IT Central Station is now PeerSpot: Here's why

Forescout Platform OverviewUNIXBusinessApplication

Forescout Platform is #1 ranked solution in top IoT Security tools, #3 ranked solution in top Network Access Control (NAC) tools, and #5 ranked solution in top Endpoint Compliance tools. PeerSpot users give Forescout Platform an average rating of 8.4 out of 10. Forescout Platform is most commonly compared to Cisco ISE (Identity Services Engine): Forescout Platform vs Cisco ISE (Identity Services Engine). Forescout Platform is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 21% of all views.
Forescout Platform Buyer's Guide

Download the Forescout Platform Buyer's Guide including reviews and more. Updated: August 2022

What is Forescout Platform?

ForeScout Platform provides today’s busy enterprise organizations with policy and protocol management, workflow coordination, streamlining, and complete device and infrastructure visibility to improve overall network security. The solution also provides concise real-time intelligence of all devices and users on the network. Policy and protocols are delineated using gathered intelligence to facilitate the appropriate levels of remediation, compliance, network access, and all service operations. Forescout Platform is very flexible, integrates well with most of today’s leading network security products, and is a very cost-effective solution.

ForeScout Platform Features

  • Real-time complete visibility: With ForeScout eyeSight, each and every device is classified when any attempt to access your network has been made. This includes - but is not limited to - desktops, laptops, android devices, virtual machines, switches, VoIP phones, USB memory sticks, webcams, IoT devices, and more.

  • Policy-based and manual controls: In today’s busy robust environment, networks are continually changing; there are different types and amounts of devices connected, various software applications, network compliance requirements, and the constant potential for risk make managing an IT network a very daunting challenge. The ForeScout Console is used to simplify the administration and management of important alerts, remediation, and access controls to keep the network secure.

  • Intuitive real-time dashboards: ForeScout Dashboards, a component of ForeScout WebClient, is a comprehensive web-based intelligence center that gives full visibility and real-time insight of the complete network using both out-of-the-box and user-created widgets. The dashboards are very intuitive and deliver robust, easy-to-understand information about device visibility, compliance, health monitoring, and more.

  • Advanced reporting capabilities: The ForeScout Reports Plugin will generate numerous valuable reports indicating real-time and overall status information about endpoint compliance, device details, networks guests, protocols, and more. The reports help to ensure IT administrators, executives, security teams, and other important shareholders stay well-informed about all network activity at all times.

  • Comprehensive third-party overview: ForeScout eyeExtend facilitates seamless information sharing with third-party vendors, networks, and IT management solutions supporting improved automated workflows, productivity, cost-effectiveness, and overall security.

Real User Reviews

An important main feature of ForeScout is the visibility the solution offers.

One reviewer who is a Consultant at a tech services company, says, "Within three or four days, you can have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."

Users also appreciate that the user interface is clear and easy to understand.

An Instructor at a tech services company, shares, "The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."

Forescout Platform was previously known as Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT.

Forescout Platform Customers

NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust

Forescout Platform Video

Archived Forescout Platform Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Product Manager - IT Security at a tech services company with 11-50 employees
Real User
You can configure granular controls just as you want those policies to be implemented
Pros and Cons
  • "Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it."
  • "I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy."

What is our primary use case?

Our primary use case is for device compliance and access control.

What is most valuable?

Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it. 

The pricing, technical support, stability, scalability, initial set up, interface, dashboards, management, and monitoring are fantastic. They are excellent. 

The licensing of the solution is pretty simple. The process of deploying the solution is pretty straightforward. The dashboard, in terms of monitoring and management, is pretty simple. Maybe because I have a very robust technological background is why I don't struggle with these things. In terms of management, deployment, and support, although I really don't require their support, so far, so good.

What needs improvement?

Truth be told, I'm good with it. I'm yet to have something with the solution that I don't feel comfortable with. It's fine. I've not seen a cause or a reason why I should want something to be changed, but that doesn't take out the fact that there's always room for improvement. What I would love to see is a situation where my Forescout can integrate with different security technologies. Where it can share contextual information bidirectionally. I had written to Forescout about this and they told me they have that functionality already. So I think that settles it. They can share device context with the security technology and that technology can also be shared with Forescout. To build a form of connective strategy towards security. They have a dedicated module for the security technology I'm concerned about.

But with that software, I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy I talked about. So far, it's good. It meets my requirements that I had concern about.

For how long have I used the solution?

I have been using Forescout Platform for one year.

Buyer's Guide
Forescout Platform
August 2022
Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
621,593 professionals have used our research since 2012.

What do I think about the scalability of the solution?

In terms of scalability, my deployment architecture is central, so it scales with respect to the number of devices I have to add to my network. The licensing is based on the number of devices you have currently with regards to the future growth in the number of connected devices to your IT network or to your IT infrastructure. That gives you room to scale. So if I know that in the next two years, I would have an additional 50 or 100 users connecting to my network, either directly or remotely, I go for an appliance that accommodates that growth. Which is what I currently have.

So there's room to scale. Then the licensing is based on the number of devices you have currently. So if I have more devices come to my network, I can just acquire more licenses to take care of them. So I think that's fine.

How are customer service and support?

I've been very conversant with the technology for areas where I've experienced some challenges and I had to fix it up myself, but it's straightforward.

In terms of support, I've had to reach out to technical support. He was readily available and we made progress. So support is also good. My experience so far has been good. That's why I told you earlier that it's difficult for me to really point to somewhere where I could make an improvement.

What other advice do I have?

On a scale of one to ten I would give Forescout Platform a nine.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Odai Halawani - PeerSpot reviewer
Sr. Security Engineer at Topvision
Real User
Easy to scale, simplifies device configuration, and the interface makes it easy to use
Pros and Cons
  • "The interface is easy to use."
  • "Although Forescout manages endpoints and network devices, there is no capability for user management."

What is our primary use case?

We use the Forescout Platform to manage all of the devices connected to our network.

What is most valuable?

The interface is easy to use.

The 802.1X configuration, which is difficult for all switches, is not required. It makes it easier to work with switches and IoT devices.

What needs improvement?

Forescout Platform is too expensive, so the price should be reduced.

Although Forescout manages endpoints and network devices, there is no capability for user management. This is something that should be added. For example, if I find that something is wrong in the services and need to disable a user's access, there should be no need to go to Active Directory and disable the user there. As it is now, computers and devices can be disabled, but not users.

For how long have I used the solution?

I have been using Forescout for one year and am preparing to get my certificate.

What do I think about the stability of the solution?

This is a stable solution.

What do I think about the scalability of the solution?

The Forescout Platform is easy to scale. We have more than 200,000 endpoints and at least 150,000 users.

How are customer service and technical support?

I am working in the Security Operations team, which does not contact Forescout technical support directly. They are not responsible for the types of problems we have, such as checking for computer compliance and installing a new computer.

How was the initial setup?

The complexity of the initial setup depends on the environment. I am managing an enterprise environment, so any deployment or any implementation will not be easy. Generally, however, Forescout is not difficult to configure.

What other advice do I have?

This is a good product and I recommend it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Forescout Platform
August 2022
Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
621,593 professionals have used our research since 2012.
Adesoji - PeerSpot reviewer
Head IT Infrastructure and Security at United Capital Plc
Real User
Provides visibility into the workings of our routers and switches
Pros and Cons
  • "It has helped with improving our security posture in terms of controlling the access of rogue devices into our network through identification. We have been able to prevent rogue device activities on the network, check the health of the system, and ensure remediation."
  • "The initial setup is a bit complex."

What is our primary use case?

My company is in the financial services industry. The primary use case is Network Access Control and control endpoint access to network. The environment is used to process sensitive data. We want to ensure that rogue devices and unauthorized devices are unable to join the network. This will reduce our exposure to attacks.

How has it helped my organization?

It has helped with improving our security posture in terms of controlling the access of rogue devices into our network through identification. We have been able to prevent rogue device activities on the network, check the health of the system, and ensure remediation. 

It has provided visibility into the workings of our routers and switches. We also extended this capability to our branch offices through a WAN connection.

What is most valuable?

Access control: Being able to set policies that determine how devices join our network and how they are expected to behave while on the network. The fact that we are able to access the hygiene of our endpoint and monitor it continuously makes it fit for purpose.

What needs improvement?

I would advise Forescout through their research and development to look for features that they can add. Also, based on the what other competition may be selling, if they find any useful feature, they should add those to their product.

For how long have I used the solution?

The last three months.

What do I think about the stability of the solution?

It is stable and reliable.

What do I think about the scalability of the solution?

It is a good product that is fit for purpose.

How are customer service and technical support?

Fantastic

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

The initial setup is a bit complex.

What was our ROI?

Not applicable.

What's my experience with pricing, setup cost, and licensing?

The setup cost, pricing, and licensing are on the high side.

Which other solutions did I evaluate?

No. I heard of Forescout, then went ahead and bought it.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Security Engineer at a healthcare company with 10,001+ employees
Real User
Identifying potentially unwanted devices on the network has saved the organization time and money
Pros and Cons
  • "Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy."
  • "When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies."

What is our primary use case?

Asset Discovery. 

We were not able to accurately see devices in our network and/or have the ability to either remove rogue devices from the network or move them off to another VLAN. With corporate owned assets, we also have the ability to see if something is missing or not up-to-date on a product, then we have the ability to push the update down to the asset. 

We have not integrated the wireless access points into the product, but we are able to gain better visibility with wireless access points for mobile devices to do the same thing.

How has it helped my organization?

We are now able to see the assets connected to our network and classify them based on certain criteria that we can define. We still have a ways to go in getting things setup and more networks defined on what we want to see. Forescout is allowing us to gain that visibility with a few clicks of the mouse. Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy.

What is most valuable?

There are so many to list: 

  • The policies and what you can do with them is amazing. 
  • The ability to narrow down devices online versus offline.
  • Get the MAC Addresses last attributed with a device or IP address on a device and connect that to its switch port or router. This is very beneficial when assisting in tracing back physical connectivity, if needed. 
  • The ability to move a device off the network is very useful. The hardest part is showing the help desk what they need to do when troubleshooting a device connectivity issue.

What needs improvement?

When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies. I could see after doing this repeatedly that it may lead to some premature clicking in an area that you may not have wanted, depending on how your segments are setup, and may cause issues later down the road.

For how long have I used the solution?

Just a few months.

What do I think about the stability of the solution?

In using the product for a short period of time, we have not had any issues with it. This product so far has proven to be top notch and do what is designed to do. The visibility into the network makes things an ease.

What do I think about the scalability of the solution?

It is highly scalable and easy to implement.

How are customer service and technical support?

Customer service and technical support are very responsive. We had one issue integrating a module and had a response within 30 minutes of opening the ticket, then we had a resolution shortly afterwards.

Which solution did I use previously and why did I switch?

We did not use a different solution other than best guess or a manual Nmap with port scanning tools to find out what was on a network segment, which was very time consuming.

How was the initial setup?

Our network is fairly complex. However, the setup of this application was straightforward. It has great documentation on what ports/protocols are needed when communicating with other devices. The documentation was easy to read.

What about the implementation team?

We implemented with Professional Services from Forescout.

What was our ROI?

Time savings in finding rogue devices as well as identifying potentially unwanted devices on the network has saved the organization time and money.

What's my experience with pricing, setup cost, and licensing?

It might not be the cheapest solution, but you get what you pay for.

Which other solutions did I evaluate?

Senior management used this product before and already did a comparison of other products.

What other advice do I have?

The product has proven to be worth the cost and time savings alone in finding rogue devices. It helps with ROI and increasing our security posture. You can't protect what you don't know about or can't see.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1348908 - PeerSpot reviewer
Senior Network Engineer at Tessy Plastics
Real User
Our environment is significantly more secure
Pros and Cons
  • "Being able to actively identify the client without a certificate allows you to control every device on your network regardless of the make, model, and software running. This allows for end-to-end security."
  • "They need to handle their Tier 1 cases differently. The biggest negative regarding Forescout is their support. Not having the ability to get instantly transferred to a support engineer for Tier 1 cases is pretty ridiculous."

What is our primary use case?

We primary use the Forescout appliances to identify, segment, and control all of our internal, manufacturing, automation, and IoT networks. In addition, we use Forescout to deploy guest wireless by utilizing self-registration to allow employees and guests onto our network. Forescout is also responsible for maintaining and showing us all threat data, such as vulnerabilities. We also use it to identify and prevent all malicious network scans throughout our entire network. These powerful tools allow us to secure our network end-to-end.

How has it helped my organization?

Before our implementation of Forescout, we had no Network Access Control. This allowed all users, trusted and unknown, to access our internal infrastructure. This was a burden because we are in the contract manufacturing sector where each independent contractor brings in their own infrastructure and it is up to us to secure these networks. Since implementing CounterACT, we have been able to isolate and segment all unknown devices, providing strict requirements for device on boarding. Since implementing Forescout, our environment is significantly more secure.

What is most valuable?

The biggest benefit to our organization is the fact that being in manufacturing you have many different types of devices. Only a small section of these types of devices support dot1x authentication. This makes Network Access Control very difficult to implement. With Forescout, the difficulty becomes significantly less. Being able to actively identify the client without a certificate allows you to control every device on your network regardless of the make, model, and software running. This allows for end-to-end security.

What needs improvement?

The product could be improved in different ways: 

  • The speed of identification
  • More guest management features (i.e. extending time frames)
  • Sometimes, the identification profiles completely change after device upgrades. It would be beneficial to keep or merge these records if enough correlating data points exist, so as not to segment devices. 

Some of the features introduced into the product line could have better documentation, which could provide for an overall better experience for administrators.

For how long have I used the solution?

We have been using Forescout CounterACT for over a year now. We have been very impressed.

What do I think about the stability of the solution?

Forescout is one of the most stable pieces of software that I have ever worked with. Their updates are timely, and their software has an assortment of plugins and bolt-ons. Having a software this flexible would normally present itself with bugs, but we have not run into any software issues with their plugins, modules, or software in general.

What do I think about the scalability of the solution?

We run virtual appliances. We have needed to bring up a fully functional data center in less than 15 weeks. Forescout takes less than a day to implement. Their product is very scalable.

How are customer service and technical support?

Tech support is very good and knowledgeable. 

They need to handle their Tier 1 cases differently. The biggest negative regarding Forescout is their support. Not having the ability to get instantly transferred to a support engineer for Tier 1 cases is pretty ridiculous. In addition to the support, they can take their time getting to you, which is another frustrating item.

How was the initial setup?

The initial setup is very simple. The logic behind policies makes it very straightforward. With that being said, policies can be very complex, and if you are not careful, they could have unintended results.

What about the implementation team?

Brite Computers was a phenomenal asset. I would rate them as a 10 out of 10.

What was our ROI?

The ROI is priceless. How can you put a price on someone's privacy?

What's my experience with pricing, setup cost, and licensing?

We went with the virtual appliance option. The biggest cost to running these types of appliances would be to either have multiple virtual appliances at every data center or running Remote SPAN hardware to provide you the real-time network visibility.

Which other solutions did I evaluate?

We primarily evaluated Cisco ISE. We looked at Cisco ISE and were in the process of demoing it. We looked elsewhere because the MAC Authentication Bypass feature was not a workaround that we wanted to implement for over half of our environment.

What other advice do I have?

The product has been fantastic for us, meeting our needs. We have hardly had any bugs to speak of. With that being said, please allow Tier 1 cases to be directly transferred to an available engineer. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1348911 - PeerSpot reviewer
Sr. Network Engineer at William Blair & Company
Real User
Monitors network access globally and improves overall security while reducing risk
Pros and Cons
  • "Forescout CounterACT has allowed us to better open our access and control wireless access globally from our HQ. This allows us to monitor the network access for every office globally. This has improved overall security, reducing risk and opening up the opportunity to provide greater end user flexibility."
  • "More detailed analysis during the authentication process, especially for troubleshooting access issues. We have found that troubleshooting RADIUS controls is quite arduous, as it is today. A trace function could easily resolve this by providing a means by which access issues from a certificate to passwords or accounts could easily be identified and remediated."

What is our primary use case?

To be able to improve security within our network. We needed Network Access Control (NAC). As such, we reviewed the available vendors who could provide this service to us and selected the Forescout CounterACT (CA) product primarily because we needed to be able to position the product in several regional locations. At the same time, we managed and controlled it locally and dynamically where we have it responding to a single control center. While we have implemented today strictly for wireless access, we will be extending that to include wired access in the future.

How has it helped my organization?

NAC: Forescout CounterACT has allowed us to better open our access and control wireless access globally from our HQ. This allows us to monitor the network access for every office globally. This has improved overall security, reducing risk and opening up the opportunity to provide greater end user flexibility. 

What is most valuable?

The key feature we use is AD integration. That feature needs the least amount of attention once set up. 

Monitoring and logging are the pieces that we use most day-to-day. These are used by both our network and security teams to ensure proper operation with minimal risk. Whether machines attempting access are firm managed, vendors visiting, or IoT, all are available within the CA appliance. We plan to extend the use to further support growth functionalities and new work from home initiatives going forward.

What needs improvement?

Better reporting and analysis of access (based on client) would be helpful. Also, a tool that allows tracing a user through the rules to authentication.

More detailed analysis during the authentication process, especially for troubleshooting access issues. We have found that troubleshooting RADIUS controls is quite arduous, as it is today. A trace function could easily resolve this by providing a means by which access issues from a certificate to passwords or accounts could easily be identified and remediated.

For how long have I used the solution?

Two years.

What do I think about the stability of the solution?

ForeScout CA has proven itself to be very solid.

What do I think about the scalability of the solution?

It is very scalable with a lot of features that we aren't even using yet today.

