Coming October 25: PeerSpot Awards will be announced! Learn more

Forescout Platform OverviewUNIXBusinessApplication

Forescout Platform is #1 ranked solution in top IoT Security tools, #3 ranked solution in top Network Access Control (NAC) tools, and #5 ranked solution in top Endpoint Compliance tools. PeerSpot users give Forescout Platform an average rating of 8.2 out of 10. Forescout Platform is most commonly compared to Cisco ISE (Identity Services Engine): Forescout Platform vs Cisco ISE (Identity Services Engine). Forescout Platform is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 16% of all views.
Forescout Platform Buyer's Guide

Download the Forescout Platform Buyer's Guide including reviews and more. Updated: September 2022

What is Forescout Platform?

ForeScout Platform provides today’s busy enterprise organizations with policy and protocol management, workflow coordination, streamlining, and complete device and infrastructure visibility to improve overall network security. The solution also provides concise real-time intelligence of all devices and users on the network. Policy and protocols are delineated using gathered intelligence to facilitate the appropriate levels of remediation, compliance, network access, and all service operations. Forescout Platform is very flexible, integrates well with most of today’s leading network security products, and is a very cost-effective solution.

ForeScout Platform Features

  • Real-time complete visibility: With ForeScout eyeSight, each and every device is classified when any attempt to access your network has been made. This includes - but is not limited to - desktops, laptops, android devices, virtual machines, switches, VoIP phones, USB memory sticks, webcams, IoT devices, and more.

  • Policy-based and manual controls: In today’s busy robust environment, networks are continually changing; there are different types and amounts of devices connected, various software applications, network compliance requirements, and the constant potential for risk make managing an IT network a very daunting challenge. The ForeScout Console is used to simplify the administration and management of important alerts, remediation, and access controls to keep the network secure.

  • Intuitive real-time dashboards: ForeScout Dashboards, a component of ForeScout WebClient, is a comprehensive web-based intelligence center that gives full visibility and real-time insight of the complete network using both out-of-the-box and user-created widgets. The dashboards are very intuitive and deliver robust, easy-to-understand information about device visibility, compliance, health monitoring, and more.

  • Advanced reporting capabilities: The ForeScout Reports Plugin will generate numerous valuable reports indicating real-time and overall status information about endpoint compliance, device details, networks guests, protocols, and more. The reports help to ensure IT administrators, executives, security teams, and other important shareholders stay well-informed about all network activity at all times.

  • Comprehensive third-party overview: ForeScout eyeExtend facilitates seamless information sharing with third-party vendors, networks, and IT management solutions supporting improved automated workflows, productivity, cost-effectiveness, and overall security.

Real User Reviews

An important main feature of ForeScout is the visibility the solution offers.

One reviewer who is a Consultant at a tech services company, says, "Within three or four days, you can have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."

Users also appreciate that the user interface is clear and easy to understand.

An Instructor at a tech services company, shares, "The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."

Forescout Platform was previously known as Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT.

Forescout Platform Customers

NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust

Forescout Platform Video

Forescout Platform Pricing Advice

What users are saying about Forescout Platform pricing:
  • "We might have paid in the ballpark of $20,000 yearly for our licenses. I do not recall there being other fees over and above the standard licensing fee."
  • "It is expensive because you have to pay for their CSM, the customer's access manager, and their professional services on top of that, and they charge you roughly $400 per hour, which is overhead."
  • "There are no additional costs that I am aware of."
  • "They base the license on the number of devices, which is quite misleading."
  • "We have a very clear licensing model for business. I don't have to have a Ph.D. to be able to understand the licensing model as you might need for other solutions. If I know exactly what we want, it can tell you which license you need. The solution is easy for purchasing, ordering, and ease of deployment as well."
  • "The price of the solution is reasonable. We have paid for the license for five years. We have integration with Symantec AV for orchestration, and we have an additional license."
  • Forescout Platform Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Jonathan Soto - PeerSpot reviewer
    Ingeniero Senior en seguridad y telecomunicaciones at a non-tech company with 1,001-5,000 employees
    Real User
    Top 20
    A straightforward setup with good technical support and good stability
    Pros and Cons
    • "The user management has been very easy for the most part."
    • "The licensing costs are quite high. With the amount of hardware we have, we need too many licenses to make the product effective and it's ultimately just too costly."

