We just raised a $30M Series A: Read our story
2015-11-16T12:34:00Z

What needs improvement with Forescout Platform?

2

Please share with the community what you think needs improvement with Forescout Platform.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
2222 Answers

author avatar
Top 20LeaderboardConsultant

As a user, if I am using a laptop that is Wi-Fi connected, Forescout identifies my port connectivity as one user license, and if I take that same laptop with the same username to a wired network, which is also the same network that is used for the Wi-Fi connection, Forescout detects it as a separate license. At times, I am working on wireless and sometimes I enter a zone where there is no wireless connection, which forces a land connection. This is an issue that needs to be resolved because it consumes another license for the same device and the same user. This issue has been escalated to Forscout directly. There was integration with Microsoft SCCM previously, and have suddenly stopped the open integration module for Microsoft. Customers are not aware of what is available to them in terms of the open integration module. Forescout Platform advised that there are many options available and many things they can do, but they don't tell customers exactly what they are. They need clear documentation and direction as to what the customer can expect from the open integration module. Customers need some clarity on what they can do and what is not possible to do. When it comes to a full open integration we need to rely on the professional services from Forescout directly, no one can implement it as there is a limited amount of knowledge available. They need to be more considerate, and there should be good documentation available to the customer. They need to improve their selling approach or the consultant approach. One of their use cases is an ITM use case, and ITSS asset management, but they don't really do ITSS management. They only detect the ITSS and all the parameters around that test, but they do not have any integration with any database system where they can store all these details and act like a typical ITSS management system. They should remove that use case in full. They should say that we complement your ITSS management by detecting the unknown assets in your network. This would be right.

2021-09-10T15:11:57Z
author avatar
Top 10LeaderboardReal User

The licensing costs are quite high. With the amount of hardware we have, we need too many licenses to make the product effective and it's ultimately just too costly. We may have some problems with compatibility - specifically with Cisco switches. We have the perimeter a Check Point firewall as an alarm for VPN connections. We have users integrating the VPN Check Point with Forescout. We can't seem to scale due to compatibility issues and price.

2021-02-25T07:45:14Z
author avatar
Top 5LeaderboardReal User

The reporting feature needs improvement. An example is that currently, you cannot configure what report files will be named. I think that the reporting feature needs more flexibility. It has about 15 templates and you have to use one of them, but it is not easy to understand what each of them is. It would be nice to have more control over the format of the reports. Also, it would be nice if the configuration backup feature had more flexibility. It only supports FTP, SFTP, or SCP. That makes it impossible to write backups to a Windows share.

2020-09-18T14:27:00Z
author avatar
Top 20Reseller

Better integration with third-party vendors is needed because as it is now, the list of third-party solutions that we can integrate and automate is quite limited. We would like to see the list of vendors expanded to be broader. The types of products that we would like to integrate with are firewalls, patch management solutions, and SIEM applications, for example.

2020-09-13T07:02:22Z
author avatar
Top 10Reseller

The solution needs more definitive pricing. The costs are hard to nail down.

2020-09-08T09:10:02Z
author avatar
Top 20Real User

Truth be told, I'm good with it. I'm yet to have something with the solution that I don't feel comfortable with. It's fine. I've not seen a cause or a reason why I should want something to be changed, but that doesn't take out the fact that there's always room for improvement. What I would love to see is a situation where my Forescout can integrate with different security technologies. Where it can share contextual information bidirectionally. I had written to Forescout about this and they told me they have that functionality already. So I think that settles it. They can share device context with the security technology and that technology can also be shared with Forescout. To build a form of connective strategy towards security. They have a dedicated module for the security technology I'm concerned about. But with that software, I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy I talked about. So far, it's good. It meets my requirements that I had concern about.

2020-08-12T07:01:00Z
author avatar
Top 10Real User

Forescout Platform is too expensive, so the price should be reduced. Although Forescout manages endpoints and network devices, there is no capability for user management. This is something that should be added. For example, if I find that something is wrong in the services and need to disable a user's access, there should be no need to go to Active Directory and disable the user there. As it is now, computers and devices can be disabled, but not users.

