PeerSpot user
Senior Security Engineer with 51-200 employees
Vendor
Download
The NAC engine is flexible since it doesn’t need the use of 802.1x. We use the solution to test or troubleshoot customer configurations.

What is most valuable?

The main feature, the NAC engine, is very flexible since ForeScout CounterACT doesn’t need the use of 802.1x and can work with almost all switch vendors.

How has it helped my organization?

Since my company is a systems integrator, we have ForeScout CounterACT in our lab just to test or troubleshoot customer configurations.

What needs improvement?

There isn’t a specific area to improve. It’s a good product from my point of view. Maybe the licensing and cost can be improved.

What was my experience with deployment of the solution?

No issues with deployment.

Buyer's Guide
Forescout Platform
April 2024
Free Report: Forescout Platform Reviews and More
Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
DOWNLOAD NOW
768,857 professionals have used our research since 2012.

What do I think about the stability of the solution?

Haven't had issues with stability.

What do I think about the scalability of the solution?

Haven't had to scale it.

What other advice do I have?

Maybe test the configuration very well before enabling actions (like VLAN moving, Captive Portal), because they can cause many problems in production environments if there are configuration mistakes.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
it_user400680 - PeerSpot reviewer
VP IT Security at a financial services firm with 501-1,000 employees
Vendor
Download
The most valuable feature for us is the visibility into all connected devices.
Pros and Cons
  • "The plugins are very robust -- the ability scanner, patch management system, and SQL integrator."
  • "The initial setup was complex."

What is most valuable?

The most valuable feature for us is the visibility into all connected devices. Also, the plugins are very robust -- the ability scanner, patch management system, and SQL integrator.

How has it helped my organization?

You can query a lot of information from the connected device, including their compliance statuses.

What was my experience with deployment of the solution?

We've had no issues with deployment.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

There have been no issues with scaling it.

How was the initial setup?

The initial setup was complex, but that was due to the nature of the network architecture.

Which other solutions did I evaluate?

We didn't look for other solutions.

What other advice do I have?

Have a clear understanding and document the network architecture before you deploy it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Forescout Platform
April 2024
Free Report: Forescout Platform Reviews and More
Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
DOWNLOAD NOW
768,857 professionals have used our research since 2012.
PeerSpot user
Information Security Manager at a legal firm with 1,001-5,000 employees
Vendor
Download
The most valuable feature for us is the real-time alerting of newly connected devices. The reporting could be a bit more intuitive and user friendly.

What is most valuable?

The most valuable feature for us is the real-time alerting of newly connected devices, whether they are approved or unapproved devices on our network.

How has it helped my organization?

Since our implementation of CounterACT, it has kept us aware of unapproved devices attempting to connect to our network which pose security threats.

What needs improvement?

The reporting could be a bit more intuitive and user friendly.

For how long have I used the solution?

I have used CounterACT for two years.

What was my experience with deployment of the solution?

There were many issues with deployment, but these were largely due to our own network architecture issues.

What do I think about the stability of the solution?

There were many issues with stability, but these were largely due to our own network architecture issues.

What do I think about the scalability of the solution?

There were many issues with scalability, but these were largely due to our own network architecture issues.

How are customer service and technical support?

I'd rate ForeScout's technical support as fair-to-good.

Which solution did I use previously and why did I switch?

We did not have a previous NAC solution in place prior to CounterACT.

How was the initial setup?

The initial setup was complex.

What about the implementation team?

We used a vendor team for the implementation.

What other advice do I have?

Do your homework ahead of time. Ensure that you have up-to-date network maps and that understand your network's architecture.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
it_user381450 - PeerSpot reviewer
Information Security Architect at a financial services firm with 1,001-5,000 employees
Vendor
Download
The most valuable features for us include antivirus compliance monitoring and guest management.

Valuable Features

  • Guest management
  • Antivirus compliance monitoring
  • USB connection management

Improvements to My Organization

The bank has been able to manage host connection on the network, manage antivirus, and restrict the use of USB on the bank’s systems.

Room for Improvement

The patch management ability of the solution needs to be re-examined.

Use of Solution

We've used it for five years.

Deployment Issues

There have been no issues with the deployment.

Stability Issues

There have been no issues with the stability.

Scalability Issues

There have been no issues with scaling it.

Customer Service and Technical Support

Customer Service:

Customer service is above average.

Technical Support:

Technical support is above average.

Initial Setup

It's straightforward to set up.

Implementation Team

We used a vendor team alongside an in-house one.

ROI

The ROI is commensurate with the price.

Pricing, Setup Cost and Licensing

The product is expensive.

Other Advice

To get the best out of the solution, the organization’s networks team must be willing to take ownership and provide assistance where required. Use tools like Gigamon during deployment and avoid spanning directly from Cisco switches.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
it_user342609 - PeerSpot reviewer
Network and Security Engineer at a financial services firm with 1,001-5,000 employees
Vendor
Download
It provides us with real-time visibility and control of devices accessing our network, although false positives should be reduced.

Valuable Features

  • Rogue detection and blocking
  • Guest registration
  • Full visibility of network hosts
  • Threat protection

Improvements to My Organization

We are provided with real-time visibility and control of devices accessing our network.

Room for Improvement

  • Reduce false positives
  • Reduce bugs
  • Improve on host classification
  • Increase the Nigerian partner base

Use of Solution

We've been using it for over two years.

Deployment Issues

No major issues.

Stability Issues

No major issues.

Scalability Issues

No major issues.

Customer Service and Technical Support

It's good, but certainly it needs improvement especially on the side of the partners.

Initial Setup

Initial setup was straightforward. All it required was to integrate traffic sniffing/monitoring and management ports into our core switch, and instruct the core switch to mirror every traffic to the device through the sniffing port. The rest was simply to define all our network segments on the device and integrate all access switches via SNMP.

Implementation Team

We implemented it through ForeScout's only Nigerian partner, and this is what I would advise everyone interested in the solution to do.

Pricing, Setup Cost and Licensing

It is quite expensive, but there are specs for small companies as well.

Other Solutions Considered

Cisco ISE was also evaluated, but the CT10000 was easier to implement and integrate into our environment.

Other Advice

You can go ahead, but you will need good network skills to get the maximum benefits from it.

I would also advise that you don't activate all the add-on features, but use it solely for its primary function - visibility and rogue detection/blocking.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
it_user371547 - PeerSpot reviewer
it_user371547CEO at a consultancy with 51-200 employees
Consultant
Report as inappropriate

Thanks :).. your points are well noted and taken.. i know who you are but i wanna keep it anonymous and i wish you the best in your new place..

Like(0)Reply
Buyer's Guide
Download our free Forescout Platform Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2024
DOWNLOAD NOW
Buyer's Guide
Download our free Forescout Platform Report and get advice and tips from experienced pros sharing their opinions.
Buyer's Guide
Forescout Platform
April 2024
DOWNLOAD NOW
Quick Links
Learn More: Questions: