Forescout Platform vs Microsoft Intune comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Forescout Platform and Microsoft Intune based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, HPE Aruba Networking, Forescout and others in Network Access Control (NAC).
To learn more, read our detailed Network Access Control (NAC) Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We think it's simple. We think it's very useful and we really like reports and everything.""Forescout Platform's best feature is plug-in integration.""Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy.""The threat prevention feature provides complete visibility.""The user interface is quite simple.""The user management has been very easy for the most part.""Forescout is easy to integrate with a lot of end systems.""The best parts of Forescout Platform are its orchestration features, discovery capabilities, classification buckets, and flexibility in creating policies."

More Forescout Platform Pros →

"There has been a noticeable increase in productivity for both my organization and clients.""One of the main features of the solution is it allows the management of many devices in different ways.""It has helped with compliance. It has helped to ensure that devices comply with the organization's policy. If they are not compliant and secure, they cannot access the resources.""It supports end-users who tend to lock their devices quite frequently. Its conditional access policy helps us keep the users logged into their devices.""At the moment, Autopilot is the most valuable feature.""We are a remote company, and the product helps us manage the global endpoints. It helps us natively manage the endpoints in the cloud from anywhere.""The one feature we find most useful is the Mobile Application Manager. There are two types, we have the complete MDM and the Mobile Application Manager(MAM). We don't give our users phones, it is their own personal phone, and we need to allow them to have access to the company detail on their phone. We need to create a balance between their own personal data and the company data. We deploy the Mobile Application Manager for them so that we won't be able to interfere with their own personal data.""Intune device restriction policies enable me to enforce limitations on the device, like blocking the mobile camera or restricting the employees from using and inserting USB devices, including thumb drives and flash drives."

More Microsoft Intune Pros →

Cons
"If older network devices are used there can be some compatibility issues while using the Forescout Platform. Additionally, if the switches that are deployed in your infrastructure are not captured properly to the endpoints there might be some difficulties with Forescout Platform trying to monitor the network traffic. Traffic management is an area the vendor should work on.""The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup.""As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service.""They need to handle their Tier 1 cases differently. The biggest negative regarding Forescout is their support. Not having the ability to get instantly transferred to a support engineer for Tier 1 cases is pretty ridiculous.""The solution needs more definitive pricing. The costs are hard to nail down.""Logging would be one area for improvement. When we're troubleshooting, there are not a lot of clear things on Google that we can look up for ourselves. When we have an issue with it, we have to call the company to get the vendors involved. The logging of Forescout is horrible compared to other things that we've used.""When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies.""More detailed analysis during the authentication process, especially for troubleshooting access issues. We have found that troubleshooting RADIUS controls is quite arduous, as it is today. A trace function could easily resolve this by providing a means by which access issues from a certificate to passwords or accounts could easily be identified and remediated."

More Forescout Platform Cons →

"Once it's configured it is unobtrusive, but it does take some hands-on to configure and deploy it properly.""The installation is very easy. However, to be able to configure it you will need special knowledge, such as training or self-studies to have a proper level of security. There are many settings one has to understand before being able to implement Microsoft Intune.""The most important thing is reporting. They should improve their reporting. They should give a free hand to users. In SCCM, I can create my own reports. For example, in SCCM, I can create an inventory report for my PC or for all PCs, but in Intune, we don't have an option to create any report. Microsoft claims that Intune is a successor of SCCM, but SCCM is more powerful than Intune. So, they should develop Intune more and make it equivalent to SCCM. Then, their product will be great in the market.""There are a lot of small use cases where we realized that some technical solution was missing in Microsoft in comparison to other products. For example, it lacks something similar to sensing or location-based rules and configurations.""The difficulty of the the roll out is surprisingly difficult considering this product is supposed to be an integrated part of the 365 suite.""One big problem with Microsoft is that they're changing the names of the products quite often, or they're quite consistently doing so. Intune is now Endpoint administration. Constantly switching the user interface or the administrative interface makes it quite hard to keep pace. If you are on a two-week holiday and you come back and look at the same screen you have looked at for the last couple of months, it looks different, which is annoying. Changing things around all the time doesn't make it easy.""I would like to see micro VPN. I like the way that some of the other providers have done something similar where, as you open that app on an end-point device, it creates a micro VPN straight into your device, which is quite a nice little feature. Also, Microsoft Intune relies heavily on its fellow products in the suite. It would be nice if Microsoft Intune could stand on its own two feet.""The solution could be improved by the opportunity to connect third-party application databases, such as Chocolatey or another setup store, to Intune."