    What is our primary use case?

    We needed some protection in our environment. We use this product in some areas in our network to monitor the security of the endpoints of our users. 

    What is most valuable?

    The environment was easy to configure. 

    The user management has been very easy for the most part.

    The initial setup is pretty easy.

    Technical support has been very helpful.

    The stability overall is good.

    What needs improvement?

    The licensing costs are quite high. With the amount of hardware we have, we need too many licenses to make the product effective and it's ultimately just too costly.

    We may have some problems with compatibility - specifically with Cisco switches. We have the perimeter a Check Point firewall as an alarm for VPN connections. We have users integrating the VPN Check Point with Forescout. We can't seem to scale due to compatibility issues and price.

    For how long have I used the solution?

    We have been working with the solution for around two years. It hasn't been that long. That said, we are moving away from the solution.

    Buyer's Guide
    Forescout Platform
    September 2022
    Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
    633,572 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    Overall, the stability of the product has been very good. It doesn't crash or freeze. There aren't bugs or glitches. It's been set up very well. We've found it to be reliable and the performance is good.

    What do I think about the scalability of the solution?

    Our issue, in terms of scalability, is that we have a brittle machine. We struggled to get the licenses loaded. We would need to change the machine in order to develop a certain level of scalability capabilities.

    At the moment, we have about 100 users on the solution, however, we require more licenses. Our goal was 1000 users on devices, however, it wasn't possible. The economics were against us.

    How are customer service and support?

    While I have never personally opened a case with technical support in the past, my colleague has. He found them to be very responsive and helpful. He was satisfied with their level of service.

    Which solution did I use previously and why did I switch?

    We did not previously use a different solution. Forescout was our first.

    We are just now migrating to Cisco ISE. The problem is that we have around 500 users and we have only 100 licenses from Forescout due to the fact that it is a little expensive for us. We are trying instead to move to Cisco ISE, which has better pricing.

    How was the initial setup?

    The initial setup was not complex. It was pretty easy. Installation maybe takes one or two days, and the implementation in total takes around two weeks.

    We have a partner from Forescout in my country. He came to my company to meet with us. He helped explain a few things and assisted with network displays. 

    There were about eight people that handled deployment between our end and the technical support side.

    What about the implementation team?

    A Forescout representative ultimately came to our company for us. They assisted a little. They understood the cloud very well and were very helpful.

    What's my experience with pricing, setup cost, and licensing?

    The licenses are quite expensive. Ultimately, we couldn't afford the amount we needed, and therefore we are moving off the product.

    We might have paid in the ballpark of $20,000 yearly for our licenses. I do not recall there being other fees over and above the standard licensing fee.

    Which other solutions did I evaluate?

    We evaluated Cisco. The difference is the compatibility with our network. Other switches are Cisco devices, and therefore the compatibility and the integration were a little easier. With Forescout we have had some issues with some other access points. With Cisco ISE, we don't have that problem.

    What other advice do I have?

    I do not recall which version of the solution we are using. We use the on-premises deployment model, however, we also have some clients on the cloud.

    I would advise other organizations that, if they have multi-vendors in their network, use Forescout. However, if most of the devices are Cisco, it is best to use Cisco ISE.

    It is a great tool and solution. We looked into it with the Magic Quadrant of Gartner and we have seen that it is a leader in the space. However, for us, it just doesn't work as well in terms of compatibility.

    I'd recommend the solution. I would rate it at an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    SunilkumarNaganuri - PeerSpot reviewer
    Service Line Manager (Service Operations Expert) - Network Access Control at a pharma/biotech company with 10,001+ employees
    Real User
    Top 20
    Good visibility, control, and orchestration
    Pros and Cons
    • "This is clearly the best product for the NAC use cases in this field for Forescout."
    • "As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service."

    What is our primary use case?

    We use the Forescout Platform for radius authentication, as well as visibility control and enforcement. Such as discovery, classification, control, and orchestration for all possible use cases.

    What is most valuable?

    This is clearly the best product for the NAC use cases in this field for Forescout. It is difficult to implement. I wouldn't say it's complicated in that sense. It all depends on who is using it. 

