Sizing Guide

Forescout sizing requirements

The (formerly Forescout Platform) provides comprehensive device management across the extended enterprise, including the campus, data center, Internet of Things (IoT), cloud, and operational technology (OT).

Products within   covered here include:

  • Forescout eyeSight: complete device visibility, the foundation for  

  • Forescout eyeManage: scalable enterprise management

  • Forescout eyeSegment: enterprise-wide network segmentation

  • Forescout eyeControl: policy-based control enforcement

  • Forescout eyeExtend: infrastructure-wide security orchestration

  • Forescout eyeRecover: service continuity and resiliency for your Forescout deployment

This guide aims to assist you in defining your deployment requirements for   across various environments, including:

  • Physical appliances:
    • 6100 Series
    • 5100 Series
    • 4100 Series
    • CT rev50 Series appliances (supported by eyeSight 8.5.x and earlier)
  • Virtual appliances:
    • VMware ESXi
    • Microsoft Hyper-V
    • Linux KVM
    • Nutanix AHV
  • Cloud appliances:
    • AWS
    • Azure
    • Google Cloud

Determine how many devices you want to manage

To size your deployment, count all endpoints protected by the platform, including:

  • Traditional devices (managed/unmanaged) for employees, contractors, and guests

  • Network infrastructure and eyeManage appliances

  • Virtual Machines (VMs) in private and public clouds

  • Printers, scanners, security cameras, and IoT devices

  • OT devices and industrial control systems

Dedicate one of your virtual or hardware Forescout appliances as your eyeManage appliance. In smaller setups with a single virtual or physical appliance, eyeManage might not be necessary.

Determine which use cases you want to solve

  provides visibility and control for your devices from campus to data center to cloud and to IoT and OT devices. In addition to the visibility capabilities of eyeSight, you may be considering network segmentation and want to evaluate eyeSegment.

To help you get more from your investments in other security and IT management tools, eyeExtend products can provide bi-directional data sharing and workflows across multiple partner technologies. EyeExtend Connect enables integration with even more IT and security tools. EyeExtend Connect supports HA (High Availability) only. You may also have resiliency requirements for high availability or failover scenarios.

Forescout eyeRecover enables failover or disaster recovery.

Determine how you want to deploy

You can deploy   as a physical appliance or as a software-only solution on a virtual appliance. Virtual appliances are supported on VMware ESXi, Microsoft Hyper-V, Linux KVM, and Nutanix AHV and can be deployed on premises or in AWS, Azure, and Google Cloud public clouds.

Forescout 6100/5100/4100 Series appliance deployments

The Forescout 6160/6140/6120 and 5160/5140/5120 appliances are 1U rack mounted appliances. The 4130 is wall or DIN rail mounted.

  • Forescout 6160/5160: suitable for large deployments
  • Forescout 6140/5140: suitable for medium deployments
  • Forescout 6120/5120: suitable for small deployments
  • Forescout 4130: suitable for small deployments

End of Sale appliances

The following appliance models are End of Sale. These models come in various revisions, such as rev40 or rev50. eyeSight 8.5.x only supports the latest revision, rev50, of these models. eyeSight 9.1.x does not support CT model appliances.

  • Forescout CT-10000

  • Forescout CT-4000

  • Forescout CT-2000

  • Forescout CT-1000

  • Forescout CT-100

  • Forescout CT-R

AWS, Azure, and Google Cloud Public Cloud deployments

Deploy Forescout eyeManage and virtual appliances either on premises or in the cloud. For hybrid solutions, establish reliable connectivity between your on-premise environment and your cloud environment.

Our best practice is to keep appliances near the asset they are interacting with; this will help optimize functionality and keep costs minimized.

  • Use cloud-based appliances to manage cloud-based assets

  • Use on-premises appliances to manage on-premises assets

  • Mix cloud-based and on-premises appliances to manage hybrid assets

  • Use focal and dedicated/reserved appliances close to the third-party applications with which they interact

For detailed deployment guidance, see   Cloud Strategies and Best Practices. .