Portnox Reviews

Portnox is used purely for Network Access Control, focusing on compliance, device compliance, and risk profiling across the entire estate. The primary use case centers on Network Access Control with all the added features that Portnox offers.

The best features of Portnox include ease of use, ease of deployment, very good documentation, and good support.

The unified access control platform makes life easier. It is quite easy to use, and especially during demos, it is quite easy to represent all the information within that single platform.

Improving efficiency of doing Network Access Control helps customers achieve 100% in terms of visibility. I would say it helps customers achieve about 90% in terms of risk profiling.

Portnox Cloud is easier to use compared to Portnox on-premise, Portnox Core.

The passwordless risk-based access control is the biggest winner for Portnox Cloud. That seamlessness of no passwords addresses how our users are always complaining with forgotten passwords. Passwordless is quite easy and a real winner for this product.

There is work to be done when it comes to making the solution more seamless. For example, when a user is denied access, they would need a way to maybe self-resolve themselves, perhaps a way to generate a ticket on their own, something around resolutions. When it comes to users using the product, that is where good products are differentiated from products that are a bit of a challenge.

Portnox has much to do in terms of their reporting. The generated reports need improvement. Things that other tools would say are normal are usually not present. For example, there is a page called NAS devices or NAS network that is able to show the switches that have been managed. Currently, there is no way of generating an easy report or an easy way of just generating something to tell the customer what they have been able to achieve so far. This is not done yet and is still very manual. I think there is work to be done there.

More integrations around the various products being used would be beneficial. So far I have not encountered any major challenge. Where there was a challenge, I think support came in and helped us resolve. In fact, most of the challenges are not with the product; they are with the customer environment. I think that is just to update their documentation where they have come across a new vendor for easier integrations in the future.

I have been working with Portnox since 2018.

Rating the stability of Portnox, I can say there have been no issues so far. We have never had any downtime with Portnox Cloud.

From the SaaS point of view, scalability comes down to any on-premise connectors that have been onboarded. We only need to add some RAM or add a CPU if authentications are sluggish. It is quite clear and quite easy because the touchpoints on-premise are very few. Regarding the platform itself on the cloud, I think it auto-scales. We have never had any challenge based on a customer who has 1,000 devices versus a customer who has 30,000 devices; the feel is the same. In terms of scalability, I would rate it a 10.

When rating the technical support, I have some good friends over there on the support team. They really come in handy when we have challenges. P1 issues are promptly handled. I find them very responsive in the sharing of knowledge. It is not closed; they do not hide information and share it with us openly. That makes the support 10 out of 10. I think I am giving high marks, but that is how happy we are with their support and their turnaround. They really push toward closure of issues.

Regarding maintenance, because Portnox Cloud is cloud-based, that is handled by the OEM. We have never encountered any challenge except one, and it was quickly resolved. So to us as partners and to the customer, maintenance is not a challenge. For Portnox Core, the upgrades are on us as the customer and us as the partner to ensure the solution is running on the latest version.

In comparison to other solutions like Cisco, Forescout, and Fortinet, I have worked with all three. With Cisco ISE, ease of deployment is not in their vocabulary. Cisco ISE works when it works, but any little change in the infrastructure means they have to do upgrades and crazy changes in the network just for it to work. Additionally, one would need somebody to be highly skilled just to operate their product. With Portnox, the platform is quite easy to understand, and documentation is freely available.

Comparing it with FortiNAC, I do not think it comes anywhere close. I do not think we can compare Portnox to FortiNAC. It does not work where I have used it.

Comparing it with Forescout, Forescout would compare much more with the on-premise version, Portnox Core. I would say Forescout has a number of winners when it comes to on-prem management. But recently with the various upgrades to Portnox Core, I think Portnox is getting there. Most of our customers are moving to Portnox Cloud, except where challenges with costs are very high, then we just go with Portnox Core or Portnox on-premise. I would say Forescout is a good competitor when it comes to on-premise, especially with the features they provide. I am only saying that because sometimes before Portnox did not have agents, for example. Now they do have agents. So I think they are going to make Forescout run for their money. Things to do with discovery are covered better now. There is a way Forescout is able to present it in a better way. But it comes nowhere close to Portnox Cloud at the same time. I do not even think they have a cloud offering.

