ClaudeMualuko - PeerSpot reviewer
CyberSecurity Engineer at Computech Limited
Real User
Top 5
Device fingerprinting feature for creating and enforcing access policies
Pros and Cons
  • "The device fingerprinting feature allowed for easy creation and enforcement of access policies."
  • "The user interface and the product's intuitiveness could be improved."

What is our primary use case?

We used it for network access control of internal users on wired networks, as well as to enforce USB port blocking. Some complaints were directed to me, and that was the primary use case.

What is most valuable?

The device fingerprinting feature was helpful in creating and enforcing access policies. The device profiling feature allows you to create fingerprints and define acceptance policies based on that.

What needs improvement?

The user interface and the product's intuitiveness could be improved. In future releases, it would be great if they could improve the usability of the solution, particularly for SaaS environments.

For how long have I used the solution?

I worked with the Fortinet FortiNAC solution for around four months.

Buyer's Guide
Fortinet FortiNAC
March 2024
Learn what your peers think about Fortinet FortiNAC. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.

What do I think about the stability of the solution?

Initially, during the first week or two, it was a bit unstable, but they were resolved.

What do I think about the scalability of the solution?

It is scalable, especially with the VM part, allowing for easy expansion based on needs. Around 50 users were using FortiNAC from our customer side. 

How are customer service and support?

The customer service and support team is really good. They know what they are doing. 

Which solution did I use previously and why did I switch?

I have experience with other solutions as well. In terms of pros, I would say Fortinet has a simpler version, and it's more user-friendly when it comes to creating policies. As for cons, I'm not sure if it supports certain devices that require a more secure connection.

How was the initial setup?

The initial setup required someone with experience. I would rate my experience with the initial setup around an eight out of ten, where ten is the most complex. So, it was moderately complex.

The documentation was comprehensive and well-documented. I didn't have any complaints working with it.

What about the implementation team?

I deployed it virtually on a VMware server. I set it up, onboarded the devices, created the policies, and added the necessary configurations.

Deployment varied depending on user dependencies, but it took around ten days. There were three people involved in the deployment.

Moreover, it doesn't really require much maintenance besides regular updates.

What other advice do I have?

I would recommend Fortinet FortiNAC. Overall, I would give it an eight out of ten. The UI could be improved, but overall, it's a good solution.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Bruno Moreira - PeerSpot reviewer
Network Security Consultant at SigmaTelecom
Real User
Top 5Leaderboard
Easy to use and monitors the antivirus performance
Pros and Cons
  • "The most valuable feature of Fortinet FortiNAC is compliance, which we can do with the clients and the endpoints on the network."
  • "Fortinet FortiNAC's documentation should be improved because there's not much debugging or troubleshooting documentation for the Fortinet FortiNAC."

What is our primary use case?

Fortinet FortiNAC is very easy to use, and we can run the proof of concept in one day. The main part of the configuration is to create the policies. We can present more of the solution and protect more clients with it.

How has it helped my organization?

One of our customers had a network segmentation project on which they were going to segment their network with new VLANs. They would have to spend a lot of time configuring around 500 switches if the segmentation was done without a NAC. We presented Fortinet FortiNAC to them, and we were able to help them with the VLAN segmentation project. With the Fortinet FortiNAC, you don't need to do the segmentation because the solution helps with the VLAN micro-segmentation. We could do all the segmentation they were planning by creating policies on the Fortinet FortiNAC. They only had to create the VLANs on all the 500 switches, which was easy because they have their network management solution and Aruba switches. All they needed to do was create the SNMP configuration. We had to discover all the switches because NAC has this feature on which you discover all the network devices, point the IP range, and then the NAC tries to find network devices in the environment. We created the policies the way they wanted. For instance, if it is an IP phone, it should go to the IP VLAN; if it is a Windows desktop, it should go to the desktop VLAN; and if it is a Windows server, it should go to the server VLAN. We created such policies using Fortinet FortiNAC, and we were able to help our customers reduce their expenses with their network project.

What is most valuable?