How are customer service and technical support?

Technical support has been great. They are very knowledgeable, helpful, and considerate.

Which solution did I use previously and why did I switch?

We used Cisco ISE but found that it did not have the flexibility that we needed within our organization.

How was the initial setup?

Setup was anything but straightforward, but this had nothing to do with Forescout. This is the nature of NAC solutions in general. 

Setup takes significant preplanning. Don't expect to just drop it in, then have it up and running, even if you already use an alternative NAC product. However, it is worth it.

What about the implementation team?

We used a Professional Services engagement from Forescout, but still experienced a lot of issues.

What was our ROI?

I don't know.

What's my experience with pricing, setup cost, and licensing?

The fact that we were allowed to spin up as many servers as we had need of to support our geographic requirements while paying for licensing as an enterprise truly set Forescout apart from the crowd and improved the way we could design our access.

Which other solutions did I evaluate?

We had ISE. As that product reached EOL, we considered whether there were alternatives to a NAC that we should consider but felt that a NAC is a security requirement.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
KimeangSuon - PeerSpot reviewer
KimeangSuonPre-Sale Consultant at Yip In Tsoi Co., LTD.
Top 5Real User

It is a great feature for devices visibility and save me a lot time to find view information as detail from BYOD to network access, and eyeExtend Module help me a lot for integrate with other third-party to improve orchestration. 

RobertoMarinozzi - PeerSpot reviewer
System Engineer at Maticmind S.p.A.
Real User
Very good features, an easy initial setup, with a recently improved licensing model
Pros and Cons
  • "I have noticed that in the last year the license model has changed from licensing the whole appliance to licensing the number of devices. It's more simple for a large installation, or a user to have CounterACT as their peripheral site in the company. It's a good choice to have changed the license policy."
  • "For the user, the policy that they have implemented sometimes needs adjustments. Sometimes the features that the customer asks for aren't involved in the main installation, and I need to bolt an add-on in. However, I never know if this policy is the right one when I do this."

What is our primary use case?

In both the environment I have used CounterACT to permit guests access and recognize automatically domain/white list members

How has it helped my organization?

It permit to treats the access policy without lists of macaddresses but by mean a dynamic policy

it permits to discover and classify a lot of devices that the organization forgets to have to manage




What is most valuable?

The last two or three versions that have been released on CounterACT Forescout have allowed for the possibility to search for any kind of device. Before that, I could only search for guest domain users.

What needs improvement?

For the user, the policy that they have implemented sometimes needs adjustments. Sometimes the features that the customer asks for aren't involved in the main installation, and I need to bolt an add-on in. However, I never know if this policy is the right one when I do this.

For how long have I used the solution?

I've been using the solution for five years.

What do I think about the stability of the solution?

It is a very good product.

What do I think about the scalability of the solution?

Very good policy has been released with the for device licenses that permit to "paint" the better solution using virtual appliances.

How are customer service and technical support?

It has very good support, it is very easy to contact the country post-selling engineer.

How was the initial setup?

The initial setup is very, very simple. It's more complex to tune the product in the company environment and usually, that requires two days. I need a few days to tune the product correctly. I do also need to do a lot of tests during the initial implementation.

What about the implementation team?

We implemented together vendor team.

What's my experience with pricing, setup cost, and licensing?

I have noticed that in the last year the license model has changed from licensing the whole appliance to licensing the number of devices. It's more simple for a large installation, or a user to have CounterACT as their peripheral site in the company. It's a good choice to have changed the license policy.

Which other solutions did I evaluate?

no, I have used only forescout and I haven't need to use anything else

What other advice do I have?

I have installed the solution for two customers. For one, I have used the CounterACT CT 1000. In another environment, I did a more complex installation and I have used the appliances and management in a tray.

Forescout is a very good company that delivers very good features. I love it. I'd rate it nine out of ten.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Chief Executive Officer at a tech services company with 11-50 employees
Real User
Offers full visibility of devices in the local network but is pricey
Pros and Cons
  • "We really like that we get full visibility of devices in the local network."
  • "It's scalable, but not without a big investment. It doesn't do so well at the branch. At the home office, it does okay and not so well at the branch."

What is our primary use case?

To find out what devices are in the network for our clients. We manage client's networks, so we have it on the client's network and they use it so they can make sure they know who's on the network and if it's secure.

What is most valuable?

We really like that we get full visibility of devices in the local network.

What needs improvement?

It could be better, they could work on the wide-area network and easier because it's a bit clumsy at the moment when we go on to a remote site. It works well in the head office but we've had challenges trying to install it across other sites. So pricing and support for branch offices. The interface is okay for the local office, but it's hard to get visibility from remote branches.

For how long have I used the solution?

We have been using the Forescout Device and Visibility Control Platform for about two years.

What do I think about the stability of the solution?

The Forescout Platform is very stable.

What do I think about the scalability of the solution?

It's scalable, but not without a big investment. It doesn't do so well at the branch. At the home office, it does okay and not so well at the branch.

How are customer service and technical support?

We have used technical support, it's been fine.

How was the initial setup?

The initial setup of Forescout Device and Visibility Control Platform is fairly complex.

What's my experience with pricing, setup cost, and licensing?

The Forescout Device and Visibility Control Platform is quite expensive. I would recommend it depending on the environment, but I would tell them to look at things that depend on their environment. There is other software as well.

What other advice do I have?

I would rate the Forescout Device and Visibility Control Platform at a six out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Miguel Santiago - PeerSpot reviewer
Owner at Securnet
Real User
Has a valuable Bring Your Own Device feature and good usability
Pros and Cons
  • "We think it's simple. We think it's very useful and we really like reports and everything."
  • "The biggest disadvantage is the pricing."

What is our primary use case?

We are using the Forescout Platform mostly for the Bring Your Own Device features. So we like it very much. We like the dashboard, the usability, and the Bring Your Own Device feature. That's our main usage of the Forescout.

How has it helped my organization?

We are really adapted to the product. So we find it perfect.

What is most valuable?

Now that I'm used to it I don't see many places to improve it. We really like it as it is. We think it's simple. We think it's very useful and we really like reports and everything. We like it very much.

What needs improvement?

The biggest disadvantage is the pricing. I can see that the product has value. I see that the product is really good. I think that the pro is it's really stable, but price-wise, I think it's bad. But you have to pay for quality. But the pricing can be a little bit improved in my point of view. It will be harder to choose if we start comparing features and prices and when we made the initial choice. Our choice was based mainly on features. There was no price comparison involved. I think that it is not in the same landscape. The landscape has changed and there are a lot of contenders in this field. The price scale could be improved.

For how long have I used the solution?

I have worked with Forescout Device Visibility and Control Platform for two years.

What do I think about the stability of the solution?

The availability is one hundred percent available. So we don't have issues with that also, so very good.

What do I think about the scalability of the solution?

The installation is small enough, it's 500 users and there are no issues with the performance. So our escalation costs, we are small so it's perfect. I've had no issues. The availability is one hundred percent available. So we don't have issues with that also, so very good.

How are customer service and technical support?

Technical support was really great at the beginning of the setup. At the moment we don't use it because the product is very good. I cannot say if it's good or it's bad because we don't use it, we don't see any issues. It's very good. So for me, I cannot tell you if the support is fast or it's slow, or if it's good or bad because we don't use it. No, we don't use the support.

How was the initial setup?

The initial setup was straightforward. We have help from the manufacturer, so to put it in place it was straightforward. We have been using it for two years now with no issues.

What's my experience with pricing, setup cost, and licensing?

The pricing is really bad. We think that it's expensive. So the pricing part is expensive.

What other advice do I have?

I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place. That's the main recommendation is to do a proof of concept. If they do, they will buy it. 

I would rate Forscout Device Visibility and Control Platform at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Chief Technology Officer at Penta Global Limited
Real User
Easy to use, quick to set up, and offers good management
Pros and Cons
  • "It allows for good detection of all the vendor products we have on-site."
  • "The solution could always improve by adding more features to make it more robust."

What is our primary use case?

Right now, we are looking to implement the solution in a hospital where a lot of people come to the lobby and are outsiders or guests. The VOD and guests' mobile phones will be able to connect to the Wi-Fi. This is the latest use case we are working on.

What is most valuable?

The solution offers very good management.

It allows for good detection of all the vendor products we have on-site.

The solution is very similar to other solutions, so it's not hard to figure out how to use it.

What needs improvement?

The solution could always improve by adding more features to make it more robust.

For how long have I used the solution?

I deployed the solution for one project about a year and a half ago. I may implement another one for another project this year.

What do I think about the scalability of the solution?

The scalability is quite good. It does depend on the complexity of the setup, but for our purposes, we've never run into any issues.

How are customer service and technical support?

We've never had to contact technical support. We've never had a need to do so yet. I can't speak to the level of service they provide. We have our own team in-house that will troubleshoot if we run into problems.

How was the initial setup?

The initial setup is pretty straightforward. It's not complex.