The deployment of Portnox, whether on-premises or cloud, is quite easy. What one needs to know is what the customer is using. That is usually where the challenge would be, but not with Portnox. Portnox is quite easy to deploy, and the architecture is very easy to understand. Where the challenge lies is in the integration with the customer devices.

Most customers feel value immediately upon deployment. They are able to see what is connected and apply the policies. I really do not see any challenge when it comes to ROI. I am for this product 100%.

Regarding hidden maintenance costs, I would say I have never encountered a challenge where Portnox was not able to work or where I told the customer to do any major infrastructural changes. Even before somebody buys Portnox Cloud, they have already done some prerequisite checks. I have not encountered any challenges with regards to costing related to deployment. Most of the deployments have actually been done by us as the partner with little support from the OEM. Of course, where necessary, we called upon them.

I have experience with both Portnox Cloud and Portnox Core.

Regarding conditional access, I would say Portnox tries to make it easy to deploy, but most customers are still behind in terms of that control. However, Portnox now helps them achieve a certain percentage into that area. So I would say Portnox makes it easier for customers to do conditional-based access.

For those looking to implement Portnox, I would say it is always good for a customer who wants to deploy this solution to kick off with a proof of concept. One, it rates your readiness and tells you if you have infrastructure devices that would need to be updated. Use cases can be run with a few use cases. We talked about conditional-based access; how ready are you for that? A proof of concept is the best way to start, then moving on to probably phased deployments. It is also good to note that this solution can be deployed in what we call monitor mode, so that one can fully add all assets in the tool and later go to what we call enforcement. It allows you to see simulated actions and later know where challenges may be encountered and where fixes are needed. For a customer looking to deploy this, a POC or POV is a good place to start and then move on to phased deployments.

Portnox is fairly priced.

Our clients vary and include small, medium, and enterprise businesses. We have one customer who has over 30,000 devices, and we have a customer who has only 1,000 devices. The range is from 1,000 to all the way to 30,000, with 30,000 being a very large bank in Kenya, cutting across some big countries in East Africa.

I would rate this review 9.5 out of 10.

I have predominantly used Portnox as a NAC solution for centralized, cloud-managed access control across our globally distributed data centers and offices, with more emphasis on offices than data centers. I integrated it with Microsoft Entra ID, on-premises LDAP servers, and JumpCloud to consume identities. I configured vendor-specific attributes, network access devices including Cisco, Ubiquiti UniFi Wi-Fi, and Aruba access points, and set up 802.1X authentication, access policies, and segmentation policies. This is my primary use case. I have less experience using it for zero trust purposes, as we have always used other tools and did not want to rely on something hosted in the cloud.

Portnox Cloud is straightforward to use with an intuitive configuration pane. I obtain a tenant assignment and then begin integrating and onboarding. In my initial days, I used professional services for provisioning, but for my current deployment, I am handling it hands-on myself. The admin guides are comprehensive, so I do not need to search externally. The process is truly intuitive.

Portnox's unified access control platform is essentially network access control with the intent that before accessing your infrastructure's access layer, you must authenticate and prove that you are not infected, meeting device health and device risk thresholds. I integrate it with standard identity providers, EDR solutions, and antivirus solutions to perform device posture checks. Access is granted only if you achieve a decent security posture. The term unified applies because it works regardless of your connection location. If I am working from Dallas and travel elsewhere, Portnox deploys the same policies specific to my user and endpoint, not my location. This uniformity brings everything together.

Portnox's conditional access is not used extensively because we leverage Microsoft Entra ID conditional access policies. Previously, depending on integration verdicts, if the result was benign, we proceeded. For medium risk, we restricted access from potentially malicious endpoints to critical assets. For high risk, infected devices did not access the network at all. This approach provides incremental access based on endpoint risk posture. Currently, we use device control and device compliance policies within Entra ID, so we did not feel the need to use NAC-level conditional access, as enforcement at deeper layers slows things down.