The most valuable feature of Fortinet FortiNAC is compliance, which we can do with the clients and the endpoints on the network. We can specify many rules to check if the device is on the domain and if there is any allowed process running on the endpoint. We can use the Fortinet FortiNAC to monitor if the antivirus is working and is up-to-date on the endpoint. If there is something wrong with the endpoint, we can quarantine it so that the endpoint won't have access to the internet or will only have access to the NAC portal that tells the user what is wrong with their endpoint.

What needs improvement?

Fortinet FortiNAC's documentation should be improved because there's not much debugging or troubleshooting documentation for the Fortinet FortiNAC. We had to open a ticket with Fortinet for an issue we faced on the FortiNAC. During this ticket handling, we were able to learn a lot of troubleshooting comments which are not properly documented. If it is documented, it's only internally on Fortinet, not as a public document. Fortinet FortiNAC must work around this and allow partners access to those troubleshooting documents.

I would like to see a more refined way to customize the portals. We are not able to do a lot of customization on the Fortinet FortiNAC portals. We cannot change anything or create a title for the Fortinet FortiNAC portal as we can on other portals.

For how long have I used the solution?

I have been using Fortinet FortiNAC since 2018.

What do I think about the stability of the solution?

I rate Fortinet FortiNAC an eight out of ten for stability because I had issues with its previous versions.

What do I think about the scalability of the solution?

I rate Fortinet FortiNAC a ten out of ten for scalability. We have plans to use Fortinet FortiNAC even more in the future. We have three ongoing projects, two projects that we just closed, and ongoing proof of concepts for another project.

How are customer service and support?

Fortinet FortiNAC's technical support is very good. There are not a lot of Fortinet technicians enabled to troubleshoot FortiNAC. However, when we find one, they are very helpful.

How was the initial setup?

It is straightforward to deploy Fortinet FortiNAC until you reach the compliance part. If you have a simple compliance rule, you have just one policy. However, with Fortinet FortiNAC, we can create layers of compliance, and that's when it gets complicated since there is no visual way to see those layers. You need to know your configuration to understand the layers. If someone new accesses the Fortinet FortiNAC solution and tries to look through your policies, they will need time and training to understand how the layers of compliance work.

What was our ROI?

One of our customers was going to spend more than 100 hours with technical people to configure all the segmentation they were planning for their network project. With the help of Fortinet FortiNAC, we reduced it from 100 hours to 10 hours of effort.

What other advice do I have?

We are using the Fortinet FortiNAC 9.2 version. Since Fortinet FortiNAC is a network access control solution, it is better to have it on-premises, and closer to the devices it will manage.

Sometimes we have a lot of issues either because of the old models of switches the customers are using, or the customer is using a type of switch that is not manageable. However, that's more of a design issue.

You must have a good network for you to be able to use Fortinet FortiNAC. If you don't have a full network project with new devices and router switches, you must first fix your network.

Overall, I rate Fortinet FortiNAC a nine out of ten.


Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Fortinet FortiNAC
March 2024
Learn what your peers think about Fortinet FortiNAC. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
ClaudeMualuko - PeerSpot reviewer
CyberSecurity Engineer at Computech Limited
Real User
Top 5
A scalable solution with a customizable dashboard and a user-friendly user interface
Pros and Cons
  • "Compared to other NAC vendors, Fortinet’s user interface is more user-friendly."
  • "The product must make its UI similar to other Fortinet products."

What is our primary use case?

We use the solution for network access control and endpoint profiling.

What is most valuable?

Compared to other NAC vendors, Fortinet’s user interface is more user-friendly. The UI of other NAC products is very complex. We can customize the dashboard.

What needs improvement?

The product must try to streamline the user interface. The product must make its UI similar to other Fortinet products.

For how long have I used the solution?

I have been using the solution for two years.

What do I think about the stability of the solution?

I rate the tool’s stability a nine out of ten. The product was a bit unstable for the first few days, but it stabilized eventually.

What do I think about the scalability of the solution?

I rate the tool’s scalability a nine out of ten.

How are customer service and support?

Support is amazing. The team is knowledgeable and has a quick response time.

How would you rate customer service and support?

Positive

How was the initial setup?

I rate the ease of setup an eight out of ten.

What about the implementation team?

The deployment took a month because we had some dependencies on the client. That's why it was delayed a bit. Only one person is needed to deploy the solution.

What other advice do I have?

