Fortinet FortiNAC OverviewUNIXBusinessApplication

Fortinet FortiNAC is the #4 ranked solution in top Network Access Control (NAC) tools. PeerSpot users give Fortinet FortiNAC an average rating of 7.4 out of 10. Fortinet FortiNAC is most commonly compared to Cisco ISE (Identity Services Engine): Fortinet FortiNAC vs Cisco ISE (Identity Services Engine). Fortinet FortiNAC is popular among the large enterprise segment, accounting for 54% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 19% of all views.
Fortinet FortiNAC Buyer's Guide

Download the Fortinet FortiNAC Buyer's Guide including reviews and more. Updated: December 2022

What is Fortinet FortiNAC?

Fortinet's FortiNAC is a network access control solution that provides visibility, control, and automated response for everything that connects to the network, enhancing the security fabric. FortiNAC protects against Internet of Things (IoT) threats, extends control to third-party devices, and orchestrates automated responses to a variety of networking events.

Using many information and behavior sources, FortiNAC delivers extensive profiling of even headless devices on your network, allowing you to precisely identify what's on your network.

You can change the configurations of switches and wireless equipment from more than 70 vendors to implement micro-segmentation regulations. You can also extend the security fabric's reach in diverse contexts.

With FortiNac, you can respond in seconds to events in your network to stop attacks from spreading. When the relevant behavior is seen, FortiNAC offers a rich and customized set of automation policies that can rapidly trigger configuration changes.

Fortinet FortiNAC Features

Fortinet FortiNAC has many valuable key features. Some of the most useful ones include:

  • Agent or agentless (automated) scanning of the network for device detection and classification
  • Generates a list of all the devices on the network.
  • Evaluates the risk of each network endpoint.
  • Consolidates the architecture to make deployment and management easier
  • Gives wide support for third-party network devices to maintain compatibility with current network infrastructure,
  • Automates the process of onboarding a large number of endpoints, users, and visitors.
  • Enables network segmentation and enforces dynamic network access restriction.
  • Reduces the time it takes to contain a problem from days to seconds.
  • Reduces investigation time by reporting events to SIEM with detailed contextual data.

Fortinet FortiNAC Benefits

There are many benefits to implementing DX Spectrum. Some of the biggest advantages the solution offers include:

  • Automatic response: FortiNAC will continuously monitor the network, analyzing endpoints to ensure they meet their profile. FortiNAC will rescan devices to verify that MAC-address spoofing does not compromise the security of your network access. FortiNAC can also keep an eye out for unusual traffic patterns. The FortiGate appliances are used in conjunction with this passive anomaly detection. When a compromised or vulnerable endpoint is identified as a threat, FortiNAC initiates a real-time automatic response to confine the endpoint.

  • Total device visibility: FortiNAC monitors the entire network and provides total visibility. FortiNAC searches your network for users, applications, and devices. FortiNAC may then profile each element based on observed attributes and reactions, as well as drawing on FortiGuard's IoT Services, a cloud-based database for identification look-ups, using up to 21 distinct techniques.
  • Dynamic network management: Once the devices and users have been identified, FortiNAC allows for extensive network segmentation to allow devices and users access to critical resources while preventing unauthorized access. FortiNAC employs dynamic role-based network access control to conceptually establish network segments by grouping similar applications and data together to restrict access to a certain set of users and/or devices. If a device is compromised in this way, its capacity to travel through the network and target other assets is constrained. FortiNAC assists in the protection of sensitive data and assets while maintaining compliance with internal, industry, and government standards and directives. Assuring the integrity of devices before they join the network reduces the chance of malware spreading.

Reviews from Real Users

Fortinet FortiNAC stands out among its competitors for a number of reasons. Two major ones are its robust network segmentation and its device visibility. PeerSpot users take note of the advantages of these features in their reviews:

A Senior Proposal Manager at a tech services company writes of the solution, “The network segmentation is the most important part of the solution. The integration with the Zero Trust Access solution is a crucial part of segmenting your network.”

Eranjaya K., Security Engineer at Eguardian lanka, notes, “We use Fortinet FortiNAC to receive excellent visibility of our network for traffic and what devices are connected to prevent attacks.” He adds, “I have found Fortinet FortiNAC to be scalable.”