It took us about one week to deploy the solution. It didn't take long to set everything up.

What other advice do I have?

I'm basically focusing on the product line right now. It's pretty good. The nice thing about it is that at last, we have a kind of software that's very easy to work with.

While most people in most of the cases do not want to go for Mac, in the case of cybersecurity, I believe it is very important to do so. In enterprise cases, the common culture is the DYD. Organizations need to add some sort of network access control to prevent many issues.

I'd rate the solution itself eight out of ten overall. It's quite good, but it could always continue to improve.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Chief Information Security Officer at a tech services company with 501-1,000 employees
Real User
Good compliance with simple user interface, and lots of plugins
Pros and Cons
  • "The user interface is quite simple."
  • "The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup."

What is our primary use case?

We've been able to use the solution for a couple of tasks including using it to monitor for anti-virus compliance. We also use it to monitor the health of the security history of our endpoints.

What is most valuable?

It's a great solution. We use it for the internet here and it's been helpful. It's a great product for our Mac PCs and we can implement it to both our wireless and our wired network.

It's very quick.

The compliance aspects of the solution are excellent and one of the solution's best features. It helps us maintain the compliance of our endpoints.

In terms of physical tools, we are very satisfied.

In our organization, the solution provides us with a sound perimeter. 

The user interface is quite simple.

The version we're currently on, 8.6, has a lot more plugins than past versions. Now you can plug in anything you want. It helps us to utilize the product more fully.

What needs improvement?

There's always room for improvement for the solution. Off the top of my head, I really can't determine anything that is lacking right now. Basically there is no room for improvement that I can describe.

The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup.

What do I think about the stability of the solution?

The solution has very good uptime, and we have had no issues at all in terms of stability.

What do I think about the scalability of the solution?

We didn't have any issues with the ForeScout scalability. So far, we've agreed with the pricing required for both the hardware and the software. 

How are customer service and technical support?

We haven't been in touch with technical support, so I can't speak to their level of service and how they interact with clients.

How was the initial setup?

The solution is not that simple, however, it's not complex, either. It's a solution that does so much it needs a bit of understanding to properly use it. Once team members go for basic training, they should be able to handle it. The basic training will also give team members a networking background to be able to master the solution. It's not very difficult, but a person will have to be a bit technical.

What other advice do I have?

I'd advise companies to ensure their teams are well trained in ForeScout before starting implementation of any kind. Those setting up and using the solution should have a basic background in networking. If users are comfortable with configuring, they can create processes for the environment. That way, it will be deployed properly.

Teams should also test the solution first before they launch so there won't be any surprises. If they need to make changes, they need to manage the process properly.

I'd rate the solution nine out of ten. If it was a bit less complex, I'd give it perfect marks.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1259856 - PeerSpot reviewer
Director of Information Technology at a government with 201-500 employees
Real User
Blocks rogue devices to help keep our data secure

What is our primary use case?

We needed this solution in order to block rogue devices (laptops, phones, etc) and block external devices.

How has it helped my organization?

ForeScout has given us the ability to block unwanted devices.

What is most valuable?

The most valuable feature is the blocking of USB devices.

What needs improvement?

The ability to block external devices in Mac is lacking and needs to be added.

For how long have I used the solution?

We have been using ForeScout CounterACT for three years.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Founder at EME Pty Ltd
Real User
Easy to manage and prevents network access by rogue devices throughout our network

What is our primary use case?

We use this solution for Network Access Control to prevent rogue devices connecting into the network.

How has it helped my organization?

This product allows monitoring and control of the PC fleet across the company.

What is most valuable?

The most valuable features are remote access and administration scripts.

What needs improvement?

We experienced some detection issues when checking compliance for the Sophos agent.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Michael Varga - PeerSpot reviewer
IS-Operations Security Analyst at a energy/utilities company with 10,001+ employees
Real User
Top 5Leaderboard
It prevents scanning, malware spread, corporate asset misuse, and reconnaissance on our network by third-party devices.
Pros and Cons
  • "Emergency response, risk assessment information to get a view of the of the vulnerability."
  • "Search - needs boolean functionality (or pseudo operand now working)."

How has it helped my organization?

  • Immediate relocation of network devices to segregated "Vendor" network based on autonomous analysis. Prevents scanning, malware spread, corporate asset (i.e. printer) misuse, and reconnaissance on our network by third-party devices. Allows us to block VPN from our corporate network but still allow Vendors to establish them.
  • Better information provided by Level 1 support (helpdesk) regarding asset information as we provide them with R/O access to the tool
  • Visitor policy communication & acceptance

What is most valuable?

  • Network Access Control, its core use
  • Asset Intelligence for deskside
  • "What port is it plugged into" intelligence for deskside
  • Patch-level Auditing
  • Emergency response, risk assessment information to get a view of the vulnerability
  • "What PC is a user on" for helpdesk/IT security/deskside
  • Forces PEN Testers to request permission to exist on your network

What needs improvement?

  • JAVA Memory management - leaving the app running for multiple days requires relaunch
  • Search - needs boolean functionality (or psudeau operand now working)

What do I think about the stability of the solution?

Stability has been good.

What do I think about the scalability of the solution?

  • It is very scalable, allowing additional strategic appliances as required in either physical or VM format.
  • We control >400 field sites, two Oilsands mines, multiple remote platform locations, 2 Canadian Metro offices and 1 UK office with 4 appliances centrally located.

How are customer service and technical support?

Customer Service:

It's excellent! 

Technical Support:

It's excellent!

Which solution did I use previously and why did I switch?

No previous solution was used.

How was the initial setup?

It was straightforward, although I recommend having a strong relationship with network-asset owners to ensure SNMP rights are looked after.

What about the implementation team?

We used a vendor, Conexsys (Graham Cheng & Jerry G), who were excellent.

What's my experience with pricing, setup cost, and licensing?

Forescout's flex licensing has made our deployment more agile and helps us adapt our environment without buying more hardware.  

Under their old model, licensing was tied to 4k and 10k appliances which strained under the new v7 and v8 Forescout OS when nearing their designed capacity.  To acquire a new appliance, physical or virtual, meant buying licensing for that size of appliance.

Under the new flex licensing model, we've been able to deploy VM appliances, responsible for host interrogation and management, while retaining our physical appliances for SNMP switch management, and span aggregation.  

Under the flex licencing model, we've deployed to our ICS segments, and are deploying VMs to our DCS environment, allowing for full visibility under one 'pane of glass' of nearly every host on our network.

Ensure you consider everything you want to monitor that has an IP. Devices with multiple IP's count multiple times against your license count.

Which other solutions did I evaluate?

This was chosen without hands-on evaluation based on reviews and industry feedback.

What other advice do I have?

If you have distributed services (DHCP), strategically ensure you generate reliable traffic to establish timely inspections. We've avoided the use of traps by centralizing our DHCP at HQ, but it causes black holes during inspection schedules in case of a static device being plugged in.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
SecEng3904 - PeerSpot reviewer
SecEng3904Senior Security Engineer at a healthcare company with 10,001+ employees
Real User

Nice write up. I agree with the Customer support they are quick to reply and are able to get things resolved quickly.

See all 3 comments
Ricardo Martins - PeerSpot reviewer
Network System Administrator at Compugraf
Real User
We now know how many devices are connected and what the use for each device is
Pros and Cons
  • "The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment."
  • "They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment."

How has it helped my organization?

The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment.

What is most valuable?

I can create granular policies. This is amazing. I really appreciate the granularity to create policies.

What needs improvement?

They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment.

The interface of this solution and the integration part needs improvement. The difference between the 7th and the 8th version is the dashboard. They should improve it. 

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

We never had a problem with this product. It has worked very well.

What do I think about the scalability of the solution?

It's very simple to scale and to implement more devices and licenses. It's easy to grow.

How are customer service and technical support?

We haven't had to use their technical support. 

Which solution did I use previously and why did I switch?

We switched because ForeScout is the best tool for Mac. 

How was the initial setup?

The initial setup was very easy, very simple to deploy. We didn't have problems or difficulties with the implementation.

Which other solutions did I evaluate?

We also looked at Fortinet. 

What other advice do I have?

I would rate this solution an eight out of ten because it's the best solution. 

I would advise someone considering this or a similar solution to make sure that the solution works with a lot of vendors. Choose a product that doesn't change your environment.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Olugbenro Iluyemi MSOR, CCNA-Security, SENSS, ITIL V3 - PeerSpot reviewer
Network and Security Engineer at Guaranty Trust Bank Plc (GTBank)
Real User
SNMP Traps on switches is one of its most valuable features

What is our primary use case?

Primarily used to define which host to admit onto the network, by tying a policy to the MAC address.

How has it helped my organization?

Identifying issues on why some hosts are not on the network, and assisting with possible remediation options.

What is most valuable?

  • SNMP Traps on switches
  • Getting the MAC address of the host from the ARP table of the switch and applying policy.

What needs improvement?

