Logging would be one area for improvement. When we're troubleshooting, there are not a lot of clear things on Google that we can look up for ourselves. When we have an issue with it, we have to call the company to get the vendors involved. The logging of Forescout is horrible compared to other things that we've used. We don't use ISE, but based on what we heard from the users we've reached out to who do use ISE, the logging capabilities of ISE are better, and troubleshooting is so much easier with ISE than it is with Forescout.

It doesn't have a lot of end-user support after the purchase of the license. There is no training either for Forescout. That's something that it's lacking. We need refresher training. The vendors came out and trained us whenever we first set up Forescout, but we have people coming and going all the time.

There are some things that we wish that it would do. We use ACAS, which is a reporting tool that scans our network and then lets us know what kind of vulnerabilities are on the network. It would be nice if there was a way to connect Forescout. I know ISE connects with our configuration management tools to push patches and things like that out to a large array of machines. With Forescout, we can push some patches out, but it can't handle anything on a large scale. So, we wish that Forescout would be able to handle more and connect to some of the other tools that we use. We have 15 different tools that do pretty much the same thing but in a different way to get a good picture of our network. It would be nice if we can condense that down or have something that is a central hub-type tool that can reach out to some of our other tools, compile the data better, and have that data in one place.

The product is excellent. As a product, there is nothing to complain about. However, they should improve their overall support.

Let me provide an example. Assume you are in the United Kingdom, and you are also familiar with the cars in your neighborhood, and any manufacturer you have heard of. And let's say Forescout is one of the niche products, similar to Rolls-Royce. You know that Rolls-Royce is good, but you need some kind of information accessibility to use that.

The comfort is good, and you can obviously drive it, but you need to understand all of the features. You need that level of knowledge, that level of information is clearly not available.

First and foremost, that information is not accessible. 

The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service.

Things they should have told you ahead of time are that if you run into problems during the deployment, they will keep asking you to engage the product's professional services, which they will charge you for.

And from the standpoint of support, they should be adaptable. When they are aware that customers have made significant investments in these expensive licenses. And it is expected that they will receive adequate assistance. That is where they are falling short.

You own a Rolls-Royce, but you are having trouble making the most of its features and functions.

Forescout Platform could improve the integration or compatibility with other solutions, such as Chinese-made and other market solutions. They do not have any integration with H3C,  RUCKUS Switching, Lenovo, CommScope, IBM Switching etc. which are network/Communication Brands. They do not have integration with new solutions in the market. They do integrate well with Brocade, Cisco, Juniper, and quite a few more but they could expand the integration. 

The most common complaint I hear about Forescout is about their technical support.

Some sort of highly scalable platform, such as a private cloud, that can be distributed across a network quickly and grow rapidly, would be beneficial.

I believe that the overall user experience has not always been preferable.

If older network devices are used there can be some compatibility issues while using the Forescout Platform. Additionally, if the switches that are deployed in your infrastructure are not captured properly to the endpoints there might be some difficulties with Forescout Platform trying to monitor the network traffic. Traffic management is an area the vendor should work on.

Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns.

The product needs to improve its support. I know a case that dragged on for about one and a half years. They eventually suggested professional services and closed the ticket. We followed their advice, engaging the account manager and professional service team, only to discover that the issue was a bug. After reopening the case, it's been about six months, and the problem still hasn't been resolved.

Forescout Platform's support often takes a long time to respond to tickets. Even after we reply, there's another lengthy wait for feedback, and their responses sometimes seem to delay resolution with unnecessary questions. For instance, they might ask for details about previous issues. Meanwhile, competitors may offer temporary solutions but often lack or are unsatisfactory regarding technical or research and development support from Forescout Platform's team.

Another area where it can improve is when dealing with multiple sites and overlapping subnets. While it works well for individual sites, it struggles when managing several sites with overlapping subnets, especially with authentication portals.

I think the Forescout Platform could use some extra features or improvements in the future. Specifically, it could be better at working with other security tools. For example, when it connects with VPNs or security scanners, it could work a bit better. The tool has already made some efforts in this area, but I think it could do even more to make these devices work together

Forescout needs to improve its cloud management and remote connectivity.

Forescout Platform could improve the costs of integrations.

Weaknesses of the product are usually present from the side of vendors. In the case of Cisco's vendors, they do have a presence in the South African region. The fact that Forescout Platform doesn't have a presence in the South African region is a weakness because of which you can't ask for help from them if you have any problems. Though they offer support, Forescout Platform does not offer a vendor like other products do for even East Africa ensuring they deliver better services to their customers. The aforementioned area can be considered for improvement.

