Fortinet FortiNAC Reviews

Out of 6500 wireless devices we see issues with less than 0.5% of clients. Though the product has many features we only utilize a fraction of them. We use the product for registration and management of our wireless network (NAC). The most valuable asset is visibility in to what a client is and who is using it. By forcing guests/users to register their BYOD devices we know who they are and can then apply appropriate web filtering policies to them based on a number of factors. We can then use that data to export reports etc on usage of our wireless network as a whole and troubleshoot as needed.

Prior to using the product we had a fully open wireless network. This means anyone could come in off the street and connect to our wifi. We would not have knowledge of who they are if the did something illegal or wrong. Our level of security has increase greatly as well as our knowledge of who is on our network.

We have had issues with certain Windows 10 devices not being able to register which requires manual intervention to fix. I think they are working on this issue. As Windows 10 devices grow this issue will become greater.

Another major pain point is management of existing and new wireless access points. You must import the Aps into Network Sentry every time you put them on the network. Its also advised to use DHCP reservations for each AP. The system does not delete APs if you remove them from production as well. This means you must remove the APs from Sentry each time its stake out of production or placed in a new building etc. The initial setup of an AP doubled as a result of using this product. There are steps that must be performed and if any are missed, the AP becomes a black hole resulting in zero connectivity for clients connecting to it.

We’ve used this solution for two years.

Their technical support is a 8/10. They are responsive and have the ability (if you allow) to log into your equipment remotely and fix problems or perform upgrades. They are helpful in answering questions and configuration assistance is always available as this product is complex at first.

The initial deployment took three days however we encountered many issues. The main factor was our network set-up was not fully understood by Bradford prior to purchase and deployment. This created many issues while we were in production with 10-15% of our users having connectivity problems every day. We were not fully operational until 3 months after deployment.

Initial set-up was done via a “Quick Start” where the bare bones are implemented by and on site tech. This is not meant to be a full implementation but to get the foundation in place. The on-site tech was knowledgeable but again, we had issues with understanding out network set-up and its complexity which were not discovered in the quick start.

Vendor team on site, which we paid for. In house is available but would have been very time consuming to learn and implement. I would not recommend quick start but instead have a tech on site for a minimum of 5-7 business days to fully understand the product. Its not until you are in full production will you see issues and have questions. As questions, learn how the product works deep down.

Pricing is expensive but cheaper than some other solutions out there. Licensing is based on number of concurrent devices and a number of other factors depending on implementation type. Yearly maintenance fees are very reasonable and highly recommended. ROI is immediate for us in terms of visibility.

We did not evaluate other solutions other than on a cost basis.

Explain you network set-up in full detail with diagrams. VLANs, SSIDs, switch vendors, wireless vendors, subnets. What methods do you use today for wireless authentication (802.1x/WPA2-PSK/Open). Show them everything and what it looks like to be a client on your network today and the process to get on-line. This product manages both wired and wireless network is you choose both options. This product can also do posturing of devices to ensure they meet criteria like current updates and Antivirus etc. We are not using that functionality yet however.

We used it for network access control of internal users on wired networks, as well as to enforce USB port blocking. Some complaints were directed to me, and that was the primary use case.

The device fingerprinting feature was helpful in creating and enforcing access policies. The device profiling feature allows you to create fingerprints and define acceptance policies based on that.

The user interface and the product's intuitiveness could be improved. In future releases, it would be great if they could improve the usability of the solution, particularly for SaaS environments.

I worked with the Fortinet FortiNAC solution for around four months.

Initially, during the first week or two, it was a bit unstable, but they were resolved.

It is scalable, especially with the VM part, allowing for easy expansion based on needs. Around 50 users were using FortiNAC from our customer side. 

The customer service and support team is really good. They know what they are doing. 

I have experience with other solutions as well. In terms of pros, I would say Fortinet has a simpler version, and it's more user-friendly when it comes to creating policies. As for cons, I'm not sure if it supports certain devices that require a more secure connection.

The initial setup required someone with experience. I would rate my experience with the initial setup around an eight out of ten, where ten is the most complex. So, it was moderately complex.

The documentation was comprehensive and well-documented. I didn't have any complaints working with it.

I deployed it virtually on a VMware server. I set it up, onboarded the devices, created the policies, and added the necessary configurations.

Deployment varied depending on user dependencies, but it took around ten days. There were three people involved in the deployment.

