Forescout Platform and Cisco Identity Services Engine (ISE) compete in the network access control (NAC) market. While both products offer robust features, Forescout is noted for its flexibility and integration capacity, whereas Cisco ISE excels in comprehensive access control bundled with its suite of Cisco products.
Features: Forescout provides agentless endpoint visibility, policy flexibility, and effective network access control without requiring 802.1x, alongside integration with Active Directory and third-party products. Cisco ISE emphasizes security with comprehensive access control, integrates well with Cisco's ecosystem, and offers features such as TrustSec and dynamic VLAN assignment.
Room for Improvement: Forescout could enhance its reporting capabilities, reduce false positives, and improve integration with additional third-party security tools. Users also find its licensing model expensive. Cisco ISE faces challenges with its complex deployment process, learning curve, and integration with non-Cisco devices, with users calling for better documentation.
Ease of Deployment and Customer Service: Forescout and Cisco ISE both offer flexible deployment options for on-premises, hybrid, and cloud environments. Forescout's customer service is generally responsive but inconsistent. Cisco's technical support is praised but also criticized for slow response times, and ease of deployment often requires improvement.
Pricing and ROI: Forescout's pricing is perceived as high due to its intricate licensing model, yet it offers substantial coverage for complex environments, leading to positive ROI acknowledgments. Cisco ISE's pricing is also high, with transitions to subscription models potentially raising costs; users appreciate its feature set but see a need for cost efficiency to bolster competitiveness.
Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.
I rate the technical support as one out of ten.
Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.
We have had experience with their technical support and must pay additionally for maintenance, support, and regional service.
Factors like architecture, business nature, and legal limitations such as GDPR affect it.
Scalability can be costly since a physical box needs to be installed for every site.
The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication.
Cisco Identity Services Engine (ISE) is considered very reliable and stable.
I would rate its stability as 9.5 out of ten.
The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE).
Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features.
Additionally, the product is vulnerable and has many bugs.
Forescout Platform could enhance its integration of AI to improve IoT and OT device security to better meet our needs.
The console is a fat client, and a web interface would be preferable.
The license costs can range between $50,000 to $100,000 per year for enterprises.
Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.
Making large organizational costs significant.
Installing a physical box on each site can be expensive.
The overall pricing of Forescout Platform is reasonable for the functionality it provides.
This solution ensures organizations have secure environments and also supports robust policy enforcement, allowing control over who has access to various parts of the network.
There is value because it helps us secure the network and prevents certain things from happening which could cause financial loss.
Cisco Identity Services Engine (ISE) is very good at device administration.
The platform enables automated policy enforcement, allowing us to simulate and test policies before enforcement, streamlining our security operations.
The most effective feature has been network access management, which has been crucial for our primary use cases in the organization.
Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.
Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.
What are the key features of Cisco ISE?In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.
Forescout Platform provides today’s busy enterprise organizations with policy and protocol management, workflow coordination, streamlining, and complete device and infrastructure visibility to improve overall network security. The solution also provides concise real-time intelligence of all devices and users on the network. Policy and protocols are delineated using gathered intelligence to facilitate the appropriate levels of remediation, compliance, network access, and all service operations. Forescout Platform is very flexible, integrates well with most of today’s leading network security products, and is a very cost-effective solution.
Forescout Platform Features
Real User Reviews
An important main feature of Forescout is the visibility the solution offers.
One reviewer who is a Consultant at a tech services company, says, "Within three or four days, you can have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."
Users also appreciate that the user interface is clear and easy to understand.
An Instructor at a tech services company, shares, "The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