Fortinet FortiNAC was previously known as FortiNAC, Bradford Networks, Bradford Networks Sentry, Network Sentry Family.

Fortinet FortiNAC Customers

Isavia, Pepperdine University, Medical University of South Carolina, Columbia University Medical Center, Utah Valley University

Fortinet FortiNAC Video

Archived Fortinet FortiNAC Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Cyber Security Engineer at a tech services company with 201-500 employees
Real User
Orchestrates automatic responses to a wide range of networking events
Pros and Cons
  • "Fortinet FortiNAC is both scalable and stable."
  • "The GUI is a little bit strange — different than other Fortinet products."

What is our primary use case?

Our customers use it for micro-segmentation in the network and authentication.

We typically install this solution for medium-sized companies.

What is most valuable?

It expands authentication. It's incredibly good with profiling and onboarding methods.

What needs improvement?

Overall, it's a great product. The GUI is a little bit strange — different than other Fortinet products. It could be more user-friendly.

For how long have I used the solution?

I have been using this solution for one year.

Buyer's Guide
Fortinet FortiNAC
December 2022
Learn what your peers think about Fortinet FortiNAC. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,774 professionals have used our research since 2012.

What do I think about the scalability of the solution?

Fortinet FortiNAC is both scalable and stable.

How are customer service and support?

Their technical support is very good. I am satisfied. 

How was the initial setup?

It depends on the client and infrastructure, but it's very well documented. FortiNAC has a huge documentation library with a really good deployment and installation guide. 

Deployment time depends on the size and infrastructure of the company.

What about the implementation team?

I handle the implementation for our customers but I rarely perform maintenance.

What's my experience with pricing, setup cost, and licensing?

I believe there are three types of licenses based on three uses: visibility, control, and response — if I remember correctly. 

What other advice do I have?

Be sure to carefully read over the documentation pack because it's really great — I Absolutely love it.

On a scale from one to ten, I would give this solution a rating of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Manjil Bhetwal - PeerSpot reviewer
Presales Engineer at a tech services company with 11-50 employees
Real User
Top 5
Easy to deploy and use with good reporting, but technical support needs to be improved

What is our primary use case?

We are a solution provider and this is one of the products that we implement for our clients.

What is most valuable?

The most valuable features are the ease of deployment and ease of use.

The reporting is good.

What needs improvement?

This solution could be more agile.

The technical support is in need of improvement.

For how long have I used the solution?

I have between six and eight months of experience with FortiNAC.

What do I think about the stability of the solution?

FortiNAC is a stable solution.

What do I think about the scalability of the solution?

This is a scalable solution and most of our customers are enterprise-level organizations. The majority and financial institutions and government bodies.

How are customer service and technical support?

I feel that technical support can be improved.

How was the initial setup?

The complexity of the installation and the length of time for deployment depends on the client's requirements, as well as their level of involvement. 

What's my experience with pricing, setup cost, and licensing?

The pricing is similar to that of other solutions.

What other advice do I have?

My advice for anybody who is considering this product is to first do a proof of concept. Everybody has different requirements and it is best to ensure that FortiNAC meets your needs before implementing it.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Buyer's Guide
Fortinet FortiNAC
December 2022
Learn what your peers think about Fortinet FortiNAC. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,774 professionals have used our research since 2012.
Asst. Network Security Engineer at a tech services company with 11-50 employees
Real User
Good usability and security, but technical support needs to be faster

What is our primary use case?

We are a solution provider and this is one of the products that we implement for our clients.

My role is security and I deal with products to protect data centers. FortiNAC makes up part of the security solution in a data center.

What is most valuable?

The most valuable features are usability and security.

What needs improvement?

The response and resolution time for technical support issues need to be improved. Support overall needs to be a little faster.

For how long have I used the solution?

I have two years of experience with FortiNAC.

What do I think about the stability of the solution?

FortiNAC is a stable product.

What do I think about the scalability of the solution?

Scalability depends on licensing. Our customers vary in size from small and medium-sized businesses to enterprise-level organizations.

How are customer service and technical support?

The technical support is in need of improvement because sometimes it takes too long to resolve issues.

Which solution did I use previously and why did I switch?

I have worked with other similar solutions including Cisco ISE. I find that many of the SMBs and Enterprise-level customers choose Cisco instead.