2020-06-14T08:03:11Z
author avatar
Top 20Real User

I would advise Forescout through their research and development to look for features that they can add. Also, based on the what other competition may be selling, if they find any useful feature, they should add those to their product.

2020-05-19T18:28:00Z
author avatar
Top 10Real User

When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies. I could see after doing this repeatedly that it may lead to some premature clicking in an area that you may not have wanted, depending on how your segments are setup, and may cause issues later down the road.

2020-05-13T13:50:00Z
author avatar
Top 20Real User

The product could be improved in different ways: * The speed of identification * More guest management features (i.e. extending time frames) * Sometimes, the identification profiles completely change after device upgrades. It would be beneficial to keep or merge these records if enough correlating data points exist, so as not to segment devices. Some of the features introduced into the product line could have better documentation, which could provide for an overall better experience for administrators.

2020-05-12T16:20:00Z
author avatar
Top 20Real User

Better reporting and analysis of access (based on client) would be helpful. Also, a tool that allows tracing a user through the rules to authentication. More detailed analysis during the authentication process, especially for troubleshooting access issues. We have found that troubleshooting RADIUS controls is quite arduous, as it is today. A trace function could easily resolve this by providing a means by which access issues from a certificate to passwords or accounts could easily be identified and remediated.

2020-05-12T16:02:00Z
author avatar
Top 20Real User

It could be better, they could work on the wide-area network and easier because it's a bit clumsy at the moment when we go on to a remote site. It works well in the head office but we've had challenges trying to install it across other sites. So pricing and support for branch offices. The interface is okay for the local office, but it's hard to get visibility from remote branches.

2020-03-08T10:06:00Z
author avatar
Top 20Real User

The solution could always improve by adding more features to make it more robust.

2020-03-05T08:39:39Z
author avatar
Top 10Real User

The biggest disadvantage is the pricing. I can see that the product has value. I see that the product is really good. I think that the pro is it's really stable, but price-wise, I think it's bad. But you have to pay for quality. But the pricing can be a little bit improved in my point of view. It will be harder to choose if we start comparing features and prices and when we made the initial choice. Our choice was based mainly on features. There was no price comparison involved. I think that it is not in the same landscape. The landscape has changed and there are a lot of contenders in this field. The price scale could be improved.

2020-03-03T08:47:00Z
author avatar
Top 10LeaderboardReal User

There's always room for improvement for the solution. Off the top of my head, I really can't determine anything that is lacking right now. Basically there is no room for improvement that I can describe. The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup.

2020-02-20T06:38:06Z
author avatar
Top 20Real User

The ability to block external devices in Mac is lacking and needs to be added.

2020-01-06T19:34:00Z
author avatar
Top 10Real User

For the user, the policy that they have implemented sometimes needs adjustments. Sometimes the features that the customer asks for aren't involved in the main installation, and I need to bolt an add-on in. However, I never know if this policy is the right one when I do this.

2019-11-28T11:33:00Z
author avatar
Real User

We experienced some detection issues when checking compliance for the Sophos agent.

2019-07-11T11:46:00Z
author avatar
Real User

They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment. The interface of this solution and the integration part needs improvement. The difference between the 7th and the 8th version is the dashboard. They should improve it.

2019-02-12T10:09:00Z
author avatar
Top 20LeaderboardReal User

* Battled with the use of SNMP v1 instead of v2c * Direct web interface rather than installation of a client.

2018-11-21T13:32:00Z
author avatar
Consultant

Multitenancy should be included in the next version so it could be used as a managed service provider.

2018-10-16T19:26:00Z
author avatar
Top 5LeaderboardReal User

* JAVA Memory management - leaving the app running for multiple days requires relaunch * Search - needs boolean functionality (or psudeau operand now working)

2015-11-16T12:34:00Z
Learn what your peers think about Forescout Platform. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
541,108 professionals have used our research since 2012.