Try our new research platform with insights from 80,000+ expert users
reviewer1805229 - PeerSpot reviewer
Senior Proposal Manager at a tech services company with 201-500 employees
Real User
Enhances security with network segmentation and integrates perfectly with Fortinet solutions, but there could be better integration with legacy equipment
Pros and Cons
  • "The network segmentation is the most important part of the solution. The integration with the Zero Trust Access solution is a crucial part of segmenting your network."
  • "There could be better integration with legacy equipment. It integrates perfectly with all Fortinet solutions, but if you look at other third-party integrations—not on the networking part; but more on the security infrastructure part—it's more limited."

What is our primary use case?

It is mainly used when we integrate the solution with Fortinet firewalling, sandboxing, and the security fabric of Fortinet. In an all-out implementation where we implement different solutions, FortiNAC is one of the components in the entire ecosystem.

Its deployment is virtualized but on-prem.

What is most valuable?

The network segmentation is the most important part of the solution. The integration with the Zero Trust Access solution is a crucial part of segmenting your network.

What needs improvement?

There could be better integration with legacy equipment. It integrates perfectly with all Fortinet solutions, but if you look at other third-party integrations—not on the networking part; but more on the security infrastructure part—it's more limited.

Its stability and scalability can be better. Aruba ClearPass is better in these aspects.

For how long have I used the solution?

I have used it only in the last few years. I had to do a few propositions. It has been only two or three years since I have been familiar with the FortiNAC solution.

Buyer's Guide
Fortinet FortiNAC
December 2024
Learn what your peers think about Fortinet FortiNAC. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.

What do I think about the stability of the solution?

Its stability and scalability are slightly lower than Aruba. I have a personal preference for Aruba ClearPass, so I would rate FortiNAC a seven out of 10 in these aspects.

How are customer service and support?

We have internal support, so I don't have any issues with it.

How was the initial setup?

It is pretty easy and straightforward. A default implementation can take two days. It is not that complex, but it also depends on the use cases that you have for the FortiNAC solution. So, it can be a really simple implementation, but it can also be months of implementation depending on the use case.

What other advice do I have?

I would advise really considering the use cases that you want to implement. That's because Fortinet has multiple license models. There are Base, Plus, and Pro licenses, and depending on the license model, you have more possibilities for integration. If you want to implement something like a premium device or guest management, you can't take the Base model. You have to directly go to the Plus model or even Pro. Similarly, if you want incident correlations and incident management, you have to go to the higher license version. So, you must consider all the use cases that you want to implement before you make a decision so that you take the correct version.

I would rate it a seven out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ahmet Coruk - PeerSpot reviewer
Co-founder at Korunet
Real User
Account customization, multiple languages available, and effective device blocking
Pros and Cons
  • "Fortinet FortiNAC has good user account customization."
  • "Integration is hard in Fortinet FortiNAC, but they are evolving and getting better. For example, with Cisco, Aruba, Huawei, and Extreme devices, Fortinet FortiNAC is working properly, but some other devices have problems."

What is our primary use case?

We installed Fortinet FortiNAC in a large company in a VM environment. They have a lot of end-users and complex user account needs. For example, some of the VIPs and different guests all need different access permissions and some of them are connected through the Active Directory credentials which we have to have a portal page for them to gain access. 

Another layer of complexity is different users are receiving accounts from many departments. For example, the customer's IT department gives them access and they send the credentials to the guest by email. The IT department can limit their account in different ways, such as only allowing the account access for a period of time.

What is most valuable?

Fortinet FortiNAC has good user account customization. 

We can change the logo for the portals to meet the customer's needs. The portal default language is English but it supports all languages, such as Turkish. The portal can be optimized very easily. 

Device profiling is a good feature, we can block devices, such as iOS or Android.

Endpoint compliance is a great feature that allows us to restrict and quarantine devices. For example, if a device is not using the latest version of an operating system or antivirus program we can detect it and prohibit their access. If certain conditions are met with the customer's policies, we can let them have access. Otherwise, our endpoints compliance rules block or quarantine their devices on the network.

What needs improvement?

Integration is hard in Fortinet FortiNAC, but they are evolving and getting better. For example, with Cisco, Aruba, Huawei, and Extreme devices, Fortinet FortiNAC is working properly, but some other devices have problems.

For how long have I used the solution?

