budget.

My advice for someone looking to implement the Forescout Platform, it is a product that tells you what are the devices connecting your network. Without installing agents or without doing manual work, you can automatically know the inventory of your devices in your organization.  It's a very good feature that you can discover all devices connected to the network, such as printers or iPhones. You do not need to categorize the devices or find the MAC address of the devices connected on the remote side.

I rate Forescout Platform a nine out of ten.

If the price was cheaper then I would rate the solution a ten.

We are a solution provider and we are currently implementing this product for our customers.

One of the reasons we use Forescout is to differentiate between our employees and guests in the office. For employees, we want to make sure that all of the Wi-Fi devices connected to our infrastructure comply with our security regulations. For guests, or for subcontractors, our goal is to monitor and regulate access.

This also provides us with the ability to use automation during our compliance and review. For example, we can automate processes with third-party solutions such as Splunk, or our own firewall can have an automatic response based on the compliance results from Forescout.

The most valuable feature is the ease of deployment, which does not require the use of an agent.

We are satisfied with the interface.

Better integration with third-party vendors is needed because as it is now, the list of third-party solutions that we can integrate and automate is quite limited. We would like to see the list of vendors expanded to be broader.

The types of products that we would like to integrate with are firewalls, patch management solutions, and SIEM applications, for example.

We have been working with the Forescout Platform for about two years.

It is quite stable and we have not experienced any issues.

I thinking that Forescout scales well enough.

We are satisfied with technical support and have not had any problems with them.

The initial setup is pretty straightforward. The length of time required for deployment depends on the number of use cases that we want to implement. For example, integration with different products will take longer to deploy than a simple REST API access or integration with Active Directory.

I would say that on average, it might take between two weeks and one month to deploy.

We have a system integrator to assist with deployment.

I would rate this solution a nine out of ten.

We're Forescout partners and offer this as a solution to our clients.

The solution's most valuable aspects are its network visibility and its ability to extend into other solutions for integration purposes. 

The initial setup is quite simple. It's not too complex or difficult to set up.

The solution needs more definitive pricing. The costs are hard to nail down.

I've been using the solution for less than two years. It's been one and a half years at this point. It hasn't been too long.

The solution is stable. It's very reliable. There aren't bugs or glitches. It doesn't crash.

The solution is scalable. If an organization needs to expand it out, they are able to fairly easily.

We tend to use this solution for different sized companies in various markets.

Technical support is great. We find them to be quite knowledgeable and responsive. We're very satisfied with the level of support we receive.

The initial setup is not complex at all. It's straightforward. It's pretty easy to manage.

We implement and deploy the solution for our clients.

The pricing is very important in Sri Lanka. We're sensitive to pricing. We'd like it if the solution was more clear on their pricing and if they were able to lower it.

We try to always use the latest version of the solution.

We're a partner. We use various deployment models, depending on the company we are implementing the solution for. We use both cloud and on-premises deployment models.

I'd recommend the solution to other users and companies. We've been quite pleased with the solution so far.

The customers seem to be very happy with the product as a whole. It's just the pricing that worries everyone. There's the competition to consider. If others can offer better pricing, I believe we would probably consider deploying it instead.

That said, overall, I'd rate the solution nine out of ten.

Our primary use case is for device compliance and access control.

Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it. 

The pricing, technical support, stability, scalability, initial set up, interface, dashboards, management, and monitoring are fantastic. They are excellent. 

The licensing of the solution is pretty simple. The process of deploying the solution is pretty straightforward. The dashboard, in terms of monitoring and management, is pretty simple. Maybe because I have a very robust technological background is why I don't struggle with these things. In terms of management, deployment, and support, although I really don't require their support, so far, so good.

Truth be told, I'm good with it. I'm yet to have something with the solution that I don't feel comfortable with. It's fine. I've not seen a cause or a reason why I should want something to be changed, but that doesn't take out the fact that there's always room for improvement. What I would love to see is a situation where my Forescout can integrate with different security technologies. Where it can share contextual information bidirectionally. I had written to Forescout about this and they told me they have that functionality already. So I think that settles it. They can share device context with the security technology and that technology can also be shared with Forescout. To build a form of connective strategy towards security. They have a dedicated module for the security technology I'm concerned about.

But with that software, I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy I talked about. So far, it's good. It meets my requirements that I had concern about.

