ForeScout CounterACT Review

If a machine becomes infected by a user accessing the web, it has the ability to immediately quarantine that machine, isolating it from the network.


Valuable Features

  • Alerting as to non-compliant machines
  • Ability to quarantine infected machines
  • Ability to determine if patches are not up to date

Improvements to My Organization

If a machine becomes infected by a user accessing the web, ForeScout has the ability to immediately quarantine that machine, isolating it from the network. Before this, someone would literally have to run down the hall and shut off a machine in the event of a breach and infection by malware.

Room for Improvement

It needs enhanced mobile support, but I have heard that this is coming.

Use of Solution

We've used it for six months.

Deployment Issues

It took some time to get the policies set up and applied once ForeScout was physically in place. A dedicated resource and timely decisions from management can make this deployment faster. Make sure you account for anything and everything in your environment which has an IP address. We also had one device that was DOA but it was quickly replaced.

Stability Issues

We have had no stability issues.

Scalability Issues

Scalability was not a problem for this site as we have less than 1000 endpoints.

Customer Service and Technical Support

Excellent. Our support engineer was extremely helpful and available.

Previous Solutions

This was the first of its kind in the environment.

Initial Setup

With the assistance of the support engineer, it wasn't too bad. But it depends upon the state of your network. If everything is set up correctly, it will go much smoother. For example, having SNMPv3 activated everywhere is a requirement so that ForeScout can see everything.

Implementation Team

We used our in-house personnel with the support engineer guiding us along via WebEx.

Pricing, Setup Cost and Licensing

They are competitively priced for a medium-to-large sized organization.

Other Solutions Considered

This is not a very crowded segment for this kind of a product, and ForeScout is the best known of this small field.

Other Advice

They also offer a monitoring service which is a good value if you do not have someone in house to monitor ForeScout on site. This can be full or part time. ForeScout is a powerful network access control tool that has some features found in insider threat solutions, though it is not exactly made for that.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
Add a Comment
Guest

Sign Up with Email