Maybe integration with or onboarding an XDR solution is something I would like to see in future product releases.

Other solutions have TACACS+, but Forescout does not. In the next release, I would like to see Forescout have accounting.

Incorporating additional features such as NetFlow DLP, would serve as valuable add-ons. Regarding pricing, there is room for improvement to enhance competitiveness with other vendors and solutions.

When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies. I could see after doing this repeatedly that it may lead to some premature clicking in an area that you may not have wanted, depending on how your segments are setup, and may cause issues later down the road.

The solution's customer support is bad and should be improved. When our customers try to reach or discuss with the support team, they don't even answer.

For sales purposes, the product has limitations. It does not support the TACACS+ protocol. This creates a need for another product to work with.

Forescout Platform's technical support needs to be improved - it could be faster, and its team could be more knowledgeable.

The reporting feature needs improvement. An example is that currently, you cannot configure what report files will be named. I think that the reporting feature needs more flexibility. It has about 15 templates and you have to use one of them, but it is not easy to understand what each of them is. It would be nice to have more control over the format of the reports.

Also, it would be nice if the configuration backup feature had more flexibility. It only supports FTP, SFTP, or SCP. That makes it impossible to write backups to a Windows share.  

Forescout Platform is too expensive, so the price should be reduced.

Although Forescout manages endpoints and network devices, there is no capability for user management. This is something that should be added. For example, if I find that something is wrong in the services and need to disable a user's access, there should be no need to go to Active Directory and disable the user there. As it is now, computers and devices can be disabled, but not users.

The cost is too high. We are looking at some other solution where costs might be lower.

Custom integrations need to be better. I'd like to have the option, for example, to integrate the Forescout Platform with a customized application or any other software out there that I am using at the same time.

I would like the Forescout Platform to be deployable on cloud solutions, like Huawei. It's not compatible with Huawei at the moment. It can be deployed only on Amazon and AWS.

The licensing costs are quite high. With the amount of hardware we have, we need too many licenses to make the product effective and it's ultimately just too costly.

We may have some problems with compatibility - specifically with Cisco switches. We have the perimeter a Check Point firewall as an alarm for VPN connections. We have users integrating the VPN Check Point with Forescout. We can't seem to scale due to compatibility issues and price.

The product could be improved in different ways: 

• The speed of identification
• More guest management features (i.e. extending time frames)
• Sometimes, the identification profiles completely change after device upgrades. It would be beneficial to keep or merge these records if enough correlating data points exist, so as not to segment devices. 

Some of the features introduced into the product line could have better documentation, which could provide for an overall better experience for administrators.

Definitely, having more third-party integration would be an improvement. This is something that they're doing. Other products that we have on our network, if we're able to get ForeScout to talk with them, we'll get much better information to those products, things like Splunk and other data gathering.

Also, I think we have Rapid7, so all these different programs that want to collect a lot of information, ForeScout is able to do that. So having it being able to talk to them, the more it can talk to, the better it is.

I think there are some product maturity issues in terms of the web interfaces that its able to present for end users. They're working on those. Those are improving, and just other features that come along with them growing into this space that they have. They're getting feedback from us, and they're getting feedback from other very large customers on what to do to improve, and they respond very well.

• JAVA Memory management - leaving the app running for multiple days requires relaunch
• Search - needs boolean functionality (or psudeau operand now working)

Unfortunately, Forescout Platform can only be accessed by Android systems. iOS is not supported, so there are some limitations to the operating system. I would like to see all devices have access to the solution.

Forescout needs to upgrade its development in the future.

Forescout is constantly adding new features, so this may change as of this writing, but sometimes the switch management interface doesn't display accurate information which relates to false positives on individual switch access errors.

Forescout Platform needs to improve how the device works in preventing rogue servers. Cisco has an impressive way of detecting rogue servers or rogue wireless access points to help protect the network. 

There is still room for improvement in this area with the Forescout GUI.

Integration with other products can be improved upon.

Fortinet and Cisco ISE have larger communities than the one available for Forescout Platform. The community size for the Forescout Platform can be improved. Forescout Platform doesn't have a big online community where people can go and ask questions and get solutions.

Forescout Platform could improve the vulnerability management as well as the control on the endpoint, which needs to be connected to my network.

In an upcoming release, they should add security features, such as malware and threat protection.

