ForeScout CounterACT Review

If a machine becomes infected by a user accessing the web, it has the ability to immediately quarantine that machine, isolating it from the network.


What is most valuable?

  • Alerting as to non-compliant machines
  • Ability to quarantine infected machines
  • Ability to determine if patches are not up to date

How has it helped my organization?

If a machine becomes infected by a user accessing the web, ForeScout has the ability to immediately quarantine that machine, isolating it from the network. Before this, someone would literally have to run down the hall and shut off a machine in the event of a breach and infection by malware.

What needs improvement?

It needs enhanced mobile support, but I have heard that this is coming.

For how long have I used the solution?

We've used it for six months.

What was my experience with deployment of the solution?

It took some time to get the policies set up and applied once ForeScout was physically in place. A dedicated resource and timely decisions from management can make this deployment faster. Make sure you account for anything and everything in your environment which has an IP address. We also had one device that was DOA but it was quickly replaced.

What do I think about the stability of the solution?

We have had no stability issues.

What do I think about the scalability of the solution?

Scalability was not a problem for this site as we have less than 1000 endpoints.

How are customer service and technical support?

Excellent. Our support engineer was extremely helpful and available.

Which solution did I use previously and why did I switch?

This was the first of its kind in the environment.

How was the initial setup?

With the assistance of the support engineer, it wasn't too bad. But it depends upon the state of your network. If everything is set up correctly, it will go much smoother. For example, having SNMPv3 activated everywhere is a requirement so that ForeScout can see everything.

What about the implementation team?

We used our in-house personnel with the support engineer guiding us along via WebEx.

What's my experience with pricing, setup cost, and licensing?

They are competitively priced for a medium-to-large sized organization.

Which other solutions did I evaluate?

This is not a very crowded segment for this kind of a product, and ForeScout is the best known of this small field.

What other advice do I have?

They also offer a monitoring service which is a good value if you do not have someone in house to monitor ForeScout on site. This can be full or part time. ForeScout is a powerful network access control tool that has some features found in insider threat solutions, though it is not exactly made for that.


Disclosure: I am a real user, and this review is based on my own experience and opinions.

1 visitor found this review helpful
Add a Comment
Guest