  • Battled with the use of SNMP v1 instead of v2c
  • Direct web interface rather than installation of a client.

For how long have I used the solution?

One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Manuel Keller - PeerSpot reviewer
Head of Network and Communication Department at a program development consultancy with 10,001+ employees
Consultant
Provides visibility into the network and connected devices

What is our primary use case?

Obtaining visibility into the network and connected devices is very simple with this tool. It takes me three minutes to do a base deployment when all the parameters are available.

How has it helped my organization?

The reporting for audits start with the knowledge of the devices in the network and the services running on them. ForeScout provides the foundation for the needed information.

What is most valuable?

Using passive and active methods to learn about the network. Even hybrid parts, like production, can be discovered with the passive method, while the office LAN can be discovered with both.

What needs improvement?

Multitenancy should be included in the next version so it could be used as a managed service provider.

For how long have I used the solution?

More than five years.
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
it_user400680 - PeerSpot reviewer
VP IT Security at a financial services firm with 501-1,000 employees
Vendor
The most valuable feature for us is the visibility into all connected devices.

What is most valuable?

The most valuable feature for us is the visibility into all connected devices. Also, the plugins are very robust -- the ability scanner, patch management system, and SQL integrator.

How has it helped my organization?

You can query a lot of information from the connected device, including their compliance statuses.

What was my experience with deployment of the solution?

We've had no issues with deployment.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

There have been no issues with scaling it.

How was the initial setup?

The initial setup was complex, but that was due to the nature of the network architecture.

Which other solutions did I evaluate?

We didn't look for other solutions.

What other advice do I have?

Have a clear understanding and document the network architecture before you deploy it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user376773 - PeerSpot reviewer
Global Network Security Specialist at a pharma/biotech company with 10,001+ employees
Real User
We like that it can do network access control either with 802.1x or without 802.1x since many network devices are not ready to do 802.1x.
Pros and Cons
  • "The most valuable features of ForeScout is the fact that it can do network access control either with 802.1x or without 802.1x."
  • "Definitely, having more third-party integration would be an improvement."

What is most valuable?

The most valuable features of ForeScout is the fact that it can do network access control either with 802.1x or without 802.1x. Many network devices are not ready to do 802.1x. Lots of endpoints are not ready to do it, or they're poor at it, so having a non-.1x solution is critical for maintaining stability on our network.

How has it helped my organization?

We did not have a NAC prior to ForeScout. It provides constant monitoring of the endpoints either through an agent or periodic monitoring with a local admin account. This makes posturing very easy to do. Once the device is on the network, we're able to determine, does it continue to meet the requirements that we need for a device to stay on the network?

What needs improvement?

Definitely, having more third-party integration would be an improvement. This is something that they're doing. Other products that we have on our network, if we're able to get ForeScout to talk with them, we'll get much better information to those products, things like Splunk and other data gathering.

Also, I think we have Rapid7, so all these different programs that want to collect a lot of information, ForeScout is able to do that. So having it being able to talk to them, the more it can talk to, the better it is.

I think there are some product maturity issues in terms of the web interfaces that its able to present for end users. They're working on those. Those are improving, and just other features that come along with them growing into this space that they have. They're getting feedback from us, and they're getting feedback from other very large customers on what to do to improve, and they respond very well.

For how long have I used the solution?

2 years

What was my experience with deployment of the solution?

We've had no issues with deployment.

What do I think about the stability of the solution?

We had a few issues that were unique to our environment, but ForeScout tech support has been very timely in being able to respond to them and getting us support we needed. We have had to have a few reboots due to some outages, but again, these are things that were able to be resolve very quickly. Overall, I would say that this is a stable solution.

What do I think about the scalability of the solution?

We're a huge company, over 100,000 employees, and it does require that we have done our homework ahead of time -- that we know where our address space is, that we know what's out there, and being able to come up with a deployment plan is our responsibility. Once we had that, we were able to go with it, and it works very well.

How is customer service and technical support?

Customer Service:

Very good.

Technical Support:

Very good.

How was the initial setup?

Device setup is straightforward - NAC itself is always a complex thing due to its profiling of EVERY device that connects to the network.

What about the implementation team?

The ForeScout engineers were there to help us without the standard, "Oh, you have over 100,000 endpoints? Well here's what every 100,000-endpoint company does."

Which other solutions did I evaluate?

We compared ForeScout to Cisco ISE. There were some other vendors in this space, but we felt they were for mid-sized companies at largest. Cisco looked like they had an offering that would be able to compete head-to-head with it in terms of size. The reason we picked this over ISE was because ForeScout had a non-802.1x solution for the wired network. We would avoid a lot of chaos and a lot of destruction if we go that route. Also, ForeScout had fewer vulnerabilities whereas Cisco ISE had several level-10 vulnerabilities that have been observed over the years. While we were testing it, two of them came out.

ForeScout has never had a vulnerability above 7.0, so when we look at the security of the system, it definitely meets that requirement where this is not something that's going to be compromised the way it looked, as though Cisco ISE had some potential for that. Much less disruptive, both Cisco ISE and ForeScout really require a client to get the full features of the system. They say that it can run client-less, but having the client gives a lot better functionality, and the ForeScout client just worked a lot better for us on our endpoints.

What other advice do I have?

The most important thing would be that a NAC project involves more than just the network. You've got to have client people, PKI people, active directory people all working together with the network to make this product work and make it happen. There's so many ways that it could interrelate. If you're in a very large company, you've got to break down the silo walls and get everybody together from the beginning to make this thing work out, but once you have those people together, this is something that every group wants to have. Desktop people want it, the mobile people want it, the scanning people. Everybody wants it once they see it, so it does sell itself, but you've got to have that education meeting up front.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user868785 - PeerSpot reviewer
it_user868785Senior Procurement Category Manager at a financial services firm with 1,001-5,000 employees
Real User

What is the difference between ForeScout's Centralized License and Appliance License structure/model?

See all 2 comments
it_user113817 - PeerSpot reviewer
Network Administrator at a university with 501-1,000 employees
Vendor
As a university, we have used ForeScout to help us get a hold on student computers and their infections.

What is most valuable?

As a university, we have used ForeScout to help us get a hold on student computers and their infections, and to keep those infected systems off our network. We are also currently using ForeScout as a mechanism to allow us to automatically move student game consoles to a separate VLAN, and then move the port back to the primary dorm VLAN when a PC or other device is plugged in.

How has it helped my organization?

ForeScout has the built-in ability to identify network devices without a separate subscription or device, and that allows us to identify when students plug into a switch or router (not allowed on our network), or tries to put their computer on the less restrictive game console VLAN. The rule sets allow you to configure different rules for different devices or networks from a single location, and provides a single-pane-of-glass view into any network traffic it can see.

What needs improvement?

The configuration of the rules is both a blessing and a curse. While it is almost infinitely configurable, knowing how to get the product to do what you want it to do can be difficult, especially at first.

The biggest problem we have had with ForeScout is that in order for it to see all of your network traffic it must have access to that traffic. So if your traffic has multiple ways to reach the internet or other resources, then you need multiple network taps in place to see that traffic.

For how long have I used the solution?

We have used ForeScout since summer of 2012.

What was my experience with deployment of the solution?

Other than the infinite configurability and need to have multiple network taps to see all traffic, we haven't had issues with deployment.

What do I think about the stability of the solution?

Stability has been like a rock, and it is a product that just seems to work.

What do I think about the scalability of the solution?

We have had no issues with scaling it for our needs.

How are customer service and technical support?

We have had mixed success with support. Sometimes we had amazing people who knew just what we needed and how to help us get there with minimal fuss. Other times we were explaining to support how to work around an issue so other customers wouldn’t have to deal with what we were dealing with.

Which solution did I use previously and why did I switch?

We previously used Perfigo, which was later bought by Cisco and became Clean Access. ForeScout offered us a device with a 10GB connection, and that on top of the feature set for the price sealed the deal.

How was the initial setup?

The initial setup was very straightforward, but due to our backbone switch/network configuration, we had to make last minute tweaks to get the product to see all our traffic. Also, we struggled to get our rules properly configured so that students weren’t negatively impacted by misconfigurations that would either prevent them from getting on the network at all, or repeatedly require them to log in.

Our third-party consulting firm (Konsultek), hit one out of the park in helping us, and they made sure we were up and running before the start of school, despite our tight timeframe for implementation.

What about the implementation team?

We used a third-party group to assist us with implementation, and that made all the difference for us as we were able to pull from their experience and knowledge to help us get up and running.

What other advice do I have?

The best advice I can offer is to make sure to understand the rules and how they work as that was a bit of an issue for us in the first few weeks when we worked out how to “fix” some of the issues (client time-outs, repeatedly being asked to log in) as they came up. Also, test everything before rolling out to production.