More Microsoft Intune Cons →

Pricing and Cost Advice
  • "Devices with multiple IP's count multiple times against your license count."
  • "The fact that we were allowed to spin up as many servers as we had need of to support our geographic requirements while paying for licensing as an enterprise truly set Forescout apart from the crowd and improved the way we could design our access."
  • "We went with the virtual appliance option. The biggest cost to running these types of appliances would be to either have multiple virtual appliances at every data center or running Remote SPAN hardware to provide you the real-time network visibility."
  • "The ROI is priceless."
  • "It might not be the cheapest solution, but you get what you pay for."
  • "Time savings in finding rogue devices as well as identifying potentially unwanted devices on the network has saved the organization time and money."
  • "The setup cost, pricing, and licensing are on the high side."
  • "Forescout Platform is too expensive, so the price should be reduced."
  • More Forescout Platform Pricing and Cost Advice →

  • "Consider the Microsoft Enterprise Mobility Suite rather than choosing specific sub-components, e.g. only Microsoft Intune."
  • "There is a cost benefit of using Microsoft Intune because of the packaging with other Microsoft products."
  • "Microsoft Intune is a cost effective choice. It is less expensive than other products on the market."
  • "The purchase of the product was handled by someone else."
  • "I have no comment on pricing of the solution."
  • "The product is offered as part of a Microsoft standard bundle. The pricing can be competitive to Airwatch, and Maas360."
  • "For Microsoft 365 E5 clients, cost is not an issue as this product is one of the benefits."
  • "The price of Intune is included with the license for Office 365, so we don't have to pay anything extra for it."
  • More Microsoft Intune Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Forescout is a very powerful NAC product that does not rely on port level configuration. It can detect and block unauthorized devices very quickly. But it has a lot of capabilities and really would… more »
    Top Answer:I would rate the Forescout Device and Visibility Control Platform at a six out of ten.
    Top Answer:I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place. That's the main recommendation is to do a proof of concept. If they do, they will… more »
    Top Answer:Microsoft Intune is a great tool for managing a mobile device fleet while keeping access control. The solution makes it easy to control security and manage the usage of mobile apps when you have a… more »
    Top Answer:Microsoft Intune is a great configuration management tool and has a lot of good things going for it. Here are some of the things I like about it Pros: Protected productivity: Intune gives you the… more »
    Top Answer: Microsoft Intune offers not only an easy-to-deploy data protection and productivity management solution, but also access to both Microsoft’s user community as well as around-the-clock customer… more »
    Ranking
    Views
    11,170
    Comparisons
    6,576
    Reviews
    22
    Average Words per Review
    449
    Rating
    8.3
    Views
    27,467
    Comparisons
    18,765
    Reviews
    65
    Average Words per Review
    720
    Rating
    8.4
    Comparisons
    Also Known As
    Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT
    Intune, MS Intune, Microsoft Endpoint Manager
    Learn More
    Overview

    Forescout Platform provides today’s busy enterprise organizations with policy and protocol management, workflow coordination, streamlining, and complete device and infrastructure visibility to improve overall network security. The solution also provides concise real-time intelligence of all devices and users on the network. Policy and protocols are delineated using gathered intelligence to facilitate the appropriate levels of remediation, compliance, network access, and all service operations. Forescout Platform is very flexible, integrates well with most of today’s leading network security products, and is a very cost-effective solution.

    Forescout Platform Features

    • Real-time complete visibility: With Forescout eyeSight, each and every device is classified when any attempt to access your network has been made. This includes - but is not limited to - desktops, laptops, android devices, virtual machines, switches, VoIP phones, USB memory sticks, webcams, IoT devices, and more.

    • Policy-based and manual controls: In today’s busy robust environment, networks are continually changing; there are different types and amounts of devices connected, various software applications, network compliance requirements, and the constant potential for risk make managing an IT network a very daunting challenge. The Forescout Console is used to simplify the administration and management of important alerts, remediation, and access controls to keep the network secure.

    • Intuitive real-time dashboards: Forescout Dashboards, a component of Forescout WebClient, is a comprehensive web-based intelligence center that gives full visibility and real-time insight of the complete network using both out-of-the-box and user-created widgets. The dashboards are very intuitive and deliver robust, easy-to-understand information about device visibility, compliance, health monitoring, and more.

    • Advanced reporting capabilities: The Forescout Reports Plugin will generate numerous valuable reports indicating real-time and overall status information about endpoint compliance, device details, networks guests, protocols, and more. The reports help to ensure IT administrators, executives, security teams, and other important shareholders stay well-informed about all network activity at all times.