    If people don't understand the product, it's obviously complicated because it has multiple components that are difficult to mix and match and bring into the environment, which we faced a couple of years ago. But now that we know how the products and different licensing models work, we can bring in the right components, such as modules and all. It's kind of like once you know the product is simple.  Otherwise, you must understand that this is somewhat complicated.

    What needs improvement?

    The product is excellent. As a product, there is nothing to complain about. However, they should improve their overall support.

    Let me provide an example. Assume you are in the United Kingdom, and you are also familiar with the cars in your neighborhood, and any manufacturer you have heard of. And let's say Forescout is one of the niche products, similar to Rolls-Royce. You know that Rolls-Royce is good, but you need some kind of information accessibility to use that.

    The comfort is good, and you can obviously drive it, but you need to understand all of the features. You need that level of knowledge, that level of information is clearly not available.

    First and foremost, that information is not accessible. 

    The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service.

    Things they should have told you ahead of time are that if you run into problems during the deployment, they will keep asking you to engage the product's professional services, which they will charge you for.

    And from the standpoint of support, they should be adaptable. When they are aware that customers have made significant investments in these expensive licenses. And it is expected that they will receive adequate assistance. That is where they are falling short.

    You own a Rolls-Royce, but you are having trouble making the most of its features and functions.

    For how long have I used the solution?

    I have been working with Forescout Platform for five or six years.

    I am working with the latest version.

    What do I think about the stability of the solution?

    Forescout Platform is a stable solution.

    If you do it correctly in terms of configuration and deployment. If you know the necessary prerequisites, yes it is very stable.

    What do I think about the scalability of the solution?

    The Forescout Platform is scalable.

    We are using it, and we have currently rolled out this solution to 55% of our organization.

    We have approximately 400,000 users.

    Which solution did I use previously and why did I switch?

    We also use Cisco ISE. I am working with the latest version which is version 3.1.

    What's my experience with pricing, setup cost, and licensing?

    It is expensive and there are extra costs for the support.

    The price depends on your environment. We do get a discount.

    It is expensive because you have to pay for their CSM, the customer's access manager, and their professional services on top of that, and they charge you roughly $400 per hour, which is overhead. I find it to be expensive.

    What other advice do I have?

    It is purely based on the use case. If they have any issues with OT or IoT, this is the best solution. Otherwise, they can rely on other products if they are a typical non-manufacturing or non-healthcare organization.

    ISE is also extremely expensive. They can look for anything cheaper than this. It is dependent on the use cases.

    Because IoT and OT products are widely used in healthcare and manufacturing, and Forescout is the best.

    I would rate Forescout Platform an eight out of ten. They mostly fail to provide support during and after deployment.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Forescout Platform
    September 2022
    Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
    633,572 professionals have used our research since 2012.
    Peter Gignac - PeerSpot reviewer
    Lead Technologist at Booz Allen Hamilton
    Real User
    Top 20
    Effective asset management, but user experience and technical support could be improved
    Pros and Cons
    • "It's one of the tools that has given the federal government visibility into network devices and everything."
    • "I believe that the overall user experience has not always been preferable."

    What is our primary use case?

    We use the Forescout Platform primarily for asset management.

    How has it helped my organization?

    The federal government's continuous diagnostics and mitigation programs are the focus of the current project I'm working on. 

    It's one of the tools that has given the federal government visibility into network devices and everything.

    What needs improvement?

    The most common complaint I hear about Forescout is about their technical support.

    Some sort of highly scalable platform, such as a private cloud, that can be distributed across a network quickly and grow rapidly, would be beneficial.

    I believe that the overall user experience has not always been preferable.

    For how long have I used the solution?

    I have been working with Forescout Platform since 2018.

    I haven't had enough direct experience with the current project to know, but I know the federal government has a variety of various stages of Forescout deployment, but I believe it's just different versions of the CounterACTs appliances and such.

    What do I think about the stability of the solution?

    It has a place in terms of stability. I believe Forescout is likely to compete with other NAC tools used by agencies, such as Cisco ISE and new EDR tools that are entering the market. I believe, will be considered. But, overall, the asset management, is effective.

    What do I think about the scalability of the solution?

    In terms of our deployment, it's basically just buying more CounterACT appliances whenever we need to scale up. It can be done, but it's not scalable in the way that a cloud deployment is, it's somewhere in the middle.

    We have a large number of users, in our organization. 

