Please share with the community what you think needs improvement with FortiNAC.
What are its weaknesses? What would you like to see changed in a future version?
This solution could be more agile. The technical support is in need of improvement.
The problem with Fortinet is that if you want to be 100% secure then you have to buy other products. It should support better integration with third-party solutions. The reporting capability needs to be improved.
The response and resolution time for technical support issues need to be improved. Support overall needs to be a little faster.
I've realized that one of the issues is the need to use agents. For instance, if a domain user has to authenticate on the network via FSSO or Certificate management he has to have a persistent agent. The admin UI is not that good. It could be better matched and more friendly to use and it cannot work as a RADIUS server. You have to have a RADIUS server which means bringing in a FortiAuthenticator to build it. The other thing would probably be the visibility granular. For example, when I have a user at a particular branch, I can't tell what SSIDs they are connected to. I only have the IP addresses so if the wireless controller is integrated with FortiNAc, you're going to realize that you won't be able to know whether a particular person is connected, that an AP is connected to a particular SSID, is connected to. . . etc. It only gives you the IP addresses, Host names, etc. That has to be improved and am sure it will be in the next build version. Additional features, would be an agentless link and adopters - online, offline adopters - it picks the IP's, the host names, the layer 3 information, layer 2 information, what's connected. And also to give different privileges, best rule privileges to users. VLAN Interswitching (state based controls) could be quicker when doing the process flow from different sorts of authentication. When it comes to guests or contractors, you don't want to use a dissolvable agents. It dissolves in the process of downloading, but it takes longer and that could be improved.
For our organization and our clients, the price is the main concern. They should work to make it more competitive. Customization could be improved in future releases.
Something that the developers of FortiNAC might look at to improve, is more integration with third-party products. The dashboard also needs to improve.
I think that the course content could be improved, it's not that simple to work through. I'm an expert on Cisco ISE. And also I have CCIE on Cisco. I made a comparison between Cisco ISE and FortiNAC. Cisco ISE has full integration but FortiNAC doesn't.
The implementation process needs improvement. Right now, it's somewhat complicated. They could create some templates to facilitate implementation. Right now everything is done manually, and it just takes a really long time at the initial setup.
I think the network devices need to give more information. In the next release, we'd like to see more information on controlling, for example, adding more policies etc. We should get more information about IoT devices, and have more information available for the users.
Not using a Java front-end would be fantastic. It takes forever to load the system up and get in there to configure everything. It is too slow to do anything at all.
How do FortiAuthentucator and FortiNAC differ? I am also comparing it with ClearPass.