Portnox has helped me save on hidden maintenance costs, patches, upgrades, and after-hours calls because these are transparent to the end user. They notify me of scheduled downtime and changes, sometimes only affecting the UI, allowing me to avoid making changes during maintenance windows. Regarding backend issues, I experienced one or two problems primarily from poor design and insufficient resiliency planning before deployment. It was not a Portnox issue. Portnox is deployed on existing hyperscalers, specifically Azure. One instance involved an outage with the underlying hyperscaler itself, creating challenges. However, we have local enforcement devices and virtual devices that cache data. Different scenarios require different resiliency considerations. With proper design and failover planning, it works well. For example, we had deployments where people worked on deep-sea oil rigs and faced regular challenges due to poor transport connectivity, which is expected and not unique to any solution. Otherwise, Portnox has been stable from their end.

Portnox has design considerations that limit its applicability. If you are in a highly regulated industry with mandates requiring the solution to be completely on-premises, Portnox does not work at all. I do not think they position their products for those industries. Even for non-heavily regulated industries, if you want a self-sufficient system within your own premises, there are design constraints because at some point you must reach out to Portnox infrastructure in the cloud, and if that is unavailable, it suffers. For example, on deep-sea oil rigs without proper connectivity, it struggles. I am not sure they want to enter that particular business segment, as it may not align with their value proposition. I cannot blindly select this product and deploy it everywhere; I must make deliberate decisions first.

Portnox could improve by reducing its heavy reliance on the cloud. While I do not think they want to eliminate this aspect, a complete solution for regulated entities would include some on-premises setup that is self-sufficient and does not depend on the cloud. This is the most important improvement. Second, Portnox already has a robust integration ecosystem with many vendors, but not all. Even when integration exists, the extent varies, particularly regarding vendor-specific attributes. I have never faced challenges because my security tools and stack have been standard: Cisco, Aruba access points, Cisco switches, and UniFi, all of which work well with them. However, there is room for deeper integration when compared to tools like Cisco ISE and Aruba ClearPass. Their offerings are clear, easy to onboard, and their day zero and day one onboarding activities are streamlined and straightforward. They share best practice checklists that make configuration simple.

I started using Portnox in late 2019, so I have been using it for close to six years. I have not used it on a day-to-day basis but rather on an intermittent basis.

I would rate Portnox's stability at approximately seven to seven and a half on a scale of ten. Primarily, because it is cloud-based, I cannot always determine if challenges stem from latency between the endpoint and the Portnox enforcement agent or something else. Sometimes these issues are inevitable. I would rate it around seven to seven and a half, though it depends on design.

Portnox is elastic and scalable. Whenever we foresee a need, such as 500 new employees joining or purchasing a new floor with biometric devices and sensors, we notify them in advance. They ensure the backend can support it and do the provisioning while maintaining headroom and elasticity. There are no concerns about scalability.

I have contacted Portnox's technical support when integrations were not working, devices failed to authenticate, or we needed troubleshooting. We frequently encounter non-standard applications with sensors and non-human accounts for OT devices that sometimes do not work or need tweaking. They are always responsive. I have premium support with different escalation levels. For very high severity issues where the entire office is non-functional, response time is within 30 minutes. For other levels, it is two hours or four hours depending on the contract. Premium support has been responsive and great.

I would rate Portnox's support at approximately eight, depending on the contract, but premium support is particularly strong.

Positive

I started with Cisco ACS, which was the standard solution at the time. I then moved to Cisco ISE, Identity Services Engine. I had some experience with Aruba ClearPass but not extensively. Portnox came next, and I have been using it since then except for a few industries like banking and financial services that prefer heavyweight solutions like Cisco ISE. These are my alternatives. Cisco ISE is the primary alternative I have worked with. JumpCloud is another option, but it is not a mature solution, and I would not compare it with Portnox.

Portnox's initial deployment is straightforward and easy with no challenges. The UI is very intuitive. I received an email with a link to my assigned tenant. They asked where I wanted the tenant located. Since I work in the EU and am bound by GDPR, they handled this in the backend. A clear onboarding guide outlined next steps and integration points. I used professional services for a couple of deployments because I had lean teams, and they were great. Day zero and day one operations, initial lift and shift, and greenfield deployments are very smooth.

