Forescout Platform Review

• Alerting as to non-compliant machines
• Ability to quarantine infected machines
• Ability to determine if patches are not up to date

If a machine becomes infected by a user accessing the web, ForeScout has the ability to immediately quarantine that machine, isolating it from the network. Before this, someone would literally have to run down the hall and shut off a machine in the event of a breach and infection by malware.

It needs enhanced mobile support, but I have heard that this is coming.

We've used it for six months.

It took some time to get the policies set up and applied once ForeScout was physically in place. A dedicated resource and timely decisions from management can make this deployment faster. Make sure you account for anything and everything in your environment which has an IP address. We also had one device that was DOA but it was quickly replaced.

We have had no stability issues.

Scalability was not a problem for this site as we have less than 1000 endpoints.

Excellent. Our support engineer was extremely helpful and available.

This was the first of its kind in the environment.

With the assistance of the support engineer, it wasn't too bad. But it depends upon the state of your network. If everything is set up correctly, it will go much smoother. For example, having SNMPv3 activated everywhere is a requirement so that ForeScout can see everything.

We used our in-house personnel with the support engineer guiding us along via WebEx.

They are competitively priced for a medium-to-large sized organization.

This is not a very crowded segment for this kind of a product, and ForeScout is the best known of this small field.

They also offer a monitoring service which is a good value if you do not have someone in house to monitor ForeScout on site. This can be full or part time. ForeScout is a powerful network access control tool that has some features found in insider threat solutions, though it is not exactly made for that.