"The profiling model included is the most valuable feature."
"It is stable and easy to use."
"I have found that all of the features are valuable. It is very easy to deploy because we are able to port users directly from Active Directory (AD) and LDAP."
"The feature that I most like is that it can notify me whenever someone plugs in their device, which is not allowed. I get notifications for new laptop devices. I think the user interface looks good compared to previous versions."
"It's flexible and stable. It's been good as a standard environment to run."
"There is good integration with third-party systems like antivirus patch management, MDM."
"The way we can trust this solution is the most valuable. We have no issue with this product. It is a competitive product. You need to have a very good and deep knowledge of the product to take the full benefits of all the features, but it is a good product."
"The most valuable features are the ability to retrieve information about Active Directory user names, viewing the log files to see which MAC address tried to connect with the created SSIDs, portal designing for your company, hotspot tools, and creating network rules for WiFi access."
"We really like that we get full visibility of devices in the local network."
"The initial setup is quite simple. It's not too complex or difficult to set up."
"Within three or four days, we have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."
"I have noticed that in the last year the license model has changed from licensing the whole appliance to licensing the number of devices. It's more simple for a large installation, or a user to have CounterACT as their peripheral site in the company. It's a good choice to have changed the license policy."
"The user management has been very easy for the most part."
"Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy."
"The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done."
"You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as."
"It would be nice if it could be configured easily by default."
"Migration could be better. Right now, we back up with the new version, and it requires a lot of licensing and other things. Whenever we choose a product, it's very difficult because we have to meet the requirements of each feature. There is no standard feature, so the best system that we bought may not fit the solution. We have to look at every feature that the customer uses. If you compare it with other products like Aruba, it's not the same. With Cisco, I have to read all about the features on this version and the licensing required for the product. In Aruba, that thing is covered when you get one license because it covers almost everything. It could also be more scalable."
"I would like to see the product simplified more, especially with the configuration."
"Segmentation can be improved."
"The web interface needs improvement. The new web interface that they have is not as easy to manage and we find it to be very slow."
"The solution is not so user-friendly."
"The solution configuration is complicated for setting the infrastructure. They have improved over the years but there is still a lot of room to improve. When comparing the simplicity to other vendors, such as Fortinet and Aruba they are behind."
"In an upcoming release, it would be nice to have NAC already standard in the solution."
"The solution needs more definitive pricing. The costs are hard to nail down."
"In the next release of the solution, it could benefit from being more flexible to allow for more freedom."
"It's scalable, but not without a big investment. It doesn't do so well at the branch. At the home office, it does okay and not so well at the branch."
"The reporting feature needs improvement."
"More detailed analysis during the authentication process, especially for troubleshooting access issues. We have found that troubleshooting RADIUS controls is quite arduous, as it is today. A trace function could easily resolve this by providing a means by which access issues from a certificate to passwords or accounts could easily be identified and remediated."
"When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with."
"Better integration with third-party vendors is needed because as it is now, the list of third-party solutions that we can integrate and automate is quite limited."
"The initial setup is a bit complex."
ForeScout offers Global 2000 enterprises and government organizations the unique ability to see devices, including non-traditional devices, the instant they connect to the network. Equally important, ForeScout lets you control these devices and orchestrate information sharing and operation among disparate security tools to accelerate incident response. Unlike traditional security alternatives, ForeScout achieves this without requiring software agents or previous device knowledge. The company’s solutions integrate with leading network, security, mobility and IT management products to overcome security silos, automate workflows and enable significant cost savings.
Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 36 reviews while Forescout Platform is ranked 2nd in Network Access Control (NAC) with 19 reviews. Cisco ISE (Identity Services Engine) is rated 7.6, while Forescout Platform is rated 8.6. The top reviewer of Cisco ISE (Identity Services Engine) writes "Streamlines security policy management and reduces operating costs". On the other hand, the top reviewer of Forescout Platform writes "Identifying potentially unwanted devices on the network has saved the organization time and money". Cisco ISE (Identity Services Engine) is most compared with Aruba ClearPass, Fortinet FortiNAC, CyberArk Privileged Access Manager, Fortinet FortiAuthenticator and Portnox CORE, whereas Forescout Platform is most compared with Aruba ClearPass, Fortinet FortiNAC, Armis, Portnox CORE and Tenable SC. See our Cisco ISE (Identity Services Engine) vs. Forescout Platform report.
See our list of best Network Access Control (NAC) vendors.
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.