Forescout Platform sometimes returns false positives, so there's some fine-tuning to be done there. There are also some limitations with the Mac and Linux versions - the company claims they're agentless, but they're actually agent-based. In addition, there are a few actions that don't work in conjunction when we apply multiple actions, such as wanting to send a notification and isolate a device. In the next release, I would want to see better compatibility and visibility on the cloud front, and the system needs to keep up with upcoming technologies and trends.

I don't think we tested the full potential of Forescout. We had some delay implementing it into our organization, due internal organizational issues and also due to a lack of device registrations. Meanwhile we decided to switch to a new network provider that doesn't have Forescout in its portfolio. We favour one-stop shopping for network and security services, and will migrate to Aruba ClearPass (portfolio). 

Better reporting and analysis of access (based on client) would be helpful. Also, a tool that allows tracing a user through the rules to authentication.

More detailed analysis during the authentication process, especially for troubleshooting access issues. We have found that troubleshooting RADIUS controls is quite arduous, as it is today. A trace function could easily resolve this by providing a means by which access issues from a certificate to passwords or accounts could easily be identified and remediated.

As a user, if I am using a laptop that is Wi-Fi connected, Forescout identifies my port connectivity as one user license, and if I take that same laptop with the same username to a wired network, which is also the same network that is used for the Wi-Fi connection, Forescout detects it as a separate license.

At times, I am working on wireless and sometimes I enter a zone where there is no wireless connection, which forces a land connection. This is an issue that needs to be resolved because it consumes another license for the same device and the same user.

This issue has been escalated to Forscout directly.

There was integration with Microsoft SCCM previously, and have suddenly stopped the open integration module for Microsoft. Customers are not aware of what is available to them in terms of the open integration module. 

Forescout Platform advised that there are many options available and many things they can do, but they don't tell customers exactly what they are. 

They need clear documentation and direction as to what the customer can expect from the open integration module. Customers need some clarity on what they can do and what is not possible to do.

When it comes to a full open integration we need to rely on the professional services from Forescout directly, no one can implement it as there is a limited amount of knowledge available.

They need to be more considerate, and there should be good documentation available to the customer.

They need to improve their selling approach or the consultant approach.

One of their use cases is an ITM use case, and ITSS asset management, but they don't really do ITSS management. They only detect the ITSS and all the parameters around that test, but they do not have any integration with any database system where they can store all these details and act like a typical ITSS management system. 

They should remove that use case in full. They should say that we complement your ITSS management by detecting the unknown assets in your network. This would be right.

Two things can be improved in the Forescout Platform. First of all, the support for some certain proprietary protocols from other vendors, but they are very widely used. If the TechEx from Cisco, was added to Forescout, then it will be a full solution for me. 

Forescout Platform can be much improved. The support for certain proprietary protocols from other vendors, but they are very widely used. If I can go a little bit technical here, I would say the TechEx from Cisco, if added to Forescout, then it will be a full solution for me. Additionally, the Forescout Platform can have better integration with other solutions, such as Cisco NFG firewalls. They need to integrate seamlessly.

It needs easier integration to other partners that automate functions within the security phase. There's no difference because you're not going to be able to fill the places fast enough for all these security people. So how do you get it to be able to manage more with less people by automating some of the functions? So when, for instance, NetScout discovers something and installs a ticketing system instead of sending an alert to a person, it automatically opens a ticket with the appropriate levels and automates that stuff.

This solution could be improved if there was functionality or module integration to connect Forescout with open source, container areas or Terraform.  It would also be useful if this solution could run with network plugins to Kubernetes. 

The solution needs more definitive pricing. The costs are hard to nail down.

I would advise Forescout through their research and development to look for features that they can add. Also, based on the what other competition may be selling, if they find any useful feature, they should add those to their product.

The configuration of the rules is both a blessing and a curse. While it is almost infinitely configurable, knowing how to get the product to do what you want it to do can be difficult, especially at first.

The biggest problem we have had with ForeScout is that in order for it to see all of your network traffic it must have access to that traffic. So if your traffic has multiple ways to reach the internet or other resources, then you need multiple network taps in place to see that traffic.

I would like to see some reporting features. Things like, if our tech support department comes to us and says, "Hey, how many Dell model 390 PCs do we have in the company?" They can just click on a report that would show client name, machine model, IP address, last user login, etc. I think that people would find that very useful.

I think off-the-bat, when somebody pulls up the CounterACT interface, there's a lot going one. It's easy, but I don't think it's easy for somebody who just walks in blind. If there was a reporting feature, or something more incorporating tech support people, that would make their life easier. It mitigate the requests that we get to give them that information.