    It has been implemented in a large number of federal agencies, including the Departments of Health and Human Services, Agriculture, and the Treasury. It's quite large.

    I believe that the current state should be maintained. I don't believe there are any major plans to increase our usage. Maybe just upgrades or future license upgrades, or something like that.

    How are customer service and support?

    Technical support needs improvement. They are not very responsive to existing customers.

    My interactions with them have been satisfactory, but I've heard from federal agencies that they had difficulties because they brought it to us.

    Which solution did I use previously and why did I switch?

    When we arrived, Forescout was still in the process of being deployed. I don't believe they had the kind of capability that Forescout provides prior to our arrival. If anything, they had different NAC tools.

    How was the initial setup?

    Because of the way it is deployed, the initial setup was complex.

    I would rate the initial setup a three out of five.

    It took a long time to complete. It's a massive deployment, depending on the agency, it could take at least six months to get it up and running and collect the data we require. Some of it is still ongoing.

    What about the implementation team?

    To my knowledge, Forescout did the majority of the deployment.

    We are Forescout Platform integrators, consultants, and partners.

    Most agencies, I believe, have NAC engineers who manage it, and they most likely have training skillsets for it. I would say that most shops require two to three, three to four people to maintain.

    What was our ROI?

    In terms of ROI, I've never seen any data.

    What's my experience with pricing, setup cost, and licensing?

    I don't have pricing information.

    There are no additional costs that I am aware of.

    Which other solutions did I evaluate?

    They evaluated other solutions before choosing the Forescout Platform.

    What other advice do I have?

    Before you begin deploying it, I would suggest that you define how you intend to use it. Just have an end state in mind so that you can build towards it and ensure you have all the functions you need for the design in place. Whatever you want to do with the data that comes out of it, try to define it first.

    I would rate Forescout Platform a six out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer:
    Flag as inappropriate
    PeerSpot user
    Products & Solutions Manager Cyber Security | Forensics at a tech services company with 201-500 employees
    Consultant
    Top 20
    Implements well, and has and outstanding agentless visibility that is unmatched
    Pros and Cons
    • "The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done."
    • "As a user, if I am using a laptop that is Wi-Fi connected, Forescout identifies my port connectivity as one user license, and if I take that same laptop with the same username to a wired network, which is also the same network that is used for the Wi-Fi connection, Forescout detects it as a separate license."

    What is our primary use case?

    I am a freelance cybersecurity consultant. I provide and implement products for our clients.

    What is most valuable?

    Forescout Platform is a very good NAC solution.

    It's a very good product.

    The agentless visibility is definitely unmatched and outstanding. 

    The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done. 

    It is a good solution, Garner rated because their leadership quadrant position is responsible for their market.

    What needs improvement?

    As a user, if I am using a laptop that is Wi-Fi connected, Forescout identifies my port connectivity as one user license, and if I take that same laptop with the same username to a wired network, which is also the same network that is used for the Wi-Fi connection, Forescout detects it as a separate license.

    At times, I am working on wireless and sometimes I enter a zone where there is no wireless connection, which forces a land connection. This is an issue that needs to be resolved because it consumes another license for the same device and the same user.

    This issue has been escalated to Forscout directly.

    There was integration with Microsoft SCCM previously, and have suddenly stopped the open integration module for Microsoft. Customers are not aware of what is available to them in terms of the open integration module. 

    Forescout Platform advised that there are many options available and many things they can do, but they don't tell customers exactly what they are. 

    They need clear documentation and direction as to what the customer can expect from the open integration module. Customers need some clarity on what they can do and what is not possible to do.

    When it comes to a full open integration we need to rely on the professional services from Forescout directly, no one can implement it as there is a limited amount of knowledge available.

    They need to be more considerate, and there should be good documentation available to the customer.

    They need to improve their selling approach or the consultant approach.

    One of their use cases is an ITM use case, and ITSS asset management, but they don't really do ITSS management. They only detect the ITSS and all the parameters around that test, but they do not have any integration with any database system where they can store all these details and act like a typical ITSS management system. 

    They should remove that use case in full. They should say that we complement your ITSS management by detecting the unknown assets in your network. This would be right.

    For how long have I used the solution?

    I have been familiar with the Forescout Platform for more than four years.

    How are customer service and technical support?