How was the initial setup?

The installation is pretty simple. The length of time for deployment depends on the planning and what is in the environment. It will normally take about a day.

What other advice do I have?

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Technology Consultant Team Head at Ignite Solutions
Real User
Top 20
User-friendly and easy to implement
Pros and Cons
  • "This solution is very easy to implement and use. The interface is user-friendly."
  • "The reporting capability needs to be improved."

What is our primary use case?

We are a solution provider and this is one of the products that we implement for our customers. It is used as part of the network security and protects our clients.

What is most valuable?

This solution is very easy to implement and use.

The interface is user-friendly.

The most valuable feature for us is the support for iOS and iPhones.

What needs improvement?

The problem with Fortinet is that if you want to be 100% secure then you have to buy other products. It should support better integration with third-party solutions.

The reporting capability needs to be improved.

For how long have I used the solution?

We have been using FortiNAC for about three years.

What do I think about the stability of the solution?

FortiNAC is a stable solution.

What do I think about the scalability of the solution?

It is a scalable solution, although the scalability also depends on the other products that it is integrated with. Our customers are medium-sized and enterprise-level organizations. Our clients have about 500 users.

How are customer service and technical support?

This solution is so stable that we have not had any problems and never needed to contact technical support.

Which solution did I use previously and why did I switch?

I am also working with Cisco ISE. It is very complicated compared to FortiNAC.

How was the initial setup?

It is very easy and straightforward to implement.

What about the implementation team?

Three of our engineers were involved in the deployment. One of them focuses on security and the others take care of networking.

What's my experience with pricing, setup cost, and licensing?

The licensing fees are a little bit high.

What other advice do I have?

I try to push the use of this product because sometimes, the complicated solutions like Cisco ISE sometimes make the customers feel annoyed.

My advice to anybody who is considering this solution is that if the budget allows it, the entire security solution should be made up of Fortinet products. They integrate well and it will be better overall. A complete and secure solution will include products like FortiSandbox and FortiAnalyzer as well.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Boller Anyiine - PeerSpot reviewer
Cyber Security Specialist at a tech services company with 51-200 employees
Real User
Enhances the Security Fabric with visibility, control, and automated response for everything that connects to the network & protection against IoT threats extending control to third-party devices.
Pros and Cons
  • "Provides containment and security and and carries out file analysis for cyber theft."
  • "Admin UI could be better matched and easier to use; it cannot work as a RADIUS server."

What is our primary use case?

I was certified in FortiNAC (Part of Fortinet-NSE6) last year and I've personally implemented FortiNAC in three organizations. We work as a team with people who have expertise in different areas and Vendors and have exposure to different infrastructures.

FortiNAC scans your network to discover every user, application, and device (IOT), With up to 18 different techniques, it can then profile each element based on observed characteristics and responses for granular visibility - We then apply state-based control(eth0 VLAN switching) and Policy based control rules for access control and response.

Anyone (Domain users, Contractors, guests, etc) wanting to connect to the network has to be accessed by the NAC. Users come in at different times and some may be working from branches or home through a VPN and they will be authenticated in the same way with different privileges on the Network.

So it has to run 24/7. It's authenticating users all the time. We are gold partners with FortiNac. 

What is most valuable?

There are quite a number of things that are valuable about this solution. Having dealt with Cisco ISE, I realize that FortiNAC is different in a way that gives you granular visibility of the entire network infrastructure related to IOT devices (Who, What, When, Which information). It's helpful that you can know what's going on from your phone, your tablet, and from home. The solution provides containment, reporting and security event-alarm mapping and saves log and carries out further analysis for cyber thefts. It really is a good solution.

What needs improvement?

I've realized that one of the issues is the need to use agents. For instance, if a domain user has to authenticate on the network via FSSO or Certificate management he has to have a persistent agent.

The admin UI is not that good. It could be better matched and more friendly to use and it cannot work as a RADIUS server. You have to have a RADIUS server which means bringing in a FortiAuthenticator to build it.

The other thing would probably be the visibility granular. For example, when I have a user at a particular branch, I can't tell what SSIDs they are connected to. I only have the IP addresses so if the wireless controller is integrated with FortiNAc, you're going to realize that you won't be able to know whether a particular person is connected, that an AP is connected to a particular SSID, is connected to. . .  etc. It only gives you the IP addresses, Host names, etc. That has to be improved and am sure it will be in the next build version. 

