Forescout Platform Reviews

The main feature, the NAC engine, is very flexible since ForeScout CounterACT doesn’t need the use of 802.1x and can work with almost all switch vendors.

Since my company is a systems integrator, we have ForeScout CounterACT in our lab just to test or troubleshoot customer configurations.

There isn’t a specific area to improve. It’s a good product from my point of view. Maybe the licensing and cost can be improved.

No issues with deployment.

Haven't had issues with stability.

Haven't had to scale it.

Maybe test the configuration very well before enabling actions (like VLAN moving, Captive Portal), because they can cause many problems in production environments if there are configuration mistakes.

This product provided a really good effect in terms of network access control. With the ForeScout NAC, distinguishing guests and corporate staff was easier.

This was very easy to achieve since the product integrates really well with Active Directory and the NMAP feature discovers all endpoints within the network.

With the use of the NAC solution from ForeScout, the company was able to defend against unauthorized access to the network, thereby thoroughly distinguishing who is a Corporate user and who is a Guest. Process for Guest Registration (if implemented properly) was also easy.

Detection and control of Dual-Homed devices needs to be improved, as the product sometimes gives false positives. Also, more custom policies should be made available.

I used this solution for 14 months.

There were issues of false positives whenever a new hotfix was installed even with the GA release. There was actually an issue where an upgrade to a new version of the hotfix plugin increased the CPU optimization and network bandwidth usage.

ForeScout is scalable since a management device is available to manage other CT boxes.

Technical support from ForeScout is pretty good, with escalations made promptly when needed.

No previous solution.

The initial setup was straightforward, as the steps were simple to understand. It only got complex when creating policies that are not simple.

I worked for a vendor team, and for any client ready to implement this product, I would recommend that the necessary requirements for deployment should be done before the team arrives to start implementation. This makes deployment less stressful.

No other options were evaluated.

If you are looking for a NAC solution which works without the use of agents, I would say ForeScout is the one to go for.

• Rogue detection and blocking
• Guest registration
• Full visibility of network hosts
• Threat protection

We are provided with real-time visibility and control of devices accessing our network.

• Reduce false positives
• Reduce bugs
• Improve on host classification
• Increase the Nigerian partner base

We've been using it for over two years.

No major issues.

No major issues.

No major issues.

It's good, but certainly it needs improvement especially on the side of the partners.

Initial setup was straightforward. All it required was to integrate traffic sniffing/monitoring and management ports into our core switch, and instruct the core switch to mirror every traffic to the device through the sniffing port. The rest was simply to define all our network segments on the device and integrate all access switches via SNMP.

We implemented it through ForeScout's only Nigerian partner, and this is what I would advise everyone interested in the solution to do.

It is quite expensive, but there are specs for small companies as well.

Cisco ISE was also evaluated, but the CT10000 was easier to implement and integrate into our environment.

You can go ahead, but you will need good network skills to get the maximum benefits from it.

I would also advise that you don't activate all the add-on features, but use it solely for its primary function - visibility and rogue detection/blocking.

Endpoint visibility, policy flexibility, compatibility and integration with other products.

Automation! One broad example is that we can now stop network threats right away and without intervention.

Forescout is constantly adding new features, so this may change as of this writing, but sometimes the switch management interface doesn't display accurate information which relates to false positives on individual switch access errors.

1 year

None that were Forescout related. CounterACT always opens a bunch of little IP sessions with endpoints, ake sure you have a large enough connection table on your firewall if you plan to put it behind one.

Minor. Had to reinstall one virtual appliance, which is painless when you have an Enterprise Manager.

No, this is one of the products strengths.

10 out of 10. Very responsive and address concerns quickly.

9 out of 10. Really fast response, high level of competency.

I switched from Cisco NAC because it is reliant on 802.1X, and has no other function than to ensure endpoints have authenticated via your method of choice.

Straightforward. Setup is simple with a solid, pre-defined set of policies that you build on and customize as you learn.

In house.

Without access specific numbers, we now have the ability to instantly shut down internal malicious hosts or traffic, refuse or restrict access to non-compliant hosts, discover risks on the network we didn't know were there, and automate the remediation of a multitude of security risks. As I work for an organization that spends a lot on security administration, at a minimum, the cost savings must have already paid for the product.

Palo Alto

Make sure to plan for all endpoints. If you want full coverage of your networks, account for anything that has an IP address. For example, a busy core switch can have 20+ IP addresses, and each one goes against your license count. Also, if you plan to have it behind a firewall, take into consideration your firewall's connection limitations. Although CounterACT isn't really a heavy bandwidth user, it does open a ton of short connections on a constant basis. The more you tune these down, the less accurate your real time host information becomes.

We use this solution to implement compliance on our client's systems and prevent access from outside the organization.

The virtual firewall available on this solution is great and assists us in securing our servers. Additionally, the threat prevention feature provides complete visibility. It is very helpful in detecting, blocking and monitoring heavy scanning on the system.

The security features can be improved because we use it for sensitive information, such as compliance. Additionally, the system controls could be better.

We have been using this solution for approximately one year.

The solution is stable and provides real-time monitoring for users, switches and other available features.

The solution is scalable. We recommend it for all companies. It can be installed in enterprise, and we currently have it for over 4000 users.

The initial setup was easy to integrate with the customer's environment. It doesn't have any downtime. I rate the setup process an eight out of ten.

We implemented this solution through an in-house team.

I don't have details on the licensing costs or pricing because it changes frequently, and a different department deals with it.

I rate this solution an eight out of ten. The solution is good, but the systems control and security features could be better.