I would definitely recommend the product to others, but it is always good to do a POC first. Overall, I rate the solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Technology Consultant Team Head at Ignite Solutions
Real User
Top 20
All of the features are valuable and we find it beneficial because it applies the permission rules
Pros and Cons
  • "All the features of Fortinet FortiNAC are valuable."
  • "Keeping the hard disk on the one series will be easier for the distributor and will keep the prices lower for the customer."

What is our primary use case?

Our customers are from the security and financial services industries. 

FortiNAC is a network access control. In banking systems and in terminals, we need to manage VLAN and receive reports like IBS and IDS. Every VLAN has specific information to share some, but not all, of the files, because there are restrictions in the banking and financial systems. 

What is most valuable?

All the features of Fortinet FortiNAC are valuable. We find it beneficial to apply the permission rules. 

What needs improvement?

I have 20 years of experience working with these kinds of products with no issues. Any graphical user interface was very easy to use. Now, everything is new.

For future releases, I recommend that Fortinet make more series with a hard disk. We have customers who request a hard disk. On the one series, 21.101, we can see it has an internal hard disk. The 101 and 201 have a hard disk, however, the 100 and 200 do not. Keeping the hard disk on the one series will be easier for the distributor and will keep the prices lower for the customer. 

For how long have I used the solution?

I have been using Fortinet FortiNAC for eight years.

What do I think about the stability of the solution?

The stability of this product is very good. With FortiNAC you have protection for each of your services.

How are customer service and support?

Technical support from Fortinet can be slow as there are some delays. Just like most service providers, the first line of support is the least knowledgeable, so they refer you to the second or third level of support, which causes delays.

However, to activate the license or extend the warranty, they are fast.

We are able to do all of our projects without support. The stability is good. Therefore, I would rate customer service and support a nine out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

Deployment of Fortinet FortiNAC took no more than three days. One day for analysis, the second day to implement, and the last day to transfer the implementation documents to the end user and to test it.

What about the implementation team?

We implemented this solution by ourselves. The solution requires one or two engineers to deploy and maintain it.

Which other solutions did I evaluate?

We evaluated Palo Alto, it is very good, however, it is difficult to transfer knowledge for the end user. Palo Alto also does not have email protection.

What other advice do I have?

Fortinet performs all the services we require from them. The implementation of the solution is easy. 

Overall, I would rate Fortinet FortiNAC a nine out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Boller -Anyiine - PeerSpot reviewer
Security Solutions Architect at a manufacturing company with 1,001-5,000 employees
Real User
Top 5
Give you visibility over the IoT devices on the network, and can control as many users as you want, but reporting can use improvement
Pros and Cons
  • "The most valuable feature of the solution is having visibility over the IoT devices on the network."
  • "The reporting can also use improvement."

What is our primary use case?

The primary use case is for the visibility of the entire network architecture. It provides visibility to the switches, and routers to see the domain users, contractors, and guest users. It provides network access control, to be able to tell what endpoints are running on the machine, and what windows updates are on the machine. It is also used for cyber threat control.

What is most valuable?

The most valuable feature of the solution is having visibility over the IoT devices on the network. It allows the organization to see all the machines on the network, who is accessing what at which time, and what they are doing.

What needs improvement?

When you compare the solution to other NAC solutions like ISE and Portnox, you realize that it is not able to work as a single sign-on device. You need to use it with FortiAuthenticator. If you want to use certificate management, and two-factor authentication, you have to buy a FortiAnalyzer, which is different from ISE. I would like to see these features included with the solution.

The reporting can also use improvement. 

For how long have I used the solution?

I have been using the solution for three years.

What do I think about the stability of the solution?

The latest version of the solution is stable.

What do I think about the scalability of the solution?

The scalability is good. You can control as many users as you want.

How are customer service and support?

The support is useful. They are usually able to log on and resolve the issues.

How would you rate customer service and support?

Neutral

How was the initial setup?

The initial setup is straightforward on VMware, but it gets complex if you try to set up for example on Hypervisor. You need to have advanced knowledge to have a successful setup.

What about the implementation team?

We implement the solution for other clients.

What other advice do I have?

I rate the solution a seven out of ten.