Additional features, would be an agentless link and adopters - online, offline adopters - it picks the IP's, the host names, the layer 3 information, layer 2 information, what's connected. And also to give different privileges, best rule privileges to users. 

VLAN Interswitching (state based controls) could be quicker when doing the process flow from different sorts of authentication. When it comes to guests or contractors, you don't want to use a dissolvable agents. It dissolves in the process of downloading, but it takes longer and that could be improved.

For how long have I used the solution?

I've been using the solution for a year and a half. 

What do I think about the stability of the solution?

FortiNAC is Pretty stable. We initially had a couple of troubleshooting issues in the deployments but we worked them out and it's fine now and has pretty good Visibility across the Network for every device, application and user, extend Control of the Network to third-party products and automated responsiveness.

You won't find so many NAC solutions like it. I mean it's granular, you will see a lot that you need to ask. It will give you all the controls you need and it has event alarm mapping, - I mean "you can't control what you can't see"

What do I think about the scalability of the solution?

It is very scalable, you can have as many features and access points as you want. as you have. It depends on the licenses, but you can have as many IoT devices (Switches, routers, Firewals, WLC, etc) as you want and as many features as you want. You can have visibility to all the ports of the switches on the NAC, you can easily see  Who, What, When, Which information then control and respond

How are customer service and technical support?

Technical support is good. You create a ticket and within that ticket you explain what challenges you're facing. They assign you an engineer who'll help solve the issue. It's pretty easy and straight forward and they're always there to help. 

How was the initial setup?

Initial setup is pretty easy. If you're doing a VM setup, you do the registration on the Fortinet portal, and then you set the IP addresses. I think it's pretty good when you're implementing it the first time, it's very easy but when you get to tests, which are the UAT's, you're most likely to have a few issues that you need to be aware of.

Deployment time depends on the kind of customer. For example, the current implementation I'm doing has an assessing vendor. 90% of the network is wireless and 10% is cabled in network. They have more than 80 access features, more than 80 routers, and two wireless controllers. They have a number of databases and different firewalls - to use that fountain it slows things down. You're also dealing with Domain users, contractors and Guests in different locations. Obviously this will take more time than a project with less infrastructure devices. It really depends on the nature of the infrastructure.

What's my experience with pricing, setup cost, and licensing?

There is a base license level which pretty much gives you topologies and groupings automation/control, etc. When it comes to policies, it's only going to give you user host profiling and network access. If you're looking for endpoint compliance, integrations, Incidence response and reporting, then you have to go for an Plus or PRO license.

What other advice do I have?

You need to think about what you need as a company. There are so many government institutions, so many corporate institutions in the world that want to protect their networks. People have different privileges within a network, an instructor cannot have the same privileges as a normal user and the guest. We have guests coming onto our network, contractors coming to work at different times on the network, the main users who are working in different departments and who shouldn't have access to some platforms. When it comes to authentication you need to make sure you're protected from all kinds of threats. You have different products, Vendors and divices that all need to be controlled. If something goes off you need to know where and why. 

I would rate this product a eight out of 10. It's still evolving. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
SamerKiwan - PeerSpot reviewer
System Security Engineer at a tech services company with 11-50 employees
Real User
Good compliance checks and security features with the capability to scale significantly
Pros and Cons
  • "Compliance checks are a good feature. Compliance check is for windows updates and for antivirus updates, etc."
  • "The implementation process needs improvement. Right now, it's somewhat complicated. They could create some templates to facilitate implementation. Right now everything is done manually, and it just takes a really long time at the initial setup."

How has it helped my organization?

You can simply control whole network even you can check your switches configuration

What is most valuable?

Compliance checks are a good feature. Compliance check is for windows updates and for antivirus updates, etc. 

Security is also good. No guest can enter without credentials, such as usernames and passwords. You have full visibility, which is very good.

What needs improvement?

The implementation process needs improvement. Right now, it's somewhat complicated. They could create some templates to facilitate implementation. Right now everything is done manually, and it just takes a really long time at the initial setup.  

For how long have I used the solution?