I have been using Fortinet FortiNAC for a couple of months.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

Fortinet FortiNAC can extend your existing network. For example, if you have to put another switch, access point, or another networking device to complete the site we can with one or two clicks add these devices and the same rules and policies. It is highly scalable and can extend your infrastructure.

We currently have two customers using Fortinet FortiNAC

How was the initial setup?

The installation is not straightforward, it can be hard.  The documentation should be better in explaining to process in more detail. The installation requires too much experience and knowledge about network infrastructure. It's not easy, you have to be an expert.

The difficulty level of the installation and time depends on many factors. For example, one of our customer's installations was simple because they only had to block one site and only had one hardware vendor, such as Cisco. 

Our second installation was more difficult because the customer had many different hardware vendors, such as Cisco, Huawei, Aruba, and Extreme as part of their infrastructure. This requires configuring different settings on every device, it can be complicated. This can take a lot of time.

What about the implementation team?

We do the implementation and the amount of staff needed depends on the size of the infrastructure and hardware vendors involved. If it is a smaller environment with a single vendor then the process could take two to three days.

If the customer size is very large and they are using the different sites and cities, and many different network infrastructures, the implementation would take time and you would have to manage everything well. When you have a complex network, it can take approximately15 days to implement. The number of vendors they're working with can increase the implementation time duration. If companies only have one vendor, it's easy, but two or three different vendor integration is a little bit harder and takes time. 

Customer's needs are very important, because some customers, only want that 1x configuration. However, other customers want 1x configuration, custom portal pages, and many endpoint compliance rules. The more features the more time it will take.

What's my experience with pricing, setup cost, and licensing?

The price of the license required is based on how many users are going to be using the solution. If you want more users you can upgrade your license.

Which other solutions did I evaluate?

I have evaluated other NAC solutions.

What other advice do I have?

I would recommend Fortinet FortiNAC to others because we did evaluate other NAC solutions and this solution is very good compared to the others. The best benefit of Fortinet FortiNAC is the stability and it can work with other vendors. Some NAC products only work with their products and do not support other vendors.

The major benefit I have found is that this solution can work with other products. A customer typically has more than one vendor, such as access points, printers, and other network products. A lot of the other vendors only are working with their products. It's very important for me that Fortinet FortiNAC can work with the other vendors properly and can integrate easily. When I check the Fortinet website, it shows every vendor's details with an explanation about the integration of the Fortinet FortiNAC. For example, you can find out how to integrate the Fortinet FortiNAC with the Cisco wireless controller. I can find the documents, turn to the pages and find all the information I need. I can find it very easily.

I rate Fortinet FortiNAC a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Fortinet FortiNAC
December 2024
Learn what your peers think about Fortinet FortiNAC. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Ertuğrul Oruç - PeerSpot reviewer
Network Engineer at F2
Real User
Top 20
Provides good profiling features, but the integration capabilities need improvement
Pros and Cons
  • "The product offers good profiling features and can support various vendor products."
  • "FortiNAC could improve integration with other vendors."

What is most valuable?

The product offers good profiling features and can support various vendor products.

What needs improvement?

FortiNAC could improve integration with other vendors and enhance stability to compete more effectively with solutions like Cisco ISE.

For how long have I used the solution?

We've been using both FortiNAC for about four years.

How are customer service and support?

We contacted Fortinet's technical support, who helped resolve our issues.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Cisco ISE is more stable but comes at a higher cost than FortiNAC.

How was the initial setup?

Deploying FortiNAC can be time-consuming, especially considering the integration challenges with other vendors.

What other advice do I have?

Integrating FortiNAC with other vendors can be challenging, especially for Ruckus and Intelisys. We find Cisco ISE more comfortable for vendor integration.

I recommend FortiNAC, but with the caveat that users may encounter challenges with integration and stability.

I rate it a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Flag as inappropriate
PeerSpot user
Kitsana Saengphet - PeerSpot reviewer
Technical Manager at OPTIMIZED SOLUTION COLTD
Reseller
Top 10
Provides efficient identity protection features and good stability
Pros and Cons
  • "The product's most valuable feature is its ability to protect devices connected to network service."
  • "The product could be more user-friendly in terms of GUI."

What is our primary use case?

We use Fortinet FortiNAC for network access and identity protection.

What is most valuable?

The product's most valuable feature is its ability to protect devices connected to network service.

What needs improvement?

The product could be more user-friendly in terms of GUI than HPE. The configuration needs improvement as well.

For how long have I used the solution?

