Cisco ISE (Identity Services Engine) vs Forescout Platform comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 15, 2022
 

Categories and Ranking

Cisco ISE (Identity Service...
Ranking in Network Access Control (NAC)
1st
Average Rating
8.2
Number of Reviews
138
Ranking in other categories
Cisco Security Portfolio (1st)
Forescout Platform
Ranking in Network Access Control (NAC)
4th
Average Rating
8.4
Number of Reviews
73
Ranking in other categories
IoT Security (1st), Endpoint Compliance (4th), Extended Detection and Response (XDR) (14th)
 

Mindshare comparison

As of June 2024, in the Network Access Control (NAC) category, the mindshare of Cisco ISE (Identity Services Engine) is 26.7%, down from 31.5% compared to the previous year. The mindshare of Forescout Platform is 12.6%, up from 11.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Access Control (NAC)
Unique Categories:
Cisco Security Portfolio
32.1%
IoT Security
10.3%
Endpoint Compliance
4.3%
 

Featured Reviews

TO
May 3, 2024
Helped improve our security and is reliable
The solution is being used for authentication purposes and for sharing assessments.  Cisco ISE has helped improve our security.  It helps ensure that you are working in accordance with the organizational policy before you join the network. Also, the solution is very reliable.  I would like to…
Senthil_Kumar - PeerSpot reviewer
Feb 6, 2022
Helpful support, comprehensive, and simple configuration
Forescout Platform's most valuable features are that it is very granular. We are able to cull out a lot of information about our particular device or endpoint. The configuration and the visibility are very seamless. Overall the solution is very easy to handle and it's very comprehensive. We have visibility of all the hidden assets and there are various versions of implementations of an AV in our environment. From the Forescout Platform, we have clarity of the device, and all the different versions reported in a simple dashboard. The number of attacks has been minimal. After this installation, we didn't have any kind of noticeable incident.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"They have recently made a lot of improvements. My clients don't have much to complain about."
"I like that Cisco ISE is easy to use."
"The best feature of the Cisco ISE platform is that it is compatible with Microsoft products."
"I like the guest access feature, which has been important for us."
"Technical support is okay."
"The feature that I found most valuable is profiling. We use that to profile certain types of devices, and then depending on the manufacturer, drop them into the appropriate VLAN without us having to go in and manually add the devices."
"Improves switch account management."
"Using this solution gives us the ability to allow proper access to the network."
"Forescout Platform's best feature is plug-in integration."
"Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy."
"The Forescout Platform's most valuable features include its agentless configuration, which allows for easy integration with switches, and its broad customizability of rules and conditions for policy configuration. By leveraging its Network Access Control capabilities, the tool controls network access, allowing administrators to enforce policies tailored to the organization's needs."
"The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done."
"Forescout is easy to integrate with a lot of end systems."
"The most valuable features of the Forescout Platform are ease of management and outstanding visibility. The visibility is simple to obtain."
"This solution can be used to organize guest portals, integrate switches, and create policies. Some of its standard use cases also include completing key process upgrades and anti-virus of Windows OS."
"We think it's simple. We think it's very useful and we really like reports and everything."
 

Cons

"There should be more visibility into TrustSec policy actions. When TrustSec blocks something or makes any kind of changes to the network, we don't always see that. We have to log into the switch itself, or we have to get some type of Syslog parsing to do that."
"It could be less monolithic. It's one huge application, and it does everything under the sun, so it's hard to deal with and upgrade and manage."
"The user interface could be more user-friendly."
"There should be an easier way to do the upgrades. There are a lot of steps to get to the next version from the previous version which ends up being a bit of the headache with the upgrade."
"One of the issues that we used to have was with profiling because we're working with a service provider that uses a lot of bring your own devices."
"With the recent release of the solution, we had a bunch of bugs and we had to delay our deployment. Other than that, the solution is good."
"Whenever we see the authentication logs, we can't see what device we're logging into... We can see who logged in, but we can't see the IP address of the device... I'm sure that's available. We just haven't figured out how to properly deploy it."
"They should improve the documentation. There tends to be a lot of old text, or the new things aren't always up to what's been released on the code, and sometimes the documentation is inconsistent."
"Forescout Platform would benefit from using AI. Everything has to be set up manually, but AI can learn and suggest rules over time. It also lacks visualization, and some interface configurations need improvement. The visualization seems a couple of years behind compared to other products."
"The biggest disadvantage is the pricing."
"As a user, if I am using a laptop that is Wi-Fi connected, Forescout identifies my port connectivity as one user license, and if I take that same laptop with the same username to a wired network, which is also the same network that is used for the Wi-Fi connection, Forescout detects it as a separate license."
"For the user, the policy that they have implemented sometimes needs adjustments. Sometimes the features that the customer asks for aren't involved in the main installation, and I need to bolt an add-on in. However, I never know if this policy is the right one when I do this."
"When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with."
"The solution could always improve by adding more features to make it more robust."
"Two things can be improved in the Forescout Platform. First of all, the support for some certain proprietary protocols from other vendors, but they are very widely used. If the TechEx from Cisco, was added to Forescout, then it will be a full solution for me."
"Although Forescout manages endpoints and network devices, there is no capability for user management."
 

Pricing and Cost Advice

"Licensing has got much simpler since Cisco moved to the DNA model because we just have the three tiers, but it could always stand to be improved upon."
"The pricing is good. The last time we purchased four new appliances the price was doable for any organization of our size."
"Its price is probably good if you use all of its features and functionalities to protect your environment. If you use only a part of the functionality, its price is too high. It is just a question of value and the functionality you use."
"Our customers pay for the license of Cisco ISE (Identity Services Engine). They have an annual subscription, rather than a monthly subscription."
"It costs around 50,000 baht in the first year, but I'm unsure about the second year."
"Hardware appliances are expensive...Now moving to DNA-styled licensing, we have subscription-based licensing for everything. I hope it will continue to be fair, but we will have to wait and see."
"It is fairly expensive and that's part of why we have implemented it in the type of 'hack' that we did, to service multiple clients."
"The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution."
"It might not be the cheapest solution, but you get what you pay for."
"Forescout is more expensive than Cisco because Cisco gives high discounts."
"The Forescout Platform's pricing is in the middle range, not too cheap or expensive."
"5,000 user licenses will cost you between seven and eight million dollars, compared to 20 million for Aruba."
"The price of the Forescout Platform is expensive. I purchased it for approximately 94 lakhs."
"The pricing structure should be enhanced."
"I would rate Forescout Platform's pricing as four out of five."
"The cost of licensing for this product is quite high, but this cost covers all the features of the solution so it is a single payment for the term that has been selected."
report
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
789,291 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
23%
Computer Software Company
16%
Government
8%
Financial Services Firm
7%
Educational Organization
29%
Computer Software Company
11%
Government
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
What advice do you have for others considering Forescout Platform?
Forescout is a very powerful NAC product that does not rely on port level configuration. It can detect and block unauthorized devices very quickly. But it has a lot of capabilities and really would...
What advice do you have for others considering Forescout Platform?
I would rate the Forescout Device and Visibility Control Platform at a six out of ten.
What advice do you have for others considering Forescout Platform?
I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place. That's the main recommendation is to do a proof of concept. If they do, they will...
 

Also Known As

Cisco ISE
Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT
 

Learn More

 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust
Find out what your peers are saying about Cisco ISE (Identity Services Engine) vs. Forescout Platform and other solutions. Updated: May 2024.
789,291 professionals have used our research since 2012.