    In terms of technical support, their engineering team is very rigid. They must provide us with some clear answers and if they exceed the time it takes to resolve the issue, they will charge for that extra time. For example, if they go one day more, they will charge for that extra day.

    How was the initial setup?

    We have completed significant deployments which are more than 4,000 endpoints. There was a complex network architecture.

    All of the implementations have gone very well and the customers are satisfied.

    What's my experience with pricing, setup cost, and licensing?

    They base the license on the number of devices, which is quite misleading. If I am one user, it should be based on that rather than how many devices I use with the same user name. 

    To base it on the number of devices it can reduce one more license from my overall license allotment. It can result in four or five licenses for one user.

    What other advice do I have?

    I was a partner of the company who was a Forescout Platform partner and I was responsible for bringing in Forescout, and establishing the service line for the Forescout Platform sales, pre-sales, and the implementation, but I am no longer with that company.

    I would rate Forescout Platform an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Senior Manager Network Design at a tech services company with 501-1,000 employees
    Real User
    Top 5Leaderboard
    Easy deployment, good support, and highly scalable
    Pros and Cons
    • "The stability is amazing for the Forescout Platform. We have been using Forescout for four years, and no one complained about the stability."
    • "Two things can be improved in the Forescout Platform. First of all, the support for some certain proprietary protocols from other vendors, but they are very widely used. If the TechEx from Cisco, was added to Forescout, then it will be a full solution for me."

    What is our primary use case?

    Forescout Platform can be deployed on the cloud or on-premise.

    When we have a large enterprise environment with a lot of users, different security policies are to be applied in certain situations and locations. This is where the Forescout Platform is used. If we have some compliance requirements to have the NAC solution in place, we prefer the Forescout Platform over other solutions.

    What needs improvement?

    Two things can be improved in the Forescout Platform. First of all, the support for some certain proprietary protocols from other vendors, but they are very widely used. If the TechEx from Cisco, was added to Forescout, then it will be a full solution for me. 

    Forescout Platform can be much improved. The support for certain proprietary protocols from other vendors, but they are very widely used. If I can go a little bit technical here, I would say the TechEx from Cisco, if added to Forescout, then it will be a full solution for me. Additionally, the Forescout Platform can have better integration with other solutions, such as Cisco NFG firewalls. They need to integrate seamlessly.

    For how long have I used the solution?

    I have been using the Forescout Platform for four years.

    What do I think about the stability of the solution?

    The stability is amazing for the Forescout Platform. We have been using Forescout for four years, and no one complained about the stability.

    What do I think about the scalability of the solution?

    The scalability of the Forescout Platformall depends on the license. For example, if you have a certain amount of users, endpoints, and anything else you need to put under governance. If you scale out to a higher number, all you need to do is increase the license.

    We have five customers and a total endpoints users of approximately 15,000.

    How are customer service and support?

    The support from the vendor we have received was good.

    How was the initial setup?

    The initial setup is straightforward. We had to implement the solution in a short timeframe and we managed to do it in one month as a managed service.

    Forescout Platform is easy to deploy. It's the fastest NAC solution that you can deploy in a large environment. There is the opportunity to improve as you go. It can be the first deployment, and you can improve as you go without any big disturbance to the environment. It's very flexible when it comes to implementing a certain security policy. You can have very complex security policies for the Forescout Platform. It makes the deployment much easier than others.

    What about the implementation team?

    The deployment for the Forescout Platform takes two to three engineers. However, it depends on the size of the environment. The integration or the co-operation should happen with a lot of other teams. The main deployment team for the solution is from two to three persons.

    What's my experience with pricing, setup cost, and licensing?

    We have a very clear licensing model for business. I don't have to have a Ph.D. to be able to understand the licensing model as you might need for other solutions. If I know exactly what we want, it can tell you which license you need. The solution is easy for purchasing, ordering, and ease of deployment as well.

    As a managed service provider and system integrator, we are on an annual licensing model.

    What other advice do I have?

    I highly recommend Forescout Platform, unless, there is a need to integrate with any Cisco TechEx environment. For other use cases, it should be the first choice as a NAC solution. It should come as the first option, with one exception only, if the environment has a lot of Cisco devices. The Forescout Platform does not support authentication to Cisco devices. There is a lack of some protocols on the box itself.