Moreover, it doesn't really require much maintenance besides regular updates.

I would recommend Fortinet FortiNAC. Overall, I would give it an eight out of ten. The UI could be improved, but overall, it's a good solution.

We use Fortinet FortiNAC to receive excellent visibility of our network for traffic and what devices are connected to prevent attacks.

Fortinet FortiNAC could further improve its network visibility.

I have been using Fortinet FortiNAC for two and a half years.

Fortinet FortiNAC is a stable solution.

I have found Fortinet FortiNAC to be scalable.

The deployment of Fortinet FortiNAC could be better. When we are deploying the solution we have some level of dependencies with other vendors for their connection to Fortinet FortiNAC. Without these dependencies, it would be better.

Overall I am satisfied with the solution.

My advice to others wanting to implement Fortinet FortiNAC I would recommend before the start of the deployment to have a good summary of the documents ready. It makes it easier to follow the guides and have knowledge of their network beforehand.

I rate Fortinet FortiNAC an eight out of ten.

Our customers use it for micro-segmentation in the network and authentication.

We typically install this solution for medium-sized companies.

It expands authentication. It's incredibly good with profiling and onboarding methods.

Overall, it's a great product. The GUI is a little bit strange — different than other Fortinet products. It could be more user-friendly.

I have been using this solution for one year.

Fortinet FortiNAC is both scalable and stable.

Their technical support is very good. I am satisfied. 

It depends on the client and infrastructure, but it's very well documented. FortiNAC has a huge documentation library with a really good deployment and installation guide. 

Deployment time depends on the size and infrastructure of the company.

I handle the implementation for our customers but I rarely perform maintenance.

I believe there are three types of licenses based on three uses: visibility, control, and response — if I remember correctly. 

Be sure to carefully read over the documentation pack because it's really great — I Absolutely love it.

On a scale from one to ten, I would give this solution a rating of ten.

We use the tool to connect different networks, like connecting one side to another. Additionally, we deploy some policies to allow certain users within the network environment.

The most valuable aspect of this product is its security features. Many customers prefer cheaper devices, but those often lack adequate security measures. It also supports compliance with industry regulations. 

Fortinet FortiNAC's price is expensive compared to other products. 

I have been using the solution for three to four years. 

I rate the tool's stability a nine out of ten.

Fortinet FortiNAC's scalability is good. 

I haven't used the tool's support yet.

The tool's main difference from other products is security, ease of access, and integration with other devices.

The initial setup is not complex—it's quite straightforward. However, the complexity of the environment can vary depending on the customer's requirements.

It could be difficult, depending on the environment. Sometimes, we need integration with other devices, which adds complexity. It's particularly challenging when integrating with older vendors, as their installation processes are often more complex.

I rate it a nine out of ten.

I rate Fortinet FortiNAC's pricing an eight out of ten. 

I rate the overall solution a nine out of ten. 

The product offers good profiling features and can support various vendor products.

FortiNAC could improve integration with other vendors and enhance stability to compete more effectively with solutions like Cisco ISE.

We've been using both FortiNAC for about four years.

We contacted Fortinet's technical support, who helped resolve our issues.

Positive

Cisco ISE is more stable but comes at a higher cost than FortiNAC.

Deploying FortiNAC can be time-consuming, especially considering the integration challenges with other vendors.

Integrating FortiNAC with other vendors can be challenging, especially for Ruckus and Intelisys. We find Cisco ISE more comfortable for vendor integration.

I recommend FortiNAC, but with the caveat that users may encounter challenges with integration and stability.

I rate it a seven out of ten.

We use the solution for network access control and endpoint profiling.

Compared to other NAC vendors, Fortinet’s user interface is more user-friendly. The UI of other NAC products is very complex. We can customize the dashboard.

The product must try to streamline the user interface. The product must make its UI similar to other Fortinet products.

I have been using the solution for two years.

I rate the tool’s stability a nine out of ten. The product was a bit unstable for the first few days, but it stabilized eventually.

I rate the tool’s scalability a nine out of ten.

Support is amazing. The team is knowledgeable and has a quick response time.

Positive

I rate the ease of setup an eight out of ten.

The deployment took a month because we had some dependencies on the client. That's why it was delayed a bit. Only one person is needed to deploy the solution.

I would definitely recommend the product to others, but it is always good to do a POC first. Overall, I rate the solution a nine out of ten.