Fortinet FortiNAC Reviews

We use the tool to ensure that we have network access. It also helps us avoid stranger devices getting into the LAN or Wi-Fi. 

The tool provides us with a list of devices that tries to connect to our network. It offers us a lot of network visibility.

The solution's licensing price should be improved. 

I have been using the product for three years. 

I would rate Fortinet FortiNAC's stability a ten out of ten. 

I would rate the product's scalability a ten out of ten. 

Fortinet FortiNAC's setup is straightforward. 

We have seen ROI with the tool's use and it is high. 

I would rate the product an eight out of ten. 

Fortinet FortiNAC is a network address control solution that we use as an identity and access management server. We integrate it with network devices and workstations to create policies and privileges for network access and device management. It also performs posture checks on Windows workstations to ensure compliance with security policies before granting network access. Essentially, it profiles endpoints and workstations, and checks for security compliance (such as updated patches, enabled firewall, and vulnerability compliance) before granting network access.

The most valuable feature of Fortinet FortiNAC is its integration with all other Fortinet solutions.

The GUI and network visibility in Fortinet FortiNAC could improve.

Integration with 3rd-party devices can be improved.

I rate Fortinet FortiNAC for approximately two years.

Fortinet FortiNAC is stable.

We have one customer using this solution.

We have approximately 20 users using the solution.

The solution is scalable.

I have contacted the support from Fortinet FortiNAC. The response time could be quicker.

I rate the support from Fortinet FortiNAC a seven out of ten.

Neutral

I have used Cisco ISE and Aruba ClearPass, and Fortinet FortiNAC is a lot easier to set up.

The initial setup of Fortinet FortiNAC is easy. The time it took to set up was approximately five hours.

The solution is expensive. However, it is not as expensive as other solutions, such as Cisco ISE.

If people are looking for a smooth operation and don't want the trouble of using Cisco ISE or Aruba ClearPass, Fortinet FortiNAC is a great solution to consider. It's easy to set up, especially if you have an all-Fortinet environment with FortiSwitches, FortiGate Firewall, and FortiAPs. It can make your life much easier.

I rate Fortinet FortiNAC a seven out of ten.

I was certified in FortiNAC (Part of Fortinet-NSE6) last year and I've personally implemented FortiNAC in three organizations. We work as a team with people who have expertise in different areas and Vendors and have exposure to different infrastructures.

FortiNAC scans your network to discover every user, application, and device (IOT), With up to 18 different techniques, it can then profile each element based on observed characteristics and responses for granular visibility - We then apply state-based control(eth0 VLAN switching) and Policy based control rules for access control and response.

Anyone (Domain users, Contractors, guests, etc) wanting to connect to the network has to be accessed by the NAC. Users come in at different times and some may be working from branches or home through a VPN and they will be authenticated in the same way with different privileges on the Network.

So it has to run 24/7. It's authenticating users all the time. We are gold partners with FortiNac. 

There are quite a number of things that are valuable about this solution. Having dealt with Cisco ISE, I realize that FortiNAC is different in a way that gives you granular visibility of the entire network infrastructure related to IOT devices (Who, What, When, Which information). It's helpful that you can know what's going on from your phone, your tablet, and from home. The solution provides containment, reporting and security event-alarm mapping and saves log and carries out further analysis for cyber thefts. It really is a good solution.

I've realized that one of the issues is the need to use agents. For instance, if a domain user has to authenticate on the network via FSSO or Certificate management he has to have a persistent agent.

The admin UI is not that good. It could be better matched and more friendly to use and it cannot work as a RADIUS server. You have to have a RADIUS server which means bringing in a FortiAuthenticator to build it.

The other thing would probably be the visibility granular. For example, when I have a user at a particular branch, I can't tell what SSIDs they are connected to. I only have the IP addresses so if the wireless controller is integrated with FortiNAc, you're going to realize that you won't be able to know whether a particular person is connected, that an AP is connected to a particular SSID, is connected to. . .  etc. It only gives you the IP addresses, Host names, etc. That has to be improved and am sure it will be in the next build version. 

Additional features, would be an agentless link and adopters - online, offline adopters - it picks the IP's, the host names, the layer 3 information, layer 2 information, what's connected. And also to give different privileges, best rule privileges to users. 

VLAN Interswitching (state based controls) could be quicker when doing the process flow from different sorts of authentication. When it comes to guests or contractors, you don't want to use a dissolvable agents. It dissolves in the process of downloading, but it takes longer and that could be improved.

I've been using the solution for a year and a half. 

FortiNAC is Pretty stable. We initially had a couple of troubleshooting issues in the deployments but we worked them out and it's fine now and has pretty good Visibility across the Network for every device, application and user, extend Control of the Network to third-party products and automated responsiveness.

You won't find so many NAC solutions like it. I mean it's granular, you will see a lot that you need to ask. It will give you all the controls you need and it has event alarm mapping, - I mean "you can't control what you can't see"

It is very scalable, you can have as many features and access points as you want. as you have. It depends on the licenses, but you can have as many IoT devices (Switches, routers, Firewals, WLC, etc) as you want and as many features as you want. You can have visibility to all the ports of the switches on the NAC, you can easily see  Who, What, When, Which information then control and respond

Technical support is good. You create a ticket and within that ticket you explain what challenges you're facing. They assign you an engineer who'll help solve the issue. It's pretty easy and straight forward and they're always there to help. 

