Forescout Platform Reviews

We've been able to use the solution for a couple of tasks including using it to monitor for anti-virus compliance. We also use it to monitor the health of the security history of our endpoints.

It's a great solution. We use it for the internet here and it's been helpful. It's a great product for our Mac PCs and we can implement it to both our wireless and our wired network.

It's very quick.

The compliance aspects of the solution are excellent and one of the solution's best features. It helps us maintain the compliance of our endpoints.

In terms of physical tools, we are very satisfied.

In our organization, the solution provides us with a sound perimeter. 

The user interface is quite simple.

The version we're currently on, 8.6, has a lot more plugins than past versions. Now you can plug in anything you want. It helps us to utilize the product more fully.

There's always room for improvement for the solution. Off the top of my head, I really can't determine anything that is lacking right now. Basically there is no room for improvement that I can describe.

The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup.

The solution has very good uptime, and we have had no issues at all in terms of stability.

We didn't have any issues with the ForeScout scalability. So far, we've agreed with the pricing required for both the hardware and the software. 

We haven't been in touch with technical support, so I can't speak to their level of service and how they interact with clients.

The solution is not that simple, however, it's not complex, either. It's a solution that does so much it needs a bit of understanding to properly use it. Once team members go for basic training, they should be able to handle it. The basic training will also give team members a networking background to be able to master the solution. It's not very difficult, but a person will have to be a bit technical.

I'd advise companies to ensure their teams are well trained in ForeScout before starting implementation of any kind. Those setting up and using the solution should have a basic background in networking. If users are comfortable with configuring, they can create processes for the environment. That way, it will be deployed properly.

Teams should also test the solution first before they launch so there won't be any surprises. If they need to make changes, they need to manage the process properly.

I'd rate the solution nine out of ten. If it was a bit less complex, I'd give it perfect marks.

We needed this solution in order to block rogue devices (laptops, phones, etc) and block external devices.

ForeScout has given us the ability to block unwanted devices.

The most valuable feature is the blocking of USB devices.

The ability to block external devices in Mac is lacking and needs to be added.

We have been using ForeScout CounterACT for three years.

We use this solution for Network Access Control to prevent rogue devices connecting into the network.

This product allows monitoring and control of the PC fleet across the company.

The most valuable features are remote access and administration scripts.

We experienced some detection issues when checking compliance for the Sophos agent.

• Immediate relocation of network devices to segregated "Vendor" network based on autonomous analysis. Prevents scanning, malware spread, corporate asset (i.e. printer) misuse, and reconnaissance on our network by third-party devices. Allows us to block VPN from our corporate network but still allow Vendors to establish them.
• Better information provided by Level 1 support (helpdesk) regarding asset information as we provide them with R/O access to the tool
• Visitor policy communication & acceptance

• Network Access Control, its core use
• Asset Intelligence for deskside
• "What port is it plugged into" intelligence for deskside
• Patch-level Auditing
• Emergency response, risk assessment information to get a view of the vulnerability
• "What PC is a user on" for helpdesk/IT security/deskside
• Forces PEN Testers to request permission to exist on your network

• JAVA Memory management - leaving the app running for multiple days requires relaunch
• Search - needs boolean functionality (or psudeau operand now working)

Stability has been good.

• It is very scalable, allowing additional strategic appliances as required in either physical or VM format.
• We control >400 field sites, two Oilsands mines, multiple remote platform locations, 2 Canadian Metro offices and 1 UK office with 4 appliances centrally located.

Customer Service:

It's excellent! 

Technical Support:

It's excellent!

No previous solution was used.

It was straightforward, although I recommend having a strong relationship with network-asset owners to ensure SNMP rights are looked after.

We used a vendor, Conexsys (Graham Cheng & Jerry G), who were excellent.

Forescout's flex licensing has made our deployment more agile and helps us adapt our environment without buying more hardware.  

Under their old model, licensing was tied to 4k and 10k appliances which strained under the new v7 and v8 Forescout OS when nearing their designed capacity.  To acquire a new appliance, physical or virtual, meant buying licensing for that size of appliance.

Under the new flex licensing model, we've been able to deploy VM appliances, responsible for host interrogation and management, while retaining our physical appliances for SNMP switch management, and span aggregation.  

Under the flex licencing model, we've deployed to our ICS segments, and are deploying VMs to our DCS environment, allowing for full visibility under one 'pane of glass' of nearly every host on our network.

Ensure you consider everything you want to monitor that has an IP. Devices with multiple IP's count multiple times against your license count.

This was chosen without hands-on evaluation based on reviews and industry feedback.

If you have distributed services (DHCP), strategically ensure you generate reliable traffic to establish timely inspections. We've avoided the use of traps by centralizing our DHCP at HQ, but it causes black holes during inspection schedules in case of a static device being plugged in.

The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment.

I can create granular policies. This is amazing. I really appreciate the granularity to create policies.

They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment.

The interface of this solution and the integration part needs improvement. The difference between the 7th and the 8th version is the dashboard. They should improve it. 

We never had a problem with this product. It has worked very well.

It's very simple to scale and to implement more devices and licenses. It's easy to grow.

We haven't had to use their technical support. 

We switched because ForeScout is the best tool for Mac. 

The initial setup was very easy, very simple to deploy. We didn't have problems or difficulties with the implementation.

We also looked at Fortinet. 

I would rate this solution an eight out of ten because it's the best solution. 

I would advise someone considering this or a similar solution to make sure that the solution works with a lot of vendors. Choose a product that doesn't change your environment.

Primarily used to define which host to admit onto the network, by tying a policy to the MAC address.

Identifying issues on why some hosts are not on the network, and assisting with possible remediation options.

• SNMP Traps on switches
• Getting the MAC address of the host from the ARP table of the switch and applying policy.

• Battled with the use of SNMP v1 instead of v2c
• Direct web interface rather than installation of a client.

Obtaining visibility into the network and connected devices is very simple with this tool. It takes me three minutes to do a base deployment when all the parameters are available.

The reporting for audits start with the knowledge of the devices in the network and the services running on them. ForeScout provides the foundation for the needed information.

Using passive and active methods to learn about the network. Even hybrid parts, like production, can be discovered with the passive method, while the office LAN can be discovered with both.

Multitenancy should be included in the next version so it could be used as a managed service provider.

The most valuable feature for us is the visibility into all connected devices. Also, the plugins are very robust -- the ability scanner, patch management system, and SQL integrator.

You can query a lot of information from the connected device, including their compliance statuses.

We've had no issues with deployment.

It's a stable solution.

There have been no issues with scaling it.

The initial setup was complex, but that was due to the nature of the network architecture.

We didn't look for other solutions.

Have a clear understanding and document the network architecture before you deploy it.