We have been using Fortinet FortiNAC for two years.

What do I think about the stability of the solution?

It is a stable platform. I rate its stability a ten out of ten.

What do I think about the scalability of the solution?

I rate the product’s scalability an eight out of ten. We have 100 users for it.

How are customer service and support?

The product’s technical support services are good. Although sometimes, they respond slowly.

How would you rate customer service and support?

Neutral

How was the initial setup?

I rate Fortinet FortiNAC’s initial setup process a seven out of ten. It takes two days to complete. The deployment process involves configuring the network access policies within the Azure environment.

What's my experience with pricing, setup cost, and licensing?

It is a reasonable product.

What other advice do I have?

It is a good product considering network security. It supports multiple devices and is easy to use. I can repair the box quickly in case of some failure. I rate it an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
it_user371886 - PeerSpot reviewer
Network Administrator at a university with 1,001-5,000 employees
Vendor
​It’s a unified place where we can manage campus onboarding. ​Interaction with other vendors switches & APs should be more thoroughly tested.

What is most valuable?

It’s a unified place where we can manage campus onboarding/BYOD NAC security.

How has it helped my organization?

It has provided port/wireless security to all devices trying to connect to our campus network.

What needs improvement?

Interaction with other vendors switches & APs should be more thoroughly tested as integration between Networks Sentry and other networking equipment needs to be seamless for this product to work.

For how long have I used the solution?

I've been using it for five years.

What was my experience with deployment of the solution?

We had no issues with deployment.

What do I think about the stability of the solution?

We had no issues with the stability.

What do I think about the scalability of the solution?

We had no issues with the scalability.

How are customer service and technical support?

Customer Service leaves a lot to be desired. Most times the engineers blame the customer’s network even even before they collect the necessary data regarding an issue. We’ve discovered several flaws and bugs with the system in various occasions, only to have Bradford support deny there’s a problem or make fun of the customer. Also, response time on cases has been terrible. After opening a case, it could take days before an initial response from TAC is performed. Even after that... cases can linger open for weeks or months before any feasible solution is found. We had a case regarding integration with Aerohive open for over a year. Furthermore, case resolution follows very non-standard Practices in the industry. In many instances, TAC engineers close the cases without notice or without asking the customer if it's OK to close the case or if the issue has been resolved.

Which solution did I use previously and why did I switch?

This is the first NAC appliance we ever used on-campus.

How was the initial setup?

Initial set-up required engineers to be on-site to configure the box to work with our network. Thus, I would say it was complex (this was in 2010; it might be different now).

What about the implementation team?

We implemented through a team provided by the vendor. I would advise to test implementation in a small building before make a campus-wide deployment.

What's my experience with pricing, setup cost, and licensing?

Pricing & Licensing are fair as far as we can tell.

What other advice do I have?

I would make sure this product integrates well with the customer’s network before deployment. We had to move away from this product recently on the Wireless side of the network as the Sentry would not integrate well with our Aerohive Wireless Infrastructure. We had an issue where the Sentry would not properly communicate with the APs and thus would let customers blocked from our network for no particular reason. Since this issue went unresolved for over three years, we decided to implement a different Wireless NAC solution and cut back our Bradford licenses to less than half of the original (we’re now using Bradford only to secure our wired network).

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Boniphace Mkindi - PeerSpot reviewer
Telecommunications Engineer at TZ Telecom Ltd.
Real User
A one-time product solution for a customer that’s a good system with good features, but the interface could be better
Pros and Cons
  • "The features are more expandable."
  • "The interface works fine, but it could be better."

What is our primary use case?

The customer required centralizing control to control access, detection, and network control. He requested processing a simple management point, the access, the devices, and distribution, and wanted to manage all the customer devices. He had a history of working with FortiNAC devices and wanted us to do the same. So I installed the product to understand it. 

What is most valuable?

The features are more expandable. 

What needs improvement?

The interface works fine, but it could be better.

For how long have I used the solution?

It was for a one-time product solution for a customer for about one year, and I'm still maintaining it. So far, we've had one client for it.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The product is scalable.

How are customer service and support?

We never had to use customer service or support, so it expired.

How would you rate customer service and support?

Neutral

How was the initial setup?

It was easy to set up the product. 

What other advice do I have?

I would rate this solution seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
PeerSpot user
Business Develop Manager at Cosmos Business Systems
Real User
It's configurable and easy to use, but it could be more scalable
Pros and Cons
  • "The users say that FortiNAC is configurable and easy to use."
  • "FortiNAC could be more scalable."