    I rate Forescout Platforma nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Consultant at a tech services company with 51-200 employees
    Consultant
    Mainly for visibility and control and integrates with various firewalls and other system security solutions, but OT side is still being developed
    Pros and Cons
    • "Within three or four days, we have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."
    • "When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with."

    What is our primary use case?

    The use case is for a compliance check for the users who get into your organization. We identify the host for Windows PC, Mac, Linux, and servers. These are some of the use cases for user control and policy management. Some of the other use cases are to kill some applications and peer-to-peer applications. It's mainly for visibility and control, and we also integrate with various firewalls and other system security solutions. For example, LogRhythm, Splunk, Qreader, McAfee Orchestrator, and Trend Micro.

    I work on multiple technologies and security technology. The solution is deployed on-premise. We don't use it for our own company. We are the system integrators and we deploy for various customers across the region we work with and we deploy most of the verticals.

    What is most valuable?

    This is far better than any other Mac solution. Within three or four days, we have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly.

    What needs improvement?

    When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with.

    They already support some 63,000 plus vendor models. They are also upgrading it, and they have two million plus devices in a single deployment. Maybe there are some legacy tools with support. I know they're working very hard on the OT infrastructure and OT side of integration, but I'm not into OT side.

    For how long have I used the solution?

    I have been using this solution for three years.

    What do I think about the stability of the solution?

    I don't see any issue with stability. I'm not hearing from any customers who are reporting any issues about stability. They are mostly looking for compliance and operation security.

    What do I think about the scalability of the solution?

    The solution is absolutely scalable.

    How are customer service and support?

    Technical support is good. I don't see any issues. The type of support you get depends on the contract that you sign. They're timely and the support is good.

    How was the initial setup?

    The amount of time it takes for deployment depends on how many branches you have, whether it's a central deployment or a hybrid. It depends on how you want to use the solution. It varies but if it is only central deployment for a couple of branches, we can do it in a minimum of one month.

    The number of people it takes for deployment just depends. One engineer can do it, but you also need support from the customer. You should have very good system administrators, or some network engineers to support you in terms of various authentication integrations. There should be a minimum of one from the deployment side, two from the customer side.

    What other advice do I have?

    I would rate this solution 7 out of 10. I'm not sure about the OT side, but the visibility, control, orchestration, dashboard, and reporting are all good.

    My advice is that you really need to understand the prerequisites of the use cases if you want to deploy the solution. You should also understand what kind of services they should open and the security rules—a firewall. They should have a clear understanding of how it is being designed and the architecture. If you know, it's easy for deployment, otherwise you will get stuck.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Senior Advisor/Architect at a consultancy with 51-200 employees
    Real User
    Top 20
    Very flexible with a great discovery mode feature
    Pros and Cons
    • "Provides a good overview of all devices on a network."
    • "Can be expensive if it's only being used for one feature."

    What is our primary use case?

    Our primary use case of this solution was to control which of our devices were connected to the network. I'm a senior architect advisor. We were customers of Forescout. 

    How has it helped my organization?

    As a result of using Forescout, we had a better overview of all the devices, known and unknown, that were connected to our network; it was a real advantage.

    What is most valuable?

    A very valuable feature is the discovery mode. It covers all types of devices on the network, which we didn't know existed.

    What needs improvement?

    I don't think we tested the full potential of Forescout. We had some delay implementing it into our organization, due internal organizational issues and also due to a lack of device registrations. Meanwhile we decided to switch to a new network provider that doesn't have Forescout in its portfolio. We favour one-stop shopping for network and security services, and will migrate to Aruba ClearPass (portfolio). 

    For how long have I used the solution?

    I used this solution for the past year. 

    What do I think about the stability of the solution?

    The solution is stable. 

    What do I think about the scalability of the solution?

    The product seems to be scalable although we didn't fully test it. 

    How was the initial setup?

    I think the initial setup was fairly straightforward although I was not involved on a technical level. We had the advantage that the technical engineers knew our networks and how to carry out the implementation and we also had some assistance from British Telecom. We initially focused on our main plant or main location, and then moved to our other locations, which are far smaller, and have a lower risk profile. That was our strategy and implementation took around nine months after the initial implementation which took about a week. At that point, we realized there were more devices than we thought and the process became more complicated. It took a while to get a handle on everything. There were just a couple of us involved in deployment. 

    What was our ROI?