ForeScout provides some of the greatest visibility into network traffic, showing you exactly who is doing what, down to the port and protocol being used, capturing entire conversations between endpoints. It is a simply fantastic tool that provides network and security persons with the ability to throw up honeypots.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Information Security Manager at a legal firm with 1,001-5,000 employees
Vendor
The most valuable feature for us is the real-time alerting of newly connected devices. The reporting could be a bit more intuitive and user friendly.

What is most valuable?

The most valuable feature for us is the real-time alerting of newly connected devices, whether they are approved or unapproved devices on our network.

How has it helped my organization?

Since our implementation of CounterACT, it has kept us aware of unapproved devices attempting to connect to our network which pose security threats.

What needs improvement?

The reporting could be a bit more intuitive and user friendly.

For how long have I used the solution?

I have used CounterACT for two years.

What was my experience with deployment of the solution?

There were many issues with deployment, but these were largely due to our own network architecture issues.

What do I think about the stability of the solution?

There were many issues with stability, but these were largely due to our own network architecture issues.

What do I think about the scalability of the solution?

There were many issues with scalability, but these were largely due to our own network architecture issues.

How are customer service and technical support?

I'd rate ForeScout's technical support as fair-to-good.

Which solution did I use previously and why did I switch?

We did not have a previous NAC solution in place prior to CounterACT.

How was the initial setup?

The initial setup was complex.

What about the implementation team?

We used a vendor team for the implementation.

What other advice do I have?

Do your homework ahead of time. Ensure that you have up-to-date network maps and that understand your network's architecture.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
System Architect at a insurance company with 1,001-5,000 employees
Vendor
You can use it to implement 802.1x on your infrastructure and also have a very granular control of your devices, including shadow devices.

What is most valuable?

The most important feature is that this solution works well without a 802.1x feature. You can use CounterACT to implement that feature and also have a very granular control of your devices, including shadow devices.

How has it helped my organization?

We were searching for a solution that could help us not only to detect and manage unauthorized access, but also to implement 802.1x on our infrastructure. And when we were working to reach that goal, we found other improvements from using CounterACT, such as antivirus installation, P2P control, and shadow IT -- and that's another plus for them.

What needs improvement?

The best improvement they could make would be reporting and better integration with AD. Last but not least, a management web interface would be nice in the next version/release.

For how long have I used the solution?

We've used it for about a year.

What was my experience with deployment of the solution?

We had no issues with the deployment.

What do I think about the stability of the solution?

We have an HA cluster in place that works very well. We've had no issues with stability.

What do I think about the scalability of the solution?

We had no issues scaling it for our needs.

How are customer service and technical support?

Fortunately, for now, we've had no need to call technical support.

Which solution did I use previously and why did I switch?

We didn't have a NAC solution in place. This is the very first solution we've tried mostly because other solutions have 802.1x as a mandatory requirement.

How was the initial setup?

It was not so easy to deploy in our environment, the learning curve for this solution is quite hard.

What about the implementation team?

From my experience, it is impossible to implement this kind of solution in-house. You need a consultant or a trained person who can do this job.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Chief Operating Officer at a tech services company with 51-200 employees
Consultant
If a machine becomes infected by a user accessing the web, it has the ability to immediately quarantine that machine, isolating it from the network.

What is most valuable?

  • Alerting as to non-compliant machines
  • Ability to quarantine infected machines
  • Ability to determine if patches are not up to date

How has it helped my organization?

If a machine becomes infected by a user accessing the web, ForeScout has the ability to immediately quarantine that machine, isolating it from the network. Before this, someone would literally have to run down the hall and shut off a machine in the event of a breach and infection by malware.

What needs improvement?

It needs enhanced mobile support, but I have heard that this is coming.

For how long have I used the solution?

We've used it for six months.

What was my experience with deployment of the solution?

It took some time to get the policies set up and applied once ForeScout was physically in place. A dedicated resource and timely decisions from management can make this deployment faster. Make sure you account for anything and everything in your environment which has an IP address. We also had one device that was DOA but it was quickly replaced.

What do I think about the stability of the solution?

We have had no stability issues.

What do I think about the scalability of the solution?

Scalability was not a problem for this site as we have less than 1000 endpoints.

How are customer service and technical support?

Excellent. Our support engineer was extremely helpful and available.

Which solution did I use previously and why did I switch?

This was the first of its kind in the environment.

How was the initial setup?

With the assistance of the support engineer, it wasn't too bad. But it depends upon the state of your network. If everything is set up correctly, it will go much smoother. For example, having SNMPv3 activated everywhere is a requirement so that ForeScout can see everything.

What about the implementation team?

We used our in-house personnel with the support engineer guiding us along via WebEx.

What's my experience with pricing, setup cost, and licensing?

They are competitively priced for a medium-to-large sized organization.

Which other solutions did I evaluate?

This is not a very crowded segment for this kind of a product, and ForeScout is the best known of this small field.

What other advice do I have?

They also offer a monitoring service which is a good value if you do not have someone in house to monitor ForeScout on site. This can be full or part time. ForeScout is a powerful network access control tool that has some features found in insider threat solutions, though it is not exactly made for that.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user402891 - PeerSpot reviewer
Program Manager at a government with 10,001+ employees
Real User
It gives us a clear initial and secondary view of what's happening on our network to determine its health.

What is most valuable?

It gives us a clear initial and secondary view of what's happening on our network to determine its health. We can see what's coming in and going out and to be able to directly management that. If there's something that needs to be quarantined, it will alert us and mark it as a threat.

What needs improvement?

The reporting could be improved. Also, it needs more analytics to see what's going on as we like to do trends.

For how long have I used the solution?

We've been using for over seven years since the beginning of the SOC.

What was my experience with deployment of the solution?

We've had no issues with deployment.

What do I think about the stability of the solution?

It's been very stable. We've had no issues with stability.

What do I think about the scalability of the solution?

We probably have 172,000 users in our department, so I would say that it's scalable. It's in the SOC. We'll probably need to scale it further as we expand it to our 20 other departments.

How are customer service and technical support?

I've never had to use technical support.

Which solution did I use previously and why did I switch?

We also use FireEye, NetWitness, Blue Coat, and a few others I can't remember.

How was the initial setup?

I joined the department when it was all setup already.

What other advice do I have?

Go for it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user320970 - PeerSpot reviewer
VP, Infrastructure Management and Security Services at a energy/utilities company with 5,001-10,000 employees
Vendor
It provides us with visibility into what's connected to our network, such as contractors, mobile devices, and whether they're a part of our corporate asset list or not.

Valuable Features

It provides us with visibility into what's connected to our network, such as contractors, mobile devices, and whether they're a part of our corporate asset list or not.

Improvements to My Organization

We use it to prevent malicious activities on our network that potentially infiltrate it. We've been able to take out over twenty percent of our threats connected into our environment that we just never had a means to stop from connecting up to our network.

We've discovered regular assets. Let's say you had a mobile device, you walked into our network, and you said "hey, I need to connect up to the network. I'm a contractor here for you all and I'm going to add in one device". You immediately now have access into our environment.

Room for Improvement

It needs easier integration to other partners that automate functions within the security phase. There's no difference because you're not going to be able to fill the places fast enough for all these security people. So how do you get it to be able to manage more with less people by automating some of the functions? So when, for instance, NetScout discovers something and installs a ticketing system instead of sending an alert to a person, it automatically opens a ticket with the appropriate levels and automates that stuff.

Deployment Issues

We've had no issues with deployment.

Stability Issues

It has been stable. The benefit wasn't around stability, it was more around preventing instability. What we were fearful about is whether or not customers would get impacted by the restriction of them not being able to connect to the network.

For instance: you're an employee, your laptop was part of our asset, but your phone was not and your tablet was not. All of the sudden, now all three of those devices were all connected into environment. Well, I only want your laptop to be connected. Your mobile devices, I really don't care to because when you go, you surf wherever you want on your stuff. You could probably pull up malware and then plug it in as soon as you put in your credentials into our network. So we want to keep that one off and allow you to connect to the network but connect to the internet, but not to my infrastructure.

Scalability Issues

We haven't scaled it all the way up, but we started to pilot, grew it to a couple of floors, and then grew it to an entire building.

Customer Service and Technical Support

I've never had to use it.

Initial Setup

My understanding is that it was complex simply because my mandate is to zero-in back to the user.

Other Solutions Considered

We did look at multiple partners and we ended up with ForeScout.

Other Advice

Definitely use it. It's a good protection tool.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user400728 - PeerSpot reviewer
Network Administrator at a logistics company with 1,001-5,000 employees
Vendor
It prevents a computer that may have an exploit or is malicious in some way from getting an IP address and connecting to our network.

What is most valuable?

The most valuable feature is agent compliance. When somebody plugs in a device and the device powers up, CounterACT goes through to make sure that rules we have in place are accurate or in line with what we'd expect. Once that completes, the machine gets an IP address from DHCP.

We could go into some other forensics. What happened to a device, let's say, it gets a virus. Okay, let's do some forensic work on it. When did the PC boot up? When did CounterACT first see it? What time stamps? We're able to see things of this nature.