We have found that the agent-based authentication, available within this solution could be improved.

The price-point for this solution is very high, which should be looked at in comparison with similar products currently on the market.

For the user, the policy that they have implemented sometimes needs adjustments. Sometimes the features that the customer asks for aren't involved in the main installation, and I need to bolt an add-on in. However, I never know if this policy is the right one when I do this.

Multitenancy should be included in the next version so it could be used as a managed service provider.

The reporting could be improved. Also, it needs more analytics to see what's going on as we like to do trends.

The integration with Sync can be improved. We would like to see better integration with some other popular vendors. 

Also, the reporting needs improvement, as well as integration with PAL services. It also needs more options for different sizes of customers. It does really work well in the big departments. For smaller organizations it might be a little overkill of a solution.

It needs enhanced mobile support, but I have heard that this is coming.

If you want to deploy a new solution to block, you can't do it by yourself. You need the Forescout to deploy these solutions. They could prove this by making it better.

There are virtual machine limitations, this is not a solution that they use to protect my company.

In the next release of the solution, it could benefit from being more flexible to allow for more freedom.

The security features can be improved because we use it for sensitive information, such as compliance. Additionally, the system controls could be better.

The installation is not secure because it takes high admin privileges.

Better integration with third-party vendors is needed because as it is now, the list of third-party solutions that we can integrate and automate is quite limited. We would like to see the list of vendors expanded to be broader.

The types of products that we would like to integrate with are firewalls, patch management solutions, and SIEM applications, for example.

The ability to block external devices in Mac is lacking and needs to be added.

The biggest disadvantage is the pricing. I can see that the product has value. I see that the product is really good. I think that the pro is it's really stable, but price-wise, I think it's bad. But you have to pay for quality. But the pricing can be a little bit improved in my point of view. It will be harder to choose if we start comparing features and prices and when we made the initial choice. Our choice was based mainly on features. There was no price comparison involved. I think that it is not in the same landscape. The landscape has changed and there are a lot of contenders in this field. The price scale could be improved.

We experienced some detection issues when checking compliance for the Sophos agent.

There are few areas which will need vast improvements. The CounterACT graphical user interface could use a revamp as it may not look appealing enough to the end users.

Another area which the CounterACT should improve is their ability to deliver a more precise error messages to their users. At times, the error messages are not clear enough and are too technical to understand. Some of their error messages are not generic, as they are only understandable by the ForeScout engineers.

The solution could always improve by adding more features to make it more robust.

There's always room for improvement for the solution. Off the top of my head, I really can't determine anything that is lacking right now. Basically there is no room for improvement that I can describe.

The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup.

The best improvement they could make would be reporting and better integration with AD. Last but not least, a management web interface would be nice in the next version/release.

Detection and control of Dual-Homed devices needs to be improved, as the product sometimes gives false positives. Also, more custom policies should be made available.

When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with.

They already support some 63,000 plus vendor models. They are also upgrading it, and they have two million plus devices in a single deployment. Maybe there are some legacy tools with support. I know they're working very hard on the OT infrastructure and OT side of integration, but I'm not into OT side.

Truth be told, I'm good with it. I'm yet to have something with the solution that I don't feel comfortable with. It's fine. I've not seen a cause or a reason why I should want something to be changed, but that doesn't take out the fact that there's always room for improvement. What I would love to see is a situation where my Forescout can integrate with different security technologies. Where it can share contextual information bidirectionally. I had written to Forescout about this and they told me they have that functionality already. So I think that settles it. They can share device context with the security technology and that technology can also be shared with Forescout. To build a form of connective strategy towards security. They have a dedicated module for the security technology I'm concerned about.

But with that software, I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy I talked about. So far, it's good. It meets my requirements that I had concern about.

It could be better, they could work on the wide-area network and easier because it's a bit clumsy at the moment when we go on to a remote site. It works well in the head office but we've had challenges trying to install it across other sites. So pricing and support for branch offices. The interface is okay for the local office, but it's hard to get visibility from remote branches.

They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment.

The interface of this solution and the integration part needs improvement. The difference between the 7th and the 8th version is the dashboard. They should improve it. 

• Battled with the use of SNMP v1 instead of v2c
• Direct web interface rather than installation of a client.

There isn’t a specific area to improve. It’s a good product from my point of view. Maybe the licensing and cost can be improved.

The reporting could be a bit more intuitive and user friendly.

The patch management ability of the solution needs to be re-examined.

• Reduce false positives
• Reduce bugs
• Improve on host classification
• Increase the Nigerian partner base