Fortinet FortiNAC and Cisco Identity Services Engine (ISE) compete in the network access control space. Cisco ISE appears to have an advantage due to its comprehensive security features and strong integration capabilities with Cisco products.
Features: Fortinet FortiNAC is known for its granular network visibility, ease of use, and flexibility in integration across different environments. It offers features like automation, artificial intelligence, and robust device compliance checks. Cisco ISE, on the other hand, is noted for its network access control capabilities, support for Trust Sec, and comprehensive 802.1X feature set. It integrates well with Cisco's ecosystem, providing extensive security control and options for network segmentation.
Room for Improvement: Users of Fortinet FortiNAC point out issues with device compatibility and integration with non-Fortinet products, indicating a need for improved support for third-party integrations. Cisco ISE users highlight complex deployment processes, cumbersome upgrades, and a convoluted licensing model as areas needing improvement. Enhancing Cisco ISE's usability and documentation is frequently suggested by users.
Ease of Deployment and Customer Service: Fortinet FortiNAC provides flexible deployment options across on-premises, public, and private clouds and is praised for its simplicity. However, improvements in global technical support response times are recommended. Cisco ISE supports flexible deployment models but often faces criticism for its complex setup. Despite this, Cisco's extensive support network is generally well-regarded, though response times and integration reluctance are noted concerns.
Pricing and ROI: Fortinet FortiNAC is considered a cost-effective solution with competitive pricing and notable ROI in security and operational efficiency. Customers appreciate its affordability compared to Cisco ISE, whose pricing is perceived as higher. However, Cisco ISE's extensive feature set and integration capabilities within the Cisco ecosystem are seen as justifying the cost, despite concerns over its subscription-based licensing and ongoing costs.
Direct comparisons with Forescout reveal up to 30% to 40% difference in cost savings.
I rate the technical support as one out of ten.
Sometimes it's challenging to identify which support team is responsible for certain issues, which is a significant concern.
They provide sessions to help with various questions.
They could do more to improve, not because of the product itself but because of the support they provide.
Factors like architecture, business nature, and legal limitations such as GDPR affect it.
The pricing model makes it challenging as the cost is substantial due to the per-node licensing model.
Cisco Identity Services Engine (ISE) is considered very reliable and stable.
The stability of Cisco Identity Services Engine (ISE) is poor for certain use cases, like authentication.
The whole setup works well with Cisco access points and Cisco switches, but when you have multiple vendors in the environment, such as HP switches or access points like Aruba, you'll find they will not work well with Cisco Identity Services Engine (ISE).
Pricing can be more expensive compared to other vendors, and there is a significant price gap observed, which doesn't seem justified by some specific features.
They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases.
Improvement in the interface design would make FortiNAC a better solution.
The graphical user interface (GUI) of Fortinet FortiNAC is very poor compared to competitors like Forcepoint and Cisco ISE.
Compared to other solutions like HPE ClearPass, Cisco is more costly, and the conversation suggests a possible forty percent price gap compared to competitors.
The license costs can range between $50,000 to $100,000 per year for enterprises.
Making large organizational costs significant.
Fortinet FortiNAC is relatively cheap compared to other solutions.
This solution ensures organizations have secure environments and also supports robust policy enforcement, allowing control over who has access to various parts of the network.
Cisco Identity Services Engine (ISE) is very good at device administration.
The solution is integrated with other Cisco devices and can offer automation for an organization, making deployments more dynamic and providing real-time visibility.
I appreciate the feature where it can connect with different vendor equipment, regardless of the network devices from other vendors.
The main advantage of Fortinet FortiNAC is its integration with the entire Fortinet product portfolio.
Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.
Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.
What are the key features of Cisco ISE?In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.
Fortinet's FortiNAC is a network access control solution that provides visibility, control, and automated response for everything that connects to the network, enhancing the security fabric. FortiNAC protects against Internet of Things (IoT) threats, extends control to third-party devices, and orchestrates automated responses to a variety of networking events.
Using many information and behavior sources, FortiNAC delivers extensive profiling of even headless devices on your network, allowing you to precisely identify what's on your network.
You can change the configurations of switches and wireless equipment from more than 70 vendors to implement micro-segmentation regulations. You can also extend the security fabric's reach in diverse contexts.
With FortiNac, you can respond in seconds to events in your network to stop attacks from spreading. When the relevant behavior is seen, FortiNAC offers a rich and customized set of automation policies that can rapidly trigger configuration changes.
Fortinet FortiNAC Features
Fortinet FortiNAC has many valuable key features. Some of the most useful ones include:
Fortinet FortiNAC Benefits
There are many benefits to implementing DX Spectrum. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Fortinet FortiNAC stands out among its competitors for a number of reasons. Two major ones are its robust network segmentation and its device visibility. PeerSpot users take note of the advantages of these features in their reviews:
A Senior Proposal Manager at a tech services company writes of the solution, “The network segmentation is the most important part of the solution. The integration with the Zero Trust Access solution is a crucial part of segmenting your network.”
Eranjaya K., Security Engineer at Eguardian lanka, notes, “We use Fortinet FortiNAC to receive excellent visibility of our network for traffic and what devices are connected to prevent attacks.” He adds, “I have found Fortinet FortiNAC to be scalable.”
We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.