The other nice thing we can do quickly when we're just doing audits or inventory is to pull up a list of clients. How many machines are on this switch? How many are on that switch? Are there switchboards that have more than two MAC addresses? If we know that a switchboard has, say, six MAC addresses on it, then we know that they probably have a hub.

How has it helped my organization?

I think the most valuable piece is to make sure that devices that we don't want on our network aren't on it. That's the most important. Somebody walks into a will-call area or to an area that's, say, open to the public, and they plug in a computer, that computer may have an exploit or is malicious in some way. It won't get an IP address and won't be connected. That's the most important feature.

What needs improvement?

I would like to see some reporting features. Things like, if our tech support department comes to us and says, "Hey, how many Dell model 390 PCs do we have in the company?" They can just click on a report that would show client name, machine model, IP address, last user login, etc. I think that people would find that very useful.

I think off-the-bat, when somebody pulls up the CounterACT interface, there's a lot going one. It's easy, but I don't think it's easy for somebody who just walks in blind. If there was a reporting feature, or something more incorporating tech support people, that would make their life easier. It mitigate the requests that we get to give them that information.

What was my experience with deployment of the solution?

We've had no issues with deploying it.

What do I think about the stability of the solution?

Overall, I think it's pretty stable. We did have some problems with the wireless plan. The wireless plug-in, where a device that we asked to be blocked for whatever reason, is not blocked. For a couple of months, we had the wireless plug-in disabled because too many end-users were being blocked when they shouldn't have been.

From the wireless standpoint, I would say that the reliability was somewhat poor, but CounterACT worked with us over a couple month period and did push out a patch. Today, things are better.

What do I think about the scalability of the solution?

We have three thousand end-user clients. Those are the majority of the people whom we monitor with CounterACT and not so much core devices like servers, or mainframes, or things of that nature. If we have to roll out an update to a client or some of our mobile users, it does so pretty seamlessly.

How are customer service and technical support?

They were very receptive, wanted to know exactly what was going on, wanted examples, etc. They did what they needed to do. Through some dialogue over probably about six weeks, we ended up getting an updated wireless plug-in, which seemed to resolve the issue.

Which solution did I use previously and why did I switch?

We were not using a device previously. I think the goal was originally, how do we know what's on our network? CounterACT solved that problem by allowing us to create our own rules that we wanted. It starts from a very high level and you can drill down into devices. We can now categorize, say, things like IOT devices such as clocks that operate wirelessly, building automation. We can get into all these different categories and groups of things. Whereas, before we really didn't know it. If you plugged in a device, you were getting an address from DHCP. Now, you have to meet these requirements to get an address.

How was the initial setup?

It was pretty straightforward. I've been in a number of roll-outs and this one was pretty easy.

We have one CounterACT appliance that does our Chicago office. A second appliance, which does our other four branches who are a little bit smaller. We separated that work and then we also have somewhat of a redundancy. As far as the configuration and getting things up and running goes, it starts with a nice, very high-level baseline. Then you kind of incorporate the rules that you want to incorporate as you go along, which makes it nice.

Which other solutions did I evaluate?

I think we went right after CounterACT. We sampled around I think on the web and just looked for solutions. But, CounterACT really came out to be the one that was easy to use. The price was right. The customizability and how we had to incorporate CounterACT to talk to our Cisco switches was really straightforward. It was easy and it worked.

What other advice do I have?

Absolutely go for it. I would love to give them a demo of our own environment, talk to people at CounterACT and roll it out. If it's within their budget, whatever that may be, absolutely I would use it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user400743 - PeerSpot reviewer
Network Security Manager at a tech services company with 501-1,000 employees
Consultant
It provides endpoint visibility of our network and controls who can access network resources.

Valuable Features:

The network access control is a valuable feature for us. It provides endpoint visibility of our network and controls who can access network resources. That's really powerful.

Improvements to My Organization:

The problem with vendors like Cisco is that their solutions are limited their to own ecosystem, and in general they don't work well with other vendors. With virtual machines, it can actually collect data from a variety of different network solutions, such as Cisco, Bloomberg, etc. Any routing platform out there, you can import it today. It can basically integrate these products and you can use it for enforcement. You can use them to collect the data. 

The other one is obviously that CounterACT can provide you with virtual ability to control who gets access to the network. It can act as a super-based machine and provide a level of security. It is integrated more easily than other vendors.

Room for Improvement:

The integration with Sync can be improved. We would like to see better integration with some other popular vendors. 

Also, the reporting needs improvement, as well as integration with PAL services. It also needs more options for different sizes of customers. It does really work well in the big departments. For smaller organizations it might be a little overkill of a solution.

Deployment Issues:

We've had no issues with deployment.

Stability Issues:

We've had no issues with stability.

Scalability Issues:

We've had no issues with scalability.

Initial Setup:

It's a little bit too complex. A little bit of simplification when it comes to deployment might actually be better.

Other Advice:

I think it is a good product and definitely fills the gap. I don't think we have many competitors at this stage. The major competitor is Cisco, but the biggest advantage of CounterACT is vendor agnostic. It means that it can work with a variety of different products. That is the biggest advantage.

Disclosure: My company has a business relationship with this vendor other than being a customer: We're partners.
PeerSpot user
PeerSpot user
Pre-Sales Engineer at a tech services company with 51-200 employees
Consultant
For larger scale projects which includes multiple sites, CounterACT can be easily deployed in a centralized or decentralized manner. Its graphical user interface could use a revamp.

Valuable Features

CounterACT is a very flexible product in terms of deployment where the users will have a Layer 2 or Layer 3 deployment depending on their network infrastructure while maintaining the product's features regardless of which deployment. For larger scale projects which includes multiple sites, CounterACT can be easily deployed in a centralized or decentralized manner. Besides that, deploying CounterACT introduces almost little-to-no network infrastructure changes.

Integration with third-party products is also an important feature of CounterACT. While many of their competitors' products can only be integrated within their own portfolio, CounterACT manages to integrate with today's top security products to cover the security gaps that many solutions may introduce. CounterACT also provides a ControlFabric platform which may allow the users to integrate all of their security and network solutions into CounterACT.

Improvements to My Organization

As a distributor's engineer working on CounterACT, there are a few vast changes that I have seen after deploying CounterACT for our customers. A few of our customers reportedly had an easier time with their auditors on endpoint compliance, where they would only need to generate and turn in CounterACT's report. This saves both the customer's and the auditor's time.

Another improvement that we can see is automated security, where the customers would not need to manually turn on and off the switch ports for their guests. CounterACT automatically recognizes these guest and provides a self-registration feature to their guest while still maintaining the customer's network security posture.

Room for Improvement

There are few areas which will need vast improvements. The CounterACT graphical user interface could use a revamp as it may not look appealing enough to the end users.

Another area which the CounterACT should improve is their ability to deliver a more precise error messages to their users. At times, the error messages are not clear enough and are too technical to understand. Some of their error messages are not generic, as they are only understandable by the ForeScout engineers.

Use of Solution

I've used it for three years.

Deployment Issues

There were no issues with deployment.

Stability Issues

There are few issues with CounterACT that need more attention, mainly it's ability to process and perform discovery faster. At times, CounterACT takes too long to determine the endpoints, which may cause delays to the end users.

CounterACT could also use a more stable management console interface. This is because there will be times where CounterACT takes too long to login to its management console.

Another issue with CounterACT is that it does not provide very meaningful error messages when some error occurs. The error messages are hidden and it does not show unless the users click on a specific button or mouse over to the problematic elements.

Scalability Issues

There have been no issues scaling it.

Customer Service and Technical Support

Customer Service:

The Customer Service is very responsive and helpful. They managed to resolve most of our issues with the products without much hassle.

Technical Support:

The Technical Support is very responsive and helpful. They managed to resolve most of our issues with the products without much hassle.

Initial Setup

Initial setup is very straightforward because there are only a few network configurations needed to be done. It does not require any downtime and could be deployed at any time during production hour. There are a few endpoint configurations that need to be done, which users can do so through their Microsoft ActiveDirectory or desktop management tools or software.

Implementation Team

We implemented the solutions with our S.I. To ensure a smooth implementation, it is crucial to have all the endpoints and network requirements ready and configured before CounterACT is installed. It is recommended to start with the default policies and work on these policies to meet customers' requirements.

ROI

As we are an implementer, we do have an ROI for all our products.

Pricing, Setup Cost and Licensing

For pricing and licensing, CounterACT is not an overly expensive product. They can fit most of our customers' budgets.

Other Solutions Considered

We managed to evaluate Cisco ISE. Cisco ISE is a complex solutions to deploy where it only supports users who use Cisco switches.

ForeScout CounterACT is a much more appealing product because of the market here in Malaysia, where the users uses multiple brands of switches with complex network infrastructure. CounterACT could easily adapt to these environments without any changes made to the customer's network infrastructure.