I've been using the solution for three years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is easily scalable. Once you have one working correctly, you can expand easily to make it as big as you want. However, setting up the first properly takes time.

How are customer service and technical support?

I've contacted technical support three or four times. They have been very good.

Which solution did I use previously and why did I switch?

We didn't previously use a different solution.

How was the initial setup?

The initial setup is complex. How long it takes to deploy depends on the complexity of the project, for example, if you are setting up the solution at branches or just at one location. So long as the team is cooperating and coordinating, it shouldn't take more than three months. You only need one to two engineers to deploy the solution. Afterward, you may only need one person for maintenance.

What about the implementation team?

You need professional engineers to set up the solution. Only trained and experienced people will be able to handle the implementation.

What other advice do I have?

We use the on-premises deployment model.

In terms of advice I'd give to others, I'd say the most important thing to worry about is organizing the network, like active directory groups and groups of users, etc. Organize the groups with VLAN IDs that are not too specific and the VLANs should be on all company switches.

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Rupsan Shrestha - PeerSpot reviewer
Technical Presales Engineer at Dristi Tech Pvt.ltd
Real User
User friendly with a good graphical interface and excellent community support
Pros and Cons
  • "The most valuable features of the solution are the user-friendliness, the graphical interface, and the technical support. The interface is very nice and the customization is good."
  • "For our organization and our clients, the price is the main concern. They should work to make it more competitive."

What is our primary use case?

The solution is generally used for compliance and other related items such as network visibility. 

What is most valuable?

The most valuable features of the solution are the user-friendliness, the graphical interface, and the technical support. The interface is very nice and the customization is good.

Overall, our clients seem to be quite pleased with the product.

What needs improvement?

For our organization and our clients, the price is the main concern. They should work to make it more competitive.

Customization could be improved in future releases.

For how long have I used the solution?

I recently deployed the product. I've been using it for about a year.

What do I think about the scalability of the solution?

Regarding scaling, I don't believe I would know about the requirements related to scaling the product. However, in terms of the device itself, my client is fully sufficient with the license. He has the number of devices he needs in order to monitor everything. I don't believe our client has scaled it, so I don't know how easy or difficult scaling is.

Our clients are largely medium-sized enterprises and may have up to about 400 devices on site. 

How are customer service and technical support?

I've never reached out to technical support myself and have never opened a support ticket, but I have heard that the solution is quite good at handling customer queries.

We've used community support and it's been quite good. We've found most of the answers to our queries using it.

How was the initial setup?

The initial setup is quite straightforward. We didn't run into any complexities during the implementation.

What's my experience with pricing, setup cost, and licensing?

We're a Fortinet partner.

I would recommend the product to others. Usability is a crucial thing for networking and this product offers that. I'm not familiar with other NAC products. However, I think every organization should be implementing NAC. That does not always mean just FortiNAC products. There are other NAC products as well. We are very fortunate to have access to such products that continue to help our customers.

Overall, I'd rate the solution eight out of ten.

What other advice do I have?

I don't exactly remember the version our clients are using currently, however, and I believe it is vm based for 2000 devices.

We don't actually use the solution in our own organization, but we have deployed it and we provide service, support, and monitoring on the devices to our clients.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Ahmed-Fawzy - PeerSpot reviewer
Sr. Network Architect at a manufacturing company with 10,001+ employees
Reseller
Has a good interface that is easy to use and has good features

What is our primary use case?

I'm a senior network architect and our company is a reseller of FortiNAC. This is a new product for me and we'll be starting implementation shortly. We've been testing the product and I'm just finishing the course. I'll be implementing for our client which is a medium-size company.

What is most valuable?

The interface is good and simple to use. Some of the ideas presented on the online course could be clearer, like policy creation. But the interface and other features are very good. 

What needs improvement?

I think that the course content could be improved, it's not that simple to work through. I'm an expert on Cisco ISE. And also I have CCIE on Cisco. I made a comparison between Cisco ISE and FortiNAC. Cisco ISE has full integration but FortiNAC doesn't.

For how long have I used the solution?

I've been using FortiNAC for just one month.

What do I think about the stability of the solution?

I'll have a better idea next week about the stability, once it's been tested in the production environment.

How are customer service and technical support?