What is our primary use case?

FortiNAC provides authentication services for clients.

What is most valuable?

The users say that FortiNAC is configurable and easy to use. 

For how long have I used the solution?

I've been using FortiNAC for about three years.

What do I think about the stability of the solution?

FortiNAC's performance is excellent.

What do I think about the scalability of the solution?

FortiNAC could be more scalable. 

How was the initial setup?

Setting up FortiNAC is straightforward, and it takes about a week to deploy. 

What other advice do I have?

I rate Fortinet FortiNAC seven out of 10. It's a configurable product that integrates well with the other Fortinet products. It's easy to use and has a lot of features. It's tough for me to give a product a perfect 10. It must be simple, scalable, stable, and have excellent features covering almost all our technological needs. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
PeerSpot user
Network Administrator at a government with 1,001-5,000 employees
Real User
By forcing guests/users to register their BYOD devices we know who they are and can then apply appropriate web filtering policies to them based on a number of factors.

Valuable Features

Out of 6500 wireless devices we see issues with less than 0.5% of clients. Though the product has many features we only utilize a fraction of them. We use the product for registration and management of our wireless network (NAC). The most valuable asset is visibility in to what a client is and who is using it. By forcing guests/users to register their BYOD devices we know who they are and can then apply appropriate web filtering policies to them based on a number of factors. We can then use that data to export reports etc on usage of our wireless network as a whole and troubleshoot as needed.

Improvements to My Organization

Prior to using the product we had a fully open wireless network. This means anyone could come in off the street and connect to our wifi. We would not have knowledge of who they are if the did something illegal or wrong. Our level of security has increase greatly as well as our knowledge of who is on our network.

Room for Improvement

We have had issues with certain Windows 10 devices not being able to register which requires manual intervention to fix. I think they are working on this issue. As Windows 10 devices grow this issue will become greater.

Another major pain point is management of existing and new wireless access points. You must import the Aps into Network Sentry every time you put them on the network. Its also advised to use DHCP reservations for each AP. The system does not delete APs if you remove them from production as well. This means you must remove the APs from Sentry each time its stake out of production or placed in a new building etc. The initial setup of an AP doubled as a result of using this product. There are steps that must be performed and if any are missed, the AP becomes a black hole resulting in zero connectivity for clients connecting to it.

Use of Solution

We’ve used this solution for two years.

Customer Service and Technical Support

Their technical support is a 8/10. They are responsive and have the ability (if you allow) to log into your equipment remotely and fix problems or perform upgrades. They are helpful in answering questions and configuration assistance is always available as this product is complex at first.

Initial Setup

The initial deployment took three days however we encountered many issues. The main factor was our network set-up was not fully understood by Bradford prior to purchase and deployment. This created many issues while we were in production with 10-15% of our users having connectivity problems every day. We were not fully operational until 3 months after deployment.

Initial set-up was done via a “Quick Start” where the bare bones are implemented by and on site tech. This is not meant to be a full implementation but to get the foundation in place. The on-site tech was knowledgeable but again, we had issues with understanding out network set-up and its complexity which were not discovered in the quick start.

Implementation Team

Vendor team on site, which we paid for. In house is available but would have been very time consuming to learn and implement. I would not recommend quick start but instead have a tech on site for a minimum of 5-7 business days to fully understand the product. Its not until you are in full production will you see issues and have questions. As questions, learn how the product works deep down.

Pricing, Setup Cost and Licensing

Pricing is expensive but cheaper than some other solutions out there. Licensing is based on number of concurrent devices and a number of other factors depending on implementation type. Yearly maintenance fees are very reasonable and highly recommended. ROI is immediate for us in terms of visibility.

Other Solutions Considered

We did not evaluate other solutions other than on a cost basis.

Other Advice

Explain you network set-up in full detail with diagrams. VLANs, SSIDs, switch vendors, wireless vendors, subnets. What methods do you use today for wireless authentication (802.1x/WPA2-PSK/Open). Show them everything and what it looks like to be a client on your network today and the process to get on-line. This product manages both wired and wireless network is you choose both options. This product can also do posturing of devices to ensure they meet criteria like current updates and Antivirus etc. We are not using that functionality yet however.


Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Fortinet FortiNAC Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free Fortinet FortiNAC Report and get advice and tips from experienced pros sharing their opinions.