My current Portnox implementation has just two people managing it, both located on-premises. We are doing a phased deployment targeting individual offices. For large offices, these people travel and perform manual testing. We have professional services engaged so my team does not spend excessive time troubleshooting. For one of my largest deployments covering approximately 80 to 90 branch offices, we had a larger team of eight people managing it end-to-end with no professional services, handling everything in-house. The team size depends on the deployment type, location presence, and location criticality. For VIP sites, I typically dedicate one or two resources to ensure smooth operations and avoid issues like executives being unable to connect.

Portnox has definitely saved me time for other IT security priorities because I do not waste time on patching, upgrades, or routine maintenance since it is cloud-hosted. I do not need to deploy large teams. The current deployment has just two people covering two shifts, capable of managing the entire deployment and operations themselves. Portnox definitely frees up people. If I compare this to an on-premises environment using Cisco ISE or Aruba ClearPass, it would require phenomenally large teams for infrastructure management. Portnox reduces the need to spend time managing solutions.

Portnox's pricing is very conservative and offers great value for money. If I compare it with any other solution, pricing is definitely at the top of the list because it is very affordable. Pricing varies depending on your relationship with them. There are no resellers or channel partners to deal with. You can directly engage with them by visiting their site, providing your email address, and they call you to work directly with you. There is no middleman or third-party cost involved. It is very transparent.

Portnox does require some maintenance on my end. The local agent server and sensors require maintenance, which they perform remotely. They notify me in advance and suggest optimal timing. The maintenance they perform in the backend is communicated through notifications. For all my clients and in-house work, we have a dedicated account manager. We coordinate internally, informing them of periods when we cannot afford maintenance or downtime, such as during board meetings. They accommodate this scheduling. The maintenance is on their end, not ours. The only part I manage is their sensors for local caching, which I prefer to deploy at night or on weekends, although they do it in the backend.

I would rate Portnox overall at approximately seven. I cannot use it everywhere. For regulated entities, they typically avoid it because it is cloud-based. With integrations involving PII, you must conduct TPRM and handle contractual requirements like SOC 2 Type 2 certification and due diligence, which becomes burdensome. This is not unique to Portnox but affects every cloud solution. Apart from that, regarding stability and technical support, they are great. I believe seven is a fair rating, though if your company is not bound by strong regulatory requirements, Portnox would score much higher.

Some of the best features that I have experienced with Portnox is the integration with identity providers and the fact that they introduced ZTNA. Recently, they introduced session recording, which was one of the recommendations we had posted to them. So I would say ZTNA and the identity integration, and of course the general NAC itself, the network access control.

Portnox can be deployed both as an on-cloud and on-premises solution. You can go for the on-premise version that is fully on-premise and fully controlled by the customer, and then there's the cloud, the SaaS, which is also another solution, the CLEAR and the CORE. So it can be either.

The cloud version of Portnox is on Azure as they are partners with Azure. For the on-premise, it is a Windows-based deployment.

Currently, it is very seamless to integrate Portnox with Azure AD, Okta, and Google Workspace. It is easy and you would have it set up in a matter of minutes or seconds.

I would assess the effectiveness of the agentless device discovery in monitoring managed and unmanaged devices as very extensive. Since we are monitoring the switches and we integrate and try to discover from the NAC devices, it gives us more visibility. Since we use different protocols, it gives us more detail into the endpoints that are connected to these NAC devices. It is rather extensive, and it is a feature that is quite awesome.

The passwordless authentication approach has a significant effect on our vulnerability to common credential threats, and this is one of the winners for the solution. We do not have to give users passwords to these wireless SSIDs, which creates security. There is a risk when you give a password to a user and you have no idea who they will give it to, especially to third-party vendors or users. The fact that we introduced a certificate-based authentication really secures both the wireless and the wired access.

The area that has room for improvement that I had is actually the one that they fixed about two or three days ago regarding the session recording. As of now, I am yet to review and see any areas of improvement.

Regarding improvements, maybe in terms of integration, they could look into something the guest captive portal features. Recently, we just realized that they do not have an integration for something the wireless smart zone, but they have the one for the zone director. Expanding the broader range of providers for these wireless captive portal integrations could be the way to go.