The communication with customer support is fine from an administration perspective. But it's lacking documentation on the concept of how the technology works. There are no documents in the FortiNAC library relating to network function. 

What other advice do I have?

I would rate this product an eight out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
it_user1232502 - PeerSpot reviewer
Senior Cybersecurity Solution Architect at a computer software company with 10,001+ employees
Real User
It is a scalable product and the technical support is excellent
Pros and Cons
  • "The initial setup was easy and straightforward."
  • "The dashboard needs to improve."

What is most valuable?

We are only consultants, so we implement FortiNAC for our customers. The good part about FortiNAC is that it works seamlessly across either public cloud, private cloud, a hybrid one or on premises. So, depending on the client's requirements, I usually suggest that they go for public cloud where they have remote locations, and that they go for an application where they have a large deployment, adequate network and technical staff to support the requests.

The features we generally propose is basically agent-based authentication and the agent case solution product for wireless endpoints, which allow them to do automatic registration, and the third would be the health checks.

What needs improvement?

Something that the developers of FortiNAC might look at to improve, is more integration with third-party products. The dashboard also needs to improve.

For how long have I used the solution?

I have been using FortiNAC for almost a year now.

What do I think about the stability of the solution?

FortiNAC is quite a stable solution. 

What do I think about the scalability of the solution?

FortiNAC is a highly scalable product. The licenses remain unlimited. It's a subscription-based license, which is based on the usage and number of concurrent users. So the good part is that it can be deployed out of any environment.

How are customer service and technical support?

The technical support for us has been extremely good and the local support is excellent. 

How was the initial setup?

The initial setup was easy and straightforward. The deployment can be done within a day.

What other advice do I have?

The good thing about FortiNAC is that it's more vendor agnostic. And then we have the deployed FortiNAC activate solution, which are different kinds of firewalls, which works perfectly fine. 

On a scale from one to 10, my rating for this program will be a nine. Additional features that I would like to see included in the next release of this solution is more integration with third-party products and probably some improvements on the dashboard.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Information Technology Officer at a financial services firm with 501-1,000 employees
Real User
Good reporting tools, interface, dashboard, and overall support
Pros and Cons
  • "The solution is good at giving a deep dive into each product. It tells you, for example, what is connected to the network. It gives us good reporting tools."
  • "I think the network devices need to give more information."

What is most valuable?

The solution is good at giving a deep dive into each product. It tells you, for example, what is connected to the network. It gives us good reporting tools.

What needs improvement?

I think the network devices need to give more information.

In the next release, we'd like to see more information on controlling, for example, adding more policies etc. We should get more information about IoT devices, and have more information available for the users.

For how long have I used the solution?

I've been using the solution for one year.

What do I think about the scalability of the solution?

Scalability can be improved.

How are customer service and technical support?

The solution is good, so I've had no reason to contact Technical Support.

Which solution did I use previously and why did I switch?

This is the first product we have used.

How was the initial setup?

The initial setup was straightforward. You only need one person for deployment and maintenance.

What about the implementation team?

We used a consultant to assist with implementation. They were good. We didn't have a problem with them.

Which other solutions did I evaluate?

We evaluated so many other products but we found the features of this solution to be the most valuable.

What other advice do I have?

I would rate this solution at a seven or eight out of 10. If they improved their network devices and their IoT product I would rate them higher. The solution is pretty inexpensive. That's why we are using it. I am satisfied with the interface, the dashboard, and the overall support.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT and Operations Manager at a financial services firm with 51-200 employees
Real User
The stability is relatively poor, as it has taken us roughly 12 months to get the network access control to be functional
Pros and Cons
  • "When it works, it's great. It keeps things off the network which are supposed to be off the network."
  • "The technical support is bad. We've had to escalate to Tier 2 and Tier 3. My customer relationship manager on the other side of this has stopped returning phone calls and emails, because there has been such a constant back and forth."

What is our primary use case?

The primary use case is that we are using it as a network access control (NAC), preventing external devices from plugging into the network or foreign computers from joining the network.

We are using the latest version.

How has it helped my organization?

When it works, it's great. It keeps things off the network which are supposed to be off the network.

What is most valuable?

When it works, doing what it's supposed to.

What needs improvement?

