Forescout Platform Review

Make sure to plan for all endpoints. If you want full coverage of your networks, account for anything that has an IP


What is most valuable?

Endpoint visibility, policy flexibility, compatibility and integration with other products.

How has it helped my organization?

Automation! One broad example is that we can now stop network threats right away and without intervention.

What needs improvement?

Forescout is constantly adding new features, so this may change as of this writing, but sometimes the switch management interface doesn't display accurate information which relates to false positives on individual switch access errors.

For how long have I used the solution?

1 year

What was my experience with deployment of the solution?

None that were Forescout related. CounterACT always opens a bunch of little IP sessions with endpoints, ake sure you have a large enough connection table on your firewall if you plan to put it behind one.

What do I think about the stability of the solution?

Minor. Had to reinstall one virtual appliance, which is painless when you have an Enterprise Manager.

What do I think about the scalability of the solution?

No, this is one of the products strengths.

How are customer service and technical support?

Customer Service:

10 out of 10. Very responsive and address concerns quickly.

Technical Support:

9 out of 10. Really fast response, high level of competency.

Which solution did I use previously and why did I switch?

I switched from Cisco NAC because it is reliant on 802.1X, and has no other function than to ensure endpoints have authenticated via your method of choice.

How was the initial setup?

Straightforward. Setup is simple with a solid, pre-defined set of policies that you build on and customize as you learn.

What about the implementation team?

In house.

What was our ROI?

Without access specific numbers, we now have the ability to instantly shut down internal malicious hosts or traffic, refuse or restrict access to non-compliant hosts, discover risks on the network we didn't know were there, and automate the remediation of a multitude of security risks. As I work for an organization that spends a lot on security administration, at a minimum, the cost savings must have already paid for the product.

Which other solutions did I evaluate?

Palo Alto

What other advice do I have?

Make sure to plan for all endpoints. If you want full coverage of your networks, account for anything that has an IP address. For example, a busy core switch can have 20+ IP addresses, and each one goes against your license count. Also, if you plan to have it behind a firewall, take into consideration your firewall's connection limitations. Although CounterACT isn't really a heavy bandwidth user, it does open a ton of short connections on a constant basis. The more you tune these down, the less accurate your real time host information becomes.

**Disclosure: My company has a business relationship with this vendor other than being a customer: I currently work as a Solution Architect for ForeScout, but I wrote this review when I was a customer.
More Forescout Platform reviews from users
Add a Comment
Guest
1 Comment

author avatarTechnical Support Manager at a financial services firm
Vendor

Technology improved network security via access layer L2.