I have been using Portnox for about four years now, since 2022.

The stability of the solution, I would rate at a nine.

Scalability for Portnox is closer to a ten. They are always accommodating.

I would recommend Portnox compared to other vendors. In terms of deployment and the functionality, it is generally much easier. There are much fewer constraints. It does not need to be agent-based other solutions. It is generally easier to integrate, to deploy, and to support. Their support is available throughout, which is another winner for them.

Portnox is a winner for me compared to other vendors, especially other NAC vendors, in terms of pricing. They are always willing to buffer and cater for the customer needs. In terms of support, it is usually quite impressive. I usually get support in a matter of minutes or seconds, depending on the priority of the ticket. They are always willing to keep improving and are always open for suggestions from both customers, vendors, resellers, and others.

They do regular patches and upgrades, and they are keen to let customers know the patches and upgrades that are happening. Another thing that I appreciate about this is that it does not affect the functionality of the NAC during the upgrade or the patching process. In case you get any kind of effect, it is just a matter of seconds, a delay of a matter of seconds. Once they are done, they are always keen to let you know what they have done and what they have fixed. In case you encounter any challenges, they are always willing to reply to your tickets in a matter of minutes.

My experience with deploying Portnox Cloud without on-premises hardware is that it is actually easier and quicker with the cloud version.

In my organization, I work with about thirteen specialists. In our whole department, we have about thirteen specialists.

My thoughts on the pricing are that they are usually very flexible. They work with the customer's budget. In terms of being cheap or expensive, that usually just depends on the customer. If a customer requests a discount, they are usually very open for a discussion and they are always looking towards getting to a final price that is both comfortable for the vendor and the customer.

I have not tried the enhanced ZTNA with secure access portal features, but from the reviews I have had from my colleagues, it is something that is quite awesome as well.

I would rate this review a nine overall.

My use case for Portnox is for whitelisting ports and adding policies. We are using two modes: enforce mode and monitoring mode. For monitoring, we are using some smaller switches, just some business switches and some others. For enforce, we use some critical switches, such as those for security purposes and highly secure switches in the manufacturing sector for security purposes only. For unused port features that we do not monitor, we do not disable the port. This has increased our security.

Integrating Portnox with our existing identity providers like Azure AD, Okta, and Google Workspace does have some server considerations. In our organization, we are using four clusters. Between those four clusters, we separate all the users. I am not sure about the server configuration. We have server configuration files maintained by the server team separately. We just do some email configurations and user-level configurations.

I have used Portnox conditional access by using the resident groups only for separating the network and a separate data center, and some other groups are there. We mostly use the networking groups. For small switches, we will not enable the policies together because for a small switch, we just move those switches to monitoring mode. That is why these policies are enabled.

The best features of Portnox that I like the most is its simplicity. For example, the use of Portnox is to find the MAC address easily. It is possible to find the MAC address in the switch, but in Portnox, it is very useful to see the status of those ports, and that increases our security. It is also very useful for our organization's smaller employees. For example, for a smaller EUC team, they are using Portnox to see the status of the switch port. It is very helpful.

Portnox has helped with our operational efficiency, and it has improved. In the case of that EUC team, it is very much improved because before Portnox, they just came with smaller things. They did not know which MAC address or which IP is taking that particular port. After Portnox, they easily get to know which port it is taking, which port is in which group, and what the status of the port is. It is very helpful for us as network engineers to improve our efficiency as well as our time; everything is improved. I work in other projects without Portnox and one project with Portnox, and with Portnox, it is very helpful and better.

Portnox saves me about fifty percent of my time. Going into the switch and doing the command and seeing all these things is very easy with Portnox. Portnox does not have a very long session and will not log off easily. I can just take the switch IP and go there and see the MAC address, IPs, and the status policy, which is very good.

I also like the whitelisting part of Portnox. Whitelisting means the resident group. We just separate the ports by the resident group to whitelist. That is a very great feature.