Other Advice

ForeScout CounterACT is like a Pandora's box, which contains a lot of functionalities that can be used to improve the customer's daily operation tasks and reduces manual workforce. It is recommended that the implementer understand what CounterACT can be used to do as different customers' business functions could use different functions of CounterACT.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user102570 - PeerSpot reviewer
it_user102570Pre-Sales Engineer at a tech services company with 51-200 employees
Consultant

Hi Michael, I think there was a typo on the report. I was using version 7.

See all 2 comments
it_user381450 - PeerSpot reviewer
Information Security Architect at a financial services firm with 1,001-5,000 employees
Vendor
The most valuable features for us include antivirus compliance monitoring and guest management.

Valuable Features

  • Guest management
  • Antivirus compliance monitoring
  • USB connection management

Improvements to My Organization

The bank has been able to manage host connection on the network, manage antivirus, and restrict the use of USB on the bank’s systems.

Room for Improvement

The patch management ability of the solution needs to be re-examined.

Use of Solution

We've used it for five years.

Deployment Issues

There have been no issues with the deployment.

Stability Issues

There have been no issues with the stability.

Scalability Issues

There have been no issues with scaling it.

Customer Service and Technical Support

Customer Service:

Customer service is above average.

Technical Support:

Technical support is above average.

Initial Setup

It's straightforward to set up.

Implementation Team

We used a vendor team alongside an in-house one.

ROI

The ROI is commensurate with the price.

Pricing, Setup Cost and Licensing

The product is expensive.

Other Advice

To get the best out of the solution, the organization’s networks team must be willing to take ownership and provide assistance where required. Use tools like Gigamon during deployment and avoid spanning directly from Cisco switches.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Security Engineer with 51-200 employees
Vendor
The NAC engine is flexible since it doesn’t need the use of 802.1x. We use the solution to test or troubleshoot customer configurations.

Valuable Features:

The main feature, the NAC engine, is very flexible since ForeScout CounterACT doesn’t need the use of 802.1x and can work with almost all switch vendors.

Improvements to My Organization:

Since my company is a systems integrator, we have ForeScout CounterACT in our lab just to test or troubleshoot customer configurations.

Room for Improvement:

There isn’t a specific area to improve. It’s a good product from my point of view. Maybe the licensing and cost can be improved.

Deployment Issues:

No issues with deployment.

Stability Issues:

Haven't had issues with stability.

Scalability Issues:

Haven't had to scale it.

Other Advice:

Maybe test the configuration very well before enabling actions (like VLAN moving, Captive Portal), because they can cause many problems in production environments if there are configuration mistakes.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user347157 - PeerSpot reviewer
Security Analyst at a retailer with 1,001-5,000 employees
Vendor
We're able to defend against unauthorized access to the network, thus distinguishing between corporate users and guests. But, detection and control of dual-homed devices needs improvement.

What is most valuable?

This product provided a really good effect in terms of network access control. With the ForeScout NAC, distinguishing guests and corporate staff was easier.

This was very easy to achieve since the product integrates really well with Active Directory and the NMAP feature discovers all endpoints within the network.

How has it helped my organization?

With the use of the NAC solution from ForeScout, the company was able to defend against unauthorized access to the network, thereby thoroughly distinguishing who is a Corporate user and who is a Guest. Process for Guest Registration (if implemented properly) was also easy.

What needs improvement?

Detection and control of Dual-Homed devices needs to be improved, as the product sometimes gives false positives. Also, more custom policies should be made available.

For how long have I used the solution?

I used this solution for 14 months.

What was my experience with deployment of the solution?

There were issues of false positives whenever a new hotfix was installed even with the GA release. There was actually an issue where an upgrade to a new version of the hotfix plugin increased the CPU optimization and network bandwidth usage.

What do I think about the scalability of the solution?

ForeScout is scalable since a management device is available to manage other CT boxes.

How are customer service and technical support?

Technical support from ForeScout is pretty good, with escalations made promptly when needed.

Which solution did I use previously and why did I switch?

No previous solution.

How was the initial setup?

The initial setup was straightforward, as the steps were simple to understand. It only got complex when creating policies that are not simple.

What about the implementation team?

I worked for a vendor team, and for any client ready to implement this product, I would recommend that the necessary requirements for deployment should be done before the team arrives to start implementation. This makes deployment less stressful.

Which other solutions did I evaluate?

No other options were evaluated.

What other advice do I have?

If you are looking for a NAC solution which works without the use of agents, I would say ForeScout is the one to go for.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user342609 - PeerSpot reviewer
Network and Security Engineer at a financial services firm with 1,001-5,000 employees
Vendor
It provides us with real-time visibility and control of devices accessing our network, although false positives should be reduced.

Valuable Features

  • Rogue detection and blocking
  • Guest registration
  • Full visibility of network hosts
  • Threat protection

Improvements to My Organization

We are provided with real-time visibility and control of devices accessing our network.

Room for Improvement

  • Reduce false positives
  • Reduce bugs
  • Improve on host classification
  • Increase the Nigerian partner base

Use of Solution

We've been using it for over two years.

Deployment Issues

No major issues.

Stability Issues

No major issues.

Scalability Issues

No major issues.

Customer Service and Technical Support

It's good, but certainly it needs improvement especially on the side of the partners.

Initial Setup

Initial setup was straightforward. All it required was to integrate traffic sniffing/monitoring and management ports into our core switch, and instruct the core switch to mirror every traffic to the device through the sniffing port. The rest was simply to define all our network segments on the device and integrate all access switches via SNMP.

Implementation Team

We implemented it through ForeScout's only Nigerian partner, and this is what I would advise everyone interested in the solution to do.

Pricing, Setup Cost and Licensing

It is quite expensive, but there are specs for small companies as well.

Other Solutions Considered

Cisco ISE was also evaluated, but the CT10000 was easier to implement and integrate into our environment.

Other Advice

You can go ahead, but you will need good network skills to get the maximum benefits from it.

I would also advise that you don't activate all the add-on features, but use it solely for its primary function - visibility and rogue detection/blocking.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user371547 - PeerSpot reviewer
it_user371547CEO at a consultancy with 51-200 employees
Consultant

Thanks :).. your points are well noted and taken.. i know who you are but i wanna keep it anonymous and i wish you the best in your new place..

PeerSpot user
Network Access Control Security at a government with 10,001+ employees
Real User
Make sure to plan for all endpoints. If you want full coverage of your networks, account for anything that has an IP

What is most valuable?

Endpoint visibility, policy flexibility, compatibility and integration with other products.

How has it helped my organization?

Automation! One broad example is that we can now stop network threats right away and without intervention.

What needs improvement?

Forescout is constantly adding new features, so this may change as of this writing, but sometimes the switch management interface doesn't display accurate information which relates to false positives on individual switch access errors.

For how long have I used the solution?

1 year

What was my experience with deployment of the solution?

None that were Forescout related. CounterACT always opens a bunch of little IP sessions with endpoints, ake sure you have a large enough connection table on your firewall if you plan to put it behind one.

What do I think about the stability of the solution?

Minor. Had to reinstall one virtual appliance, which is painless when you have an Enterprise Manager.

What do I think about the scalability of the solution?

No, this is one of the products strengths.

How are customer service and technical support?

Customer Service:

10 out of 10. Very responsive and address concerns quickly.

Technical Support:

9 out of 10. Really fast response, high level of competency.

Which solution did I use previously and why did I switch?

I switched from Cisco NAC because it is reliant on 802.1X, and has no other function than to ensure endpoints have authenticated via your method of choice.

How was the initial setup?

Straightforward. Setup is simple with a solid, pre-defined set of policies that you build on and customize as you learn.

What about the implementation team?

In house.

What was our ROI?

Without access specific numbers, we now have the ability to instantly shut down internal malicious hosts or traffic, refuse or restrict access to non-compliant hosts, discover risks on the network we didn't know were there, and automate the remediation of a multitude of security risks. As I work for an organization that spends a lot on security administration, at a minimum, the cost savings must have already paid for the product.

Which other solutions did I evaluate?

Palo Alto

What other advice do I have?

Make sure to plan for all endpoints. If you want full coverage of your networks, account for anything that has an IP address. For example, a busy core switch can have 20+ IP addresses, and each one goes against your license count. Also, if you plan to have it behind a firewall, take into consideration your firewall's connection limitations. Although CounterACT isn't really a heavy bandwidth user, it does open a ton of short connections on a constant basis. The more you tune these down, the less accurate your real time host information becomes.

Disclosure: My company has a business relationship with this vendor other than being a customer: I currently work as a Solution Architect for ForeScout, but I wrote this review when I was a customer.
PeerSpot user
it_user203397 - PeerSpot reviewer
it_user203397Technical Support Manager at a financial services firm
Vendor

Technology improved network security via access layer L2.

Buyer's Guide
Download our free Forescout Platform Report and get advice and tips from experienced pros sharing their opinions.
Updated: August 2022
Buyer's Guide
Download our free Forescout Platform Report and get advice and tips from experienced pros sharing their opinions.