I have been using Forescout Platform for one year.

In terms of scalability, my deployment architecture is central, so it scales with respect to the number of devices I have to add to my network. The licensing is based on the number of devices you have currently with regards to the future growth in the number of connected devices to your IT network or to your IT infrastructure. That gives you room to scale. So if I know that in the next two years, I would have an additional 50 or 100 users connecting to my network, either directly or remotely, I go for an appliance that accommodates that growth. Which is what I currently have.

So there's room to scale. Then the licensing is based on the number of devices you have currently. So if I have more devices come to my network, I can just acquire more licenses to take care of them. So I think that's fine.

I've been very conversant with the technology for areas where I've experienced some challenges and I had to fix it up myself, but it's straightforward.

In terms of support, I've had to reach out to technical support. He was readily available and we made progress. So support is also good. My experience so far has been good. That's why I told you earlier that it's difficult for me to really point to somewhere where I could make an improvement.

On a scale of one to ten I would give Forescout Platform a nine.

My company is in the financial services industry. The primary use case is Network Access Control and control endpoint access to network. The environment is used to process sensitive data. We want to ensure that rogue devices and unauthorized devices are unable to join the network. This will reduce our exposure to attacks.

It has helped with improving our security posture in terms of controlling the access of rogue devices into our network through identification. We have been able to prevent rogue device activities on the network, check the health of the system, and ensure remediation. 

It has provided visibility into the workings of our routers and switches. We also extended this capability to our branch offices through a WAN connection.

Access control: Being able to set policies that determine how devices join our network and how they are expected to behave while on the network. The fact that we are able to access the hygiene of our endpoint and monitor it continuously makes it fit for purpose.

I would advise Forescout through their research and development to look for features that they can add. Also, based on the what other competition may be selling, if they find any useful feature, they should add those to their product.

The last three months.

It is stable and reliable.

It is a good product that is fit for purpose.

Fantastic

No.

The initial setup is a bit complex.

Not applicable.

The setup cost, pricing, and licensing are on the high side.

No. I heard of Forescout, then went ahead and bought it.

Asset Discovery. 

We were not able to accurately see devices in our network and/or have the ability to either remove rogue devices from the network or move them off to another VLAN. With corporate owned assets, we also have the ability to see if something is missing or not up-to-date on a product, then we have the ability to push the update down to the asset. 

We have not integrated the wireless access points into the product, but we are able to gain better visibility with wireless access points for mobile devices to do the same thing.

We are now able to see the assets connected to our network and classify them based on certain criteria that we can define. We still have a ways to go in getting things setup and more networks defined on what we want to see. Forescout is allowing us to gain that visibility with a few clicks of the mouse. Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy.

There are so many to list: 

• The policies and what you can do with them is amazing. 
• The ability to narrow down devices online versus offline.
• Get the MAC Addresses last attributed with a device or IP address on a device and connect that to its switch port or router. This is very beneficial when assisting in tracing back physical connectivity, if needed. 
• The ability to move a device off the network is very useful. The hardest part is showing the help desk what they need to do when troubleshooting a device connectivity issue.

When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies. I could see after doing this repeatedly that it may lead to some premature clicking in an area that you may not have wanted, depending on how your segments are setup, and may cause issues later down the road.

Just a few months.

In using the product for a short period of time, we have not had any issues with it. This product so far has proven to be top notch and do what is designed to do. The visibility into the network makes things an ease.

It is highly scalable and easy to implement.

Customer service and technical support are very responsive. We had one issue integrating a module and had a response within 30 minutes of opening the ticket, then we had a resolution shortly afterwards.

We did not use a different solution other than best guess or a manual Nmap with port scanning tools to find out what was on a network segment, which was very time consuming.

Our network is fairly complex. However, the setup of this application was straightforward. It has great documentation on what ports/protocols are needed when communicating with other devices. The documentation was easy to read.

We implemented with Professional Services from Forescout.

Time savings in finding rogue devices as well as identifying potentially unwanted devices on the network has saved the organization time and money.

It might not be the cheapest solution, but you get what you pay for.

Senior management used this product before and already did a comparison of other products.

The product has proven to be worth the cost and time savings alone in finding rogue devices. It helps with ROI and increasing our security posture. You can't protect what you don't know about or can't see.