In Portnox, the area that has room for improvement is that older data is not fetching correctly. For an older switch, for example, a six-month-old switch that we just added, it does not happen to every switch, but for a particular switch, it will not take that recent data. We go and search for the NAV mode. In that NAV mode, we just look at that interface and all the interface statuses. There, we just pick one interface and see the data like what policy, what the status, and what MAC address and IP are. However, that MAC address and IP do not match the current ones. The data being shown is from six months before, but the current data is not showing. It is resolved by deleting the switch and re-adding it, and then it is fixed.

I am not aware of how Portnox has helped me save on hidden maintenance costs like patches, upgrades, or after-hour calls because the costs, certificates, and license things are taken care of by another team. I am not directly involved in those things, so I am not aware of that.

Positive

I compare Portnox with other solutions or other vendors in security-related items, but I have only worked on Portnox. I am not using any other applications, so I am not aware of other vendors. However, in Portnox, everything is okay. Sometimes I see a fault in Portnox in an older switch. For example, for a six-month-old switch that we added six months before, when we go and see the status of the switch, sometimes—not always—but sometimes it does not fetch the recent data. It just sees older data, and when we go inside the switch by CLI mode to see the status of the switch and the details, that is not equal to the current status. In this case, how it is resolved means we just delete the switch from Portnox and rediscover and re-add the switch again to Portnox, and it shows the current data.

Using Portnox cloud is very easy. It is very useful and user-friendly. I have not faced any issue within these two years.

My impressions of the unified access control platform are that I find it effective.

In my opinion, the only problem with Portnox is that older data issue. If that is improved, it would be better.

I would recommend Portnox to others looking to implement this product. You will not be dissatisfied; I would recommend it. I gave Portnox an overall rating of nine out of ten.

From customer to customer, the use case for Portnox is different. Some customers ask for a network to protect their board and local network, while others want to allow employees to access via VPN and for authentication to connect remotely to their network.

Portnox unified access control platform is necessary for any huge company with lots of branches where they don't know who can access their systems. For example, I installed it for customers such as an airline company, and for them, it is important. It is for specific customers, not for everyone, but in general, it is amazing.

Conditional access functions similar to a VLAN, and you can give every customer their own network so it will be separate from others. Employees in an administration department do not need to be allowed to see other networks or access networks that they do not belong to.

The best features in my experience with Portnox are the security itself, the platform, which is easy to use, simple, and has a cloud solution. It has lots of features that can protect authentication, connect to VPN, and integrate with FortiGate. It has some features that it does not include in any IoT service.

Portnox helps save on hidden maintenance costs in some conditional situations. It is not always a cheap software or solution, but for companies that used to have devices such as firewalls, it is a fair solution for them.

I used to have difficulty sometimes with VPN in Portnox, but in general, I am not sure about areas for improvement. I did not try the mobile application, and the documentation is important because I needed help to understand how to work with this software, so it was a lot of work to get information about how Portnox works.

I have been using the solution for about one year.

Portnox has some difficulties with stability. Sometimes there are glitches, and settings are not clear.

Portnox is scalable.

I would rate the technical support as a nine. When I reach the technical support, they give solutions that do not help me much, so I try to search the internet for other users' experiences to find solutions.

Portnox is better than other solutions that I tried before, at least with Cisco. It has lots of features that are not included in Cisco, so it is the best for me. However, if the users and customers do not know about it, they will not realize how useful Portnox is, but if they try it, they will surely move from Cisco to Portnox or their own solutions.

Portnox Cloud is not that easy for beginners. It was a little bit difficult in the beginning, but later it comes easy. After I contacted the company and was in touch with the support team of Portnox, it became easier for me to use it, but it needed a little bit of learning in the beginning.

My clients used to access with passwordless access control. For example, one of them has a computer and used to connect remotely. His family entered his laptop to reach the software, so I added passwordless and more policies for his account, making it easy for him to connect without needing VPN or third-party connections.

My use case for Portnox is mainly network access.

The best features of Portnox that I appreciate the most are that it is cloud-based and has Intune integration. Those are the main things.

Since implementing Portnox, I have seen improvements in my operational efficiency, as the network access is simplified. The solution has helped save hidden maintenance costs mainly in work hours for the network access.