Not using a Java front-end would be fantastic. It takes forever to load the system up and get in there to configure everything. It is too slow to do anything at all.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is relatively poor, as it has taken us roughly 12 months to get the network access control to be functional. It took us six months to get the USB lockdown to work appropriately. It still false flags mice, etc. On top of it, it broke once we finally got the network access control working. It literally took us 12 months for people to be blocked on an Ethernet connection, and it takes about 90 seconds to knock them off. Even then, it's only 50/50. We have escalated this every week for 12 months, and I'm not sure we'll be renewing this contract.

How are customer service and technical support?

The technical support is bad. We've had to escalate to Tier 2 and Tier 3. My customer relationship manager on the other side of this has stopped returning phone calls and emails, because there has been such a constant back and forth.

Which solution did I use previously and why did I switch?

We didn't have something prior. We had someone do a security audit on us, and they made some recommendations of things that we were missing. We contacted a managed service provider to recommend things to fix these issues, and this was one of those things. We went with what the managed service provider recommended as a solution along with having a short timeframe.

How was the initial setup?

The initial setup was highly complex. Every time you get one piece to work, everything else breaks. We have not been able to get a full solution in place.

What about the implementation team?

We used a managed service provider to help get everything up and running.

The process was frustrating. The managed a lot of our network as is, and they've done several of these setups. They moved from the previous version to the newest version, and they have even stopped recommending it as a solution because they don't want to do this again with another customer.

What other advice do I have?

Look into the complexity of using tools. Anything that is difficult to manage will probably be painful to maintain.

We have a very aggressive roadmap with a fairly mature security posture. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user371886 - PeerSpot reviewer
Network Administrator at a university with 1,001-5,000 employees
Vendor
​It’s a unified place where we can manage campus onboarding. ​Interaction with other vendors switches & APs should be more thoroughly tested.

What is most valuable?

It’s a unified place where we can manage campus onboarding/BYOD NAC security.

How has it helped my organization?

It has provided port/wireless security to all devices trying to connect to our campus network.

What needs improvement?

Interaction with other vendors switches & APs should be more thoroughly tested as integration between Networks Sentry and other networking equipment needs to be seamless for this product to work.

For how long have I used the solution?

I've been using it for five years.

What was my experience with deployment of the solution?

We had no issues with deployment.

What do I think about the stability of the solution?

We had no issues with the stability.

What do I think about the scalability of the solution?

We had no issues with the scalability.

How are customer service and technical support?

Customer Service leaves a lot to be desired. Most times the engineers blame the customer’s network even even before they collect the necessary data regarding an issue. We’ve discovered several flaws and bugs with the system in various occasions, only to have Bradford support deny there’s a problem or make fun of the customer. Also, response time on cases has been terrible. After opening a case, it could take days before an initial response from TAC is performed. Even after that... cases can linger open for weeks or months before any feasible solution is found. We had a case regarding integration with Aerohive open for over a year. Furthermore, case resolution follows very non-standard Practices in the industry. In many instances, TAC engineers close the cases without notice or without asking the customer if it's OK to close the case or if the issue has been resolved.

Which solution did I use previously and why did I switch?

This is the first NAC appliance we ever used on-campus.

How was the initial setup?

Initial set-up required engineers to be on-site to configure the box to work with our network. Thus, I would say it was complex (this was in 2010; it might be different now).

What about the implementation team?

We implemented through a team provided by the vendor. I would advise to test implementation in a small building before make a campus-wide deployment.

What's my experience with pricing, setup cost, and licensing?

Pricing & Licensing are fair as far as we can tell.

What other advice do I have?

I would make sure this product integrates well with the customer’s network before deployment. We had to move away from this product recently on the Wireless side of the network as the Sentry would not integrate well with our Aerohive Wireless Infrastructure. We had an issue where the Sentry would not properly communicate with the APs and thus would let customers blocked from our network for no particular reason. Since this issue went unresolved for over three years, we decided to implement a different Wireless NAC solution and cut back our Bradford licenses to less than half of the original (we’re now using Bradford only to secure our wired network).

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user371772 - PeerSpot reviewer
Service Support Manager at a educational organization with 501-1,000 employees
Vendor
It allows for easy management without using consoles. There were ​issues with hosts not being updated with accurate host names.

Valuable Features

Auto Switch port Tagging – Allows for easy management without using consoles.