If the deployment is strictly on a wired network it takes about a week however, if it is primarily on a wireless network it can take about three weeks.

Maintaining the solution is easy. The only area that may require additional support is if there is a large number of new guest users on the network. That requires admin approval for each user individually and takes time.

I would say it is a good solution, especially if you have IOT onboarding with a sponsor. You will be able to manage your users in a seamless way.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Manager at InterLAN
Real User
Top 5
Offers network visibility and helps to avoid stranger devices getting into the LAN or Wi-Fi
Pros and Cons
  • "The tool provides us with a list of devices that tries to connect to our network. It offers us a lot of network visibility."
  • "The solution's licensing price should be improved."

What is our primary use case?

We use the tool to ensure that we have network access. It also helps us avoid stranger devices getting into the LAN or Wi-Fi. 

How has it helped my organization?

The tool provides us with a list of devices that tries to connect to our network. It offers us a lot of network visibility.

What needs improvement?

The solution's licensing price should be improved. 

For how long have I used the solution?

I have been using the product for three years. 

What do I think about the stability of the solution?

I would rate Fortinet FortiNAC's stability a ten out of ten. 

What do I think about the scalability of the solution?

I would rate the product's scalability a ten out of ten. 

How was the initial setup?

Fortinet FortiNAC's setup is straightforward. 

What was our ROI?

We have seen ROI with the tool's use and it is high. 

What other advice do I have?

I would rate the product an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
PeerSpot user
Network consultant at Juniper Solutions Ltd
Real User
Top 5Leaderboard
Provides efficient network protection and has good scalability
Pros and Cons
  • "It is a good product."
  • "Its technical support needs improvement."

What is our primary use case?

We use the solution as a firewall to protect the network.

What needs improvement?

The solution's technical support needs improvement.

For how long have I used the solution?

We have been using the solution for two or three years.

What do I think about the scalability of the solution?

It is a scalable solution. Our organization has more than 200 users and plans to increase its usage.

How are customer service and support?

The solution's technical support could be better.

Which solution did I use previously and why did I switch?

I have used Sophos, CyberArk, and Palo Alto solutions earlier.

How was the initial setup?

We require two executives for the deployment and maintenance of the solution.

What was our ROI?

The solution generates a return on investment for us. 

What other advice do I have?

I rate the solution a nine out of ten. It is a good product.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ubeyd  Kara - PeerSpot reviewer
Founder at Prosight
Real User
Top 10
Is suitable for multivendor topologies and handles most configurations
Pros and Cons
  • "With FortiNAC, we don't need to configure the mass client site or access points. For example, we don't need to configure the switching site for a client's site. With Persistent Agent, it makes it much easier."
  • "I would like to be able to compare the configuration backup before and after."

What is our primary use case?

We use this solution to control the network.

What is most valuable?

With FortiNAC, we don't need to configure the mass client site or access points. For example, we don't need to configure the switching site for a client's site. With Persistent Agent, it makes it much easier.

What needs improvement?

I would like to be able to compare the configuration backup before and after.

What do I think about the stability of the solution?

After version nine, the solution has been stable. There were some issues with stability in the previous versions.

What do I think about the scalability of the solution?

It is a scalable solution. Some of my customers have nearly 100 endpoints. I use sync topology with my customer who has over 2000 clients or endpoints.

How are customer service and support?

The technical support is fast, and I would rate them at nine out of ten for speed.

I would rate the documentation in relation to problem solving at seven out of ten.

How was the initial setup?

Fortinet FortiNAC is easier to deploy than Cisco ISE or Aruba ClearPass. However, you have to know authentication systems and requirements when implementing on NAC devices.

What's my experience with pricing, setup cost, and licensing?

FortiNAC's price has gone up in the last year. However, compared to other solutions, such as Cisco ISE, it is cheaper.

What other advice do I have?

If you're considering implementing FortiNAC, I recommend determining which type of implementation is suitable for your needs.

FortiNAC can handle most configurations easily, but Cisco ISE works with only Cisco devices. Thus, FortiNAC is suitable for multivendor topologies, whereas Cisco ISE is not. Overall, I would rate FortiNAC at eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Fortinet FortiNAC Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Fortinet FortiNAC Report and get advice and tips from experienced pros sharing their opinions.