    This product demonstrates the possibilities of network access control for the organization. As a pilot project, it changed the minds of people because they could see the potential which included enrolling policies so that all devices can connect to the network. People are more aware now of the security risks when there is no network access control.

    What's my experience with pricing, setup cost, and licensing?

    Forescout is affordable in terms of the end goal, which is control. We only looked at it in terms of discovery modes and I think it's too expensive to use for that purpose alone. We took a package, managed by British Telecom, which gave us some additional services without additional costs. 

    Which other solutions did I evaluate?

    We evaluated a couple of options. We first planned to use Radius which is more of a Microsoft-ended solution. We also looked at Cisco ISE but that's very expensive and I've seen reviews on your site about the difficulty of implementation. 

    What other advice do I have?

    I would recommend this solution because it has a lot of different ways of discovering different devices and showing networks. It's very flexible. I believe the reason we didn't reach our goal is because of our company decisions and not because of the solution. 

    I rate this solution eight out of 10. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Senthil_Kumar - PeerSpot reviewer
    Assistant Manager at Hyundai Motor India Ltd
    Real User
    Helpful support, comprehensive, and simple configuration
    Pros and Cons
    • "Forescout Platform's most valuable features are that it is very granular. We are able to cull out a lot of information about our particular device or endpoint. The configuration and the visibility are very seamless. Overall the solution is very easy to handle and it's very comprehensive."
    • "Initially, the implementation of the Forescout Platform took some time to figure out. The reason is we are a manufacturing unit and we have certain silos that are insulated areas where certain systems will not connect to the internet or to the LAN. Since there are many parts of it, we have to have an inclusive view of all those systems. It took a while for us to initially implement, but after a few months, everything worked well."

    What is most valuable?

    Forescout Platform's most valuable features are that it is very granular. We are able to cull out a lot of information about our particular device or endpoint. The configuration and the visibility are very seamless. Overall the solution is very easy to handle and it's very comprehensive.

    We have visibility of all the hidden assets and there are various versions of implementations of an AV in our environment. From the Forescout Platform, we have clarity of the device, and all the different versions reported in a simple dashboard. The number of attacks has been minimal. After this installation, we didn't have any kind of noticeable incident.

    For how long have I used the solution?

    I have been using the Forescout Platform for approximately one year.

    What do I think about the stability of the solution?

    The solution is very stable.

    What do I think about the scalability of the solution?

    Forescout Platform is scalable.

    We have approximately 4,000 people using the solution in my organization.

    How are customer service and support?

    We have used the support and it has been good. However, sometimes we have missed them because of the timezone difference.

    I rate the support from Forescout Platform a four out of five.

    Which solution did I use previously and why did I switch?

    We have previously used Symantec Mac. We switched to the Forescout Platform because Symantec has certain inhibitions. Symantec doesn't have an agentless implementation and they don't have a roadmap.

    I have done many POCs with many similar solutions, such as Aruba ClearPass and Cisco ISE.

    The implementation of Aruba ClearPass was very difficult. When we tried other solutions, the initial learning is difficult and takes a lot of time. Forescout Platform has been straightforward to use.

    Cisco ISE has a very difficult integration for us.

    How was the initial setup?

    Initially, the implementation of the Forescout Platform took some time to figure out. The reason is we are a manufacturing unit and we have certain silos that are insulated areas where certain systems will not connect to the internet or to the LAN. Since there are many parts of it, we have to have an inclusive view of all those systems. It took a while for us to initially implement, but after a few months, everything worked well.

    What about the implementation team?

    We have a help desk team for support of this solution. We have a few security people to handle it.  We don't require that much of people for maintenance.

    What's my experience with pricing, setup cost, and licensing?

    The price of the solution is reasonable. We have paid for the license for five years. We have integration with Symantec AV for orchestration, and we have an additional license.

    What other advice do I have?

    My advice to others is Forescout Platform is a good solution. It's fairly simple to deploy in an environment, far better than the other products in which we have done a POC, has good stability and performance. 

    I highly recommend it.

    I rate Forescout Platform a ten out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partners
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Forescout Platform Report and get advice and tips from experienced pros sharing their opinions.
    Updated: September 2022
    Buyer's Guide
    Download our free Forescout Platform Report and get advice and tips from experienced pros sharing their opinions.