Improvements to My Organization

Currently this product manages access to our Wi-Fi network, it also us used to prevent rouge devices from gaining access to our LAN.

Use of Solution

I've used it for one and a half years.

Deployment Issues

It deployed just fine for us.

Stability Issues

Issues with polling switches, hosts not being updated with accurate host names affected its stability.

Scalability Issues

It scaled well enough for us.

Customer Service and Technical Support

As there is currently not any UK based support – Poor.

Initial Setup

Personally did not set up the product but rather complex overhearing conversations.

Other Advice

This is a very complex product which is very good when used correctly, it has control over fundamental parts of your network so correct configuration and implementation strategy is a must.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Network Administrator at a government with 1,001-5,000 employees
Real User
By forcing guests/users to register their BYOD devices we know who they are and can then apply appropriate web filtering policies to them based on a number of factors.

Valuable Features

Out of 6500 wireless devices we see issues with less than 0.5% of clients. Though the product has many features we only utilize a fraction of them. We use the product for registration and management of our wireless network (NAC). The most valuable asset is visibility in to what a client is and who is using it. By forcing guests/users to register their BYOD devices we know who they are and can then apply appropriate web filtering policies to them based on a number of factors. We can then use that data to export reports etc on usage of our wireless network as a whole and troubleshoot as needed.

Improvements to My Organization

Prior to using the product we had a fully open wireless network. This means anyone could come in off the street and connect to our wifi. We would not have knowledge of who they are if the did something illegal or wrong. Our level of security has increase greatly as well as our knowledge of who is on our network.

Room for Improvement

We have had issues with certain Windows 10 devices not being able to register which requires manual intervention to fix. I think they are working on this issue. As Windows 10 devices grow this issue will become greater.

Another major pain point is management of existing and new wireless access points. You must import the Aps into Network Sentry every time you put them on the network. Its also advised to use DHCP reservations for each AP. The system does not delete APs if you remove them from production as well. This means you must remove the APs from Sentry each time its stake out of production or placed in a new building etc. The initial setup of an AP doubled as a result of using this product. There are steps that must be performed and if any are missed, the AP becomes a black hole resulting in zero connectivity for clients connecting to it.

Use of Solution

We’ve used this solution for two years.

Customer Service and Technical Support

Their technical support is a 8/10. They are responsive and have the ability (if you allow) to log into your equipment remotely and fix problems or perform upgrades. They are helpful in answering questions and configuration assistance is always available as this product is complex at first.

Initial Setup

The initial deployment took three days however we encountered many issues. The main factor was our network set-up was not fully understood by Bradford prior to purchase and deployment. This created many issues while we were in production with 10-15% of our users having connectivity problems every day. We were not fully operational until 3 months after deployment.

Initial set-up was done via a “Quick Start” where the bare bones are implemented by and on site tech. This is not meant to be a full implementation but to get the foundation in place. The on-site tech was knowledgeable but again, we had issues with understanding out network set-up and its complexity which were not discovered in the quick start.

Implementation Team

Vendor team on site, which we paid for. In house is available but would have been very time consuming to learn and implement. I would not recommend quick start but instead have a tech on site for a minimum of 5-7 business days to fully understand the product. Its not until you are in full production will you see issues and have questions. As questions, learn how the product works deep down.

Pricing, Setup Cost and Licensing

Pricing is expensive but cheaper than some other solutions out there. Licensing is based on number of concurrent devices and a number of other factors depending on implementation type. Yearly maintenance fees are very reasonable and highly recommended. ROI is immediate for us in terms of visibility.

Other Solutions Considered

We did not evaluate other solutions other than on a cost basis.

Other Advice

Explain you network set-up in full detail with diagrams. VLANs, SSIDs, switch vendors, wireless vendors, subnets. What methods do you use today for wireless authentication (802.1x/WPA2-PSK/Open). Show them everything and what it looks like to be a client on your network today and the process to get on-line. This product manages both wired and wireless network is you choose both options. This product can also do posturing of devices to ensure they meet criteria like current updates and Antivirus etc. We are not using that functionality yet however.


Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Fortinet FortiNAC Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2022
Buyer's Guide
Download our free Fortinet FortiNAC Report and get advice and tips from experienced pros sharing their opinions.