Initial setup is pretty easy. If you're doing a VM setup, you do the registration on the Fortinet portal, and then you set the IP addresses. I think it's pretty good when you're implementing it the first time, it's very easy but when you get to tests, which are the UAT's, you're most likely to have a few issues that you need to be aware of.

Deployment time depends on the kind of customer. For example, the current implementation I'm doing has an assessing vendor. 90% of the network is wireless and 10% is cabled in network. They have more than 80 access features, more than 80 routers, and two wireless controllers. They have a number of databases and different firewalls - to use that fountain it slows things down. You're also dealing with Domain users, contractors and Guests in different locations. Obviously this will take more time than a project with less infrastructure devices. It really depends on the nature of the infrastructure.

There is a base license level which pretty much gives you topologies and groupings automation/control, etc. When it comes to policies, it's only going to give you user host profiling and network access. If you're looking for endpoint compliance, integrations, Incidence response and reporting, then you have to go for an Plus or PRO license.

You need to think about what you need as a company. There are so many government institutions, so many corporate institutions in the world that want to protect their networks. People have different privileges within a network, an instructor cannot have the same privileges as a normal user and the guest. We have guests coming onto our network, contractors coming to work at different times on the network, the main users who are working in different departments and who shouldn't have access to some platforms. When it comes to authentication you need to make sure you're protected from all kinds of threats. You have different products, Vendors and divices that all need to be controlled. If something goes off you need to know where and why. 

I would rate this product a eight out of 10. It's still evolving. 

We use the tool to connect different networks, like connecting one side to another. Additionally, we deploy some policies to allow certain users within the network environment.

The most valuable aspect of this product is its security features. Many customers prefer cheaper devices, but those often lack adequate security measures. It also supports compliance with industry regulations. 

Fortinet FortiNAC's price is expensive compared to other products. 

I have been using the solution for three to four years. 

I rate the tool's stability a nine out of ten.

Fortinet FortiNAC's scalability is good. 

I haven't used the tool's support yet.

The tool's main difference from other products is security, ease of access, and integration with other devices.

The initial setup is not complex—it's quite straightforward. However, the complexity of the environment can vary depending on the customer's requirements.

It could be difficult, depending on the environment. Sometimes, we need integration with other devices, which adds complexity. It's particularly challenging when integrating with older vendors, as their installation processes are often more complex.

I rate it a nine out of ten.

I rate Fortinet FortiNAC's pricing an eight out of ten. 

I rate the overall solution a nine out of ten. 

We use the solution as a firewall to protect the network.

The solution's technical support needs improvement.

We have been using the solution for two or three years.

It is a scalable solution. Our organization has more than 200 users and plans to increase its usage.

The solution's technical support could be better.

I have used Sophos, CyberArk, and Palo Alto solutions earlier.

We require two executives for the deployment and maintenance of the solution.

The solution generates a return on investment for us. 

I rate the solution a nine out of ten. It is a good product.

We use this solution to control the network.

With FortiNAC, we don't need to configure the mass client site or access points. For example, we don't need to configure the switching site for a client's site. With Persistent Agent, it makes it much easier.

I would like to be able to compare the configuration backup before and after.

After version nine, the solution has been stable. There were some issues with stability in the previous versions.

It is a scalable solution. Some of my customers have nearly 100 endpoints. I use sync topology with my customer who has over 2000 clients or endpoints.

The technical support is fast, and I would rate them at nine out of ten for speed.

I would rate the documentation in relation to problem solving at seven out of ten.

Fortinet FortiNAC is easier to deploy than Cisco ISE or Aruba ClearPass. However, you have to know authentication systems and requirements when implementing on NAC devices.

FortiNAC's price has gone up in the last year. However, compared to other solutions, such as Cisco ISE, it is cheaper.

If you're considering implementing FortiNAC, I recommend determining which type of implementation is suitable for your needs.

FortiNAC can handle most configurations easily, but Cisco ISE works with only Cisco devices. Thus, FortiNAC is suitable for multivendor topologies, whereas Cisco ISE is not. Overall, I would rate FortiNAC at eight out of ten.

I'm a senior network architect and our company is a reseller of FortiNAC. This is a new product for me and we'll be starting implementation shortly. We've been testing the product and I'm just finishing the course. I'll be implementing for our client which is a medium-size company.

The interface is good and simple to use. Some of the ideas presented on the online course could be clearer, like policy creation. But the interface and other features are very good. 

I think that the course content could be improved, it's not that simple to work through. I'm an expert on Cisco ISE. And also I have CCIE on Cisco. I made a comparison between Cisco ISE and FortiNAC. Cisco ISE has full integration but FortiNAC doesn't.

I've been using FortiNAC for just one month.

I'll have a better idea next week about the stability, once it's been tested in the production environment.

The communication with customer support is fine from an administration perspective. But it's lacking documentation on the concept of how the technology works. There are no documents in the FortiNAC library relating to network function. 

I would rate this product an eight out of 10. 

I use FortiNAC to limit access to our network; it's our firewall. We are customers of Fortinet and I'm a technical manager. 

The solution provides good performance, is easy to use and easy to configure.

The technical support could improve; the response time is quite slow. 

I've been using this solution for two years. 

The solution is stable. 

The solution is scalable, we have 100 users. 

Customer support could be improved as their response times can be quite slow. 

Neutral

We pay an annual licensing fee; this is quite an expensive solution. 

I rate this solution seven out of 10.