We performed a comparison between Cisco ISE and Forescout Platform based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco is a worldwide, well-known, trusted, and respected branded product, and despite its known complexities, Cisco ISE pushes just ahead of Forescout Platform. Forescout Platform has just a few buggy issues and is lacking in some reporting structure, which makes Cisco ISE an easier choice.
"The core point is that Cisco ISE is the same globally compared to FortiAuthenticator. Whether I deploy in China, the US, South Africa, or wherever, I'm can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability."
"Assisting a larger number of users in gaining access and guiding them through the process of getting on Cisco ISE has been seamless."
"Being able to authenticate wired users through 802.1X is valuable as it enhances our security."
"For device administration, all devices have multifactor authentication in collaboration with IT, so it secures access to all of our devices. For guest and wireless access, it's a matter of a lowly manager who we give access to the portal and he can assign access to the guests, so it's a very simple process now. It keeps the IT focusing on their work, and gives the business people the right access."
"The interconnection with the ecosystem and the ability to force rules all over the network are the most important features."
"It's easy to change and add policies."
"The live logs and live sessions for troubleshooting are the most valuable features because they provide a detailed report of any issues."
"They provide you multiple ways to achieve security, not only on-prem, but also when you have remote and guest workers. Especially post-pandemic, a lot of our customers have remote workers. So, it has been really helpful."
"The most valuable feature of Forescout Platform is that it has everything that Aruba has at significantly less cost."
"Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in."
"Forescout is easy to integrate with a lot of end systems."
"We really like that we get full visibility of devices in the local network."
"The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done."
"The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."
"Vulnerability remediation is valuable. We can narrow down a system and its properties. We can go granular on the properties of each endpoint, such as which operating system you're using."
"Provides a good overview of all devices on a network."
"This product doesn't work in isolation."
"The initial setup was a little bit complex. It's not that simple because it requires a lot of prerequisites for the solution to get a hold on."
"Some of the reporting could be improved."
"Cisco ISE requires a lot of time-consuming administration."
"A main issue is that the upgrade process, over time, is extraordinarily fragile. Repeatedly, over the past several years, when we've tried to upgrade our Cisco ISE implementation, the upgrade has broken it. Ultimately, we have then had to rebuild it because we need it."
"Migration could be better. Right now, we back up with the new version, and it requires a lot of licensing and other things. Whenever we choose a product, it's very difficult because we have to meet the requirements of each feature. There is no standard feature, so the best system that we bought may not fit the solution. We have to look at every feature that the customer uses. If you compare it with other products like Aruba, it's not the same. With Cisco, I have to read all about the features on this version and the licensing required for the product. In Aruba, that thing is covered when you get one license because it covers almost everything. It could also be more scalable."
"The policies could be adjusted to make them more easily implementable."
"There is room for improvement in CLI. Most things are done through the GUI, and there aren't many commands or troubleshooting options available compared to other Cisco products like switches and routers."
"When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies."
"The system controls could be better."
"Other solutions have TACACS+, but Forescout does not. In the next release, I would like to see Forescout have accounting."
"It does not support the TACACS+ protocol."
"The reporting feature needs improvement."
"As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service."
"Forescout Platform needs to improve how the device works in preventing rogue servers."
"Forescout needs to improve its cloud management and remote connectivity."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 135 reviews while Forescout Platform is ranked 4th in Network Access Control (NAC) with 69 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Forescout Platform is rated 8.4. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, CyberArk Privileged Access Manager, Fortinet FortiAuthenticator and Microsoft Enterprise Mobility + Security, whereas Forescout Platform is most compared with Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks, Armis and Tenable Security Center. See our Cisco ISE (Identity Services Engine) vs. Forescout Platform report.
See our list of best Network Access Control (NAC) vendors.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.