We performed a comparison between Cisco ISE and Forescout Platform based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco is a worldwide, well-known, trusted, and respected branded product, and despite its known complexities, Cisco ISE pushes just ahead of Forescout Platform. Forescout Platform has just a few buggy issues and is lacking in some reporting structure, which makes Cisco ISE an easier choice.
"It's scalable."
"I have found that all of the features are valuable. It is very easy to deploy because we are able to port users directly from Active Directory (AD) and LDAP."
"The implementation is very simple."
"SGTs are valuable because they make it easy to enforce policies, instead of pushing them across all the other platforms."
"The most valuable features are the NAC and the bundles that are available with Cisco ISE, such as Cisco ACS being integrated."
"The most valuable features are authentication, we have more granular control on the access policies for the administrators. The solution is easy to use, has a center point administration, and has a good GUI."
"Profiling is one of the most valuable features. We have a lot of different devices between cameras, access points, and laptops that get plugged in."
"The product is useful for device administration."
"Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy."
"We use the Forescout Platform for device visibility and control in our network. It's very helpful for tracking malicious or unusual activity. We use it to track which ports are open, which machines are running specific services, and to identify vulnerabilities. For example, there was a vulnerability related to SMB, and we could use the product to determine which machines inside our organization were allowing SMB traffic."
"You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as."
"Emergency response, risk assessment information to get a view of the of the vulnerability."
"We think it's simple. We think it's very useful and we really like reports and everything."
"Forescout Platform has granular features and one of the most impressive features is the agentless feature."
"I have noticed that in the last year the license model has changed from licensing the whole appliance to licensing the number of devices. It's more simple for a large installation, or a user to have CounterACT as their peripheral site in the company. It's a good choice to have changed the license policy."
"The initial setup is quite simple. It's not too complex or difficult to set up."
"If I was going to improve anything, it would be the ease of migration. It's really difficult at the moment if you're looking to upgrade ISE 2.1 and you want to go to ISE 3.1 or 3.2, that whole upgrade path and, particularly, the licensing is quite a minefield to sort out."
"There are still some bugs in ISE that need to be worked out."
"The price here in Brazil is very expensive."
"The primary issue is the slowness of the application and the web interface. We have multiple admin nodes and app nodes. So when I need to get some information about a particular user, the GUI would take ten to fifteen seconds in loading when we need to know right away."
"A lot of people tell you the hardware requirements for ISE are pretty substantial. If you're running a virtual environment, you're going to be dedicating quite a bit of resources to an ISE VM. That is something that could be worked on."
"The upgrades could be better. Every time we try to do an upgrade, we have problems. It's a pain."
"Cisco ISE can become quite complex, especially with policy sets, the entire authentication process, and everything involved."
"Since we have started, we struggled a lot to implement this solution into our network, and we opened a case a couple of times. Up until this point, nothing else needs to be improved with this product."
"Forescout Platform could improve the costs of integrations."
"Custom integrations need to be better."
"I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy."
"The licensing costs are quite high. With the amount of hardware we have, we need too many licenses to make the product effective and it's ultimately just too costly."
"The biggest disadvantage is the pricing."
"The installation is not secure because it takes high admin privileges."
"This solution is not that easy to scale but this depends on a company's needs."
"Forescout Platform needs to improve how the device works in preventing rogue servers."
More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 135 reviews while Forescout Platform is ranked 4th in Network Access Control (NAC) with 69 reviews. Cisco ISE (Identity Services Engine) is rated 8.2, while Forescout Platform is rated 8.4. The top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". On the other hand, the top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, CyberArk Privileged Access Manager, Fortinet FortiAuthenticator and Microsoft Enterprise Mobility + Security, whereas Forescout Platform is most compared with Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks, Armis and Tenable Security Center. See our Cisco ISE (Identity Services Engine) vs. Forescout Platform report.
See our list of best Network Access Control (NAC) vendors.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.