    • Comprehensive third-party overview: Forescout eyeExtend facilitates seamless information sharing with third-party vendors, networks, and IT management solutions supporting improved automated workflows, productivity, cost-effectiveness, and overall security.

    Real User Reviews

    An important main feature of Forescout is the visibility the solution offers.

    One reviewer who is a Consultant at a tech services company, says, "Within three or four days, you can have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."

    Users also appreciate that the user interface is clear and easy to understand.

    An Instructor at a tech services company, shares, "The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."

    Microsoft Intune is a comprehensive cloud-based service that allows you to remotely manage mobile devices and mobile applications without worrying about the security of your organization’s data. Device and app management can be used on company-owned devices as well as personal devices.

    In an increasingly mobile workforce, Microsoft Intune keeps your sensitive data safe while on the move. Microsoft Intune makes it possible for your team members to work anywhere using their mobile devices. Microsoft Intune provides both the flexibility and the control needed for securing all your data on the cloud, no matter where the device with the data is located.

    Microsoft Intune Device Management Key Features

    With Microsoft Intune Device Management you can:

    • Ensure devices and apps are compliant with your security requirements.
    • Rapidly deploy and authenticate apps on all company devices.
    • Remotely access devices to troubleshoot issues or to remove data from them.
    • Generate reports for all devices in the system.
    • Monitor the way users access and share information to protect company information.
    • Set rules and configure settings on personal and organization-owned devices to access data and networks.
    • Create user groups and device groups, allowing you to rapidly access many users and devices simultaneously.

    Mobile Application Management

    Mobile application management in Intune is designed to protect your organization’s data at the application level.

    With Microsoft Intune Application Management you can:

    • Configure apps to run with specific settings enabled.
    • Update existing apps that are already on the device.
    • See reports on which apps are used and monitor their usage.
    • Selectively wipe organization data from apps.
    • Add mobile apps to user groups and devices.

    As part of Microsoft's Enterprise Mobility + Security (EMS) suite, Intune integrates with Microsoft Entra ID for access control and with Azure Information Protection for data protection. It also integrates with Microsoft 365 Applications.

    Reviews from Real Users

    Microsoft Intune stands out among its competitors for a number of reasons. Two major ones are its ability to secure all devices under its management and the flexibility that the solution offers its users.

    A computing services manager notes, "Its security is most valuable. It gives us a way to secure devices, not only those that are steady. We do have a few tablets and other devices, and it is a way for us to secure these devices and manage them. We know they're out there and what's their status. We can manage their life cycle and verify that they're updated properly."

    The head of IT engineering at a financial services company writes, "The one feature we find most useful is the Mobile Application Manager. There are two types: we have the complete MDM and the Mobile Application Manager (MAM). We don't give our users phones, it is their own personal phone, and we need to allow them to have access to the company details on their phone. We need to create a balance between their own personal data and the company data. We deploy the Mobile Application Manager for them so that we won't be able to interfere with their own personal data."

    Sample Customers
    NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust
    Mitchells and Buzzers, Callaway
    Top Industries
    REVIEWERS
    Financial Services Firm17%
    Government10%
    Manufacturing Company10%
    Computer Software Company10%
    VISITORS READING REVIEWS
    Educational Organization29%
    Computer Software Company11%
    Government8%
    Financial Services Firm7%
    REVIEWERS
    Financial Services Firm19%
    Computer Software Company18%
    Comms Service Provider10%
    Energy/Utilities Company6%
    VISITORS READING REVIEWS
    Educational Organization23%
    Computer Software Company13%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise11%
    Large Enterprise51%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise36%
    Large Enterprise50%
    REVIEWERS
    Small Business36%
    Midsize Enterprise14%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise33%
    Large Enterprise47%
    Buyer's Guide
    Network Access Control (NAC)
    March 2024
    Find out what your peers are saying about Cisco, HPE Aruba Networking, Forescout and others in Network Access Control (NAC). Updated: March 2024.
    765,234 professionals have used our research since 2012.

    Forescout Platform is ranked 3rd in Network Access Control (NAC) with 68 reviews while Microsoft Intune is ranked 1st in UEM (Unified Endpoint Management) with 156 reviews. Forescout Platform is rated 8.4, while Microsoft Intune is rated 8.0. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Illumio, whereas Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, SOTI MobiControl and Microsoft Entra ID.

    We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.