The solution saves a couple of hours each week for me, so approximately four to five hours a week.

I believe there are some difficulties with the removal of devices that could be improved.

Besides the device removal issues, I find the Intune integration could be improved as the sync between Intune and Portnox takes a long time. I was told that is a Microsoft issue. In my opinion, that can be improved.

My thoughts on the unified access control platform are that there could be some small improvements, but overall it is well organized.

I have been using Portnox for approximately three to four years.

Regarding stability, I experienced a couple of downtimes in the early days, but these days it is an eight out of ten; it is fine and we have not had any issues lately.

I rate scalability a ten; you simply pay and you get more.

I rate the technical support of Portnox an eight out of ten.

Positive

The deployment of Portnox is complex, taking a couple of weeks to complete.

I have looked into Fortinet and Aruba as other solutions.

On a scale from one to ten, I find Portnox easy to use, rating it a nine.

Portnox is very easy to maintain.

Approximately 1,500 users use the solution, but there are 3,300 devices.

For us, currently, having a passwordless, risk-based access control solution is not that important.

I surely recommend Portnox to other users because of the price, ease of use, and fast setup.

I compare Portnox with other solutions and find it price-wise very competitive, and for the rest, it is cloud-based, which most of the other ones are not fully cloud integrated, so that is a good benefit for us.

My thoughts on the pricing of Portnox are that it is a seven; it is very competitive with all the rest and not on the expensive side.

I rate this review an overall eight.

My use case for Portnox is access control, specifically focused on access control.

Portnox ensures system compliance through policy enforcement, including antivirus updates, Windows operating system updates, and system patches. This helps network administrators maintain system health and security across the network. The solution effectively prevents vulnerabilities and potential security incidents before they escalate.

Portnox enables control and monitoring of the network to see who is active. It has a very nice user interface that is easy to understand and use on the network. Using Portnox has helped limit concerns about port security, eliminating the need to manually open and close ports and maintaining documentation about who connects to which port. When anyone connects, Portnox acts automatically, by showing it on the Portnox dashboard and also showing the system name of the user system. Portnox also yanks the system out if it doesn't meet up with the policy as specified.

If a system is being set up and hence doesn't meet the network security standard, for Portnox not to throw it out, a voucher can be assigned to it, allowing it to be online for a specified amount of time while the system is being worked on. 

Though there are challenges with Portnox, it has made work easier and network security very effective within the local area network. It has reduced manual work in port security configuration and secured the network. When users go against Portnox policies, they are removed, giving administrators the opportunity to access system states as regards security and maintain network security standards.

The best features of Portnox are its effectiveness in terms of access control, ensuring security on the network, and making sure basic requirements to be admitted on the network are met. It can e set with parameters like aligning with Windows being up to date as a basic requirement for a particular system to be on the network, presence of anti-virus and regular updates, etc. 

The area Portnox needs to organise more training for its partners. They are doing well, but areas of knowledge gaps are still visible. There are times unexpected things happen with Portnox, like Portnox acting abnormally, and even the partners are also confused and have to press a couple of buttons to get it to work. Sometimes it impacts on work and productivity before it is resolved. Portnox can occasionally knock out a switch port, causing network downtime and requiring a manual reset. Consultants sometimes appear unable to predict how Portnox reacts at certain times, leading to situations where network security must be temporarily bypassed. The knowledge gap, though small, can have a significant impact. Portnox should improve by inviting its partners and end-user administrators for comprehensive, constant training, updates, and feedback on the solution to reduce this knowledge gap.

I have used Portnox for about two years and three months.

Regarding stability, Portnox is doing well.

For scalability, Portnox performs very well.

We have up to 500 users.

The technical support response time is good, and partners always respond when there are issues. However, in a few cases, the challenge lies in their ability to quickly identify and resolve problems. The main area needing improvement is the technical training and certifications for partners and support staff.

Neutral

No

We had Portnox installed on our server rather than using Portnox Cloud.

We worked with the consultant to deploy the system. It wasn't too much of an issue to deploy because we transitioned from one particular server to another. The consultant did most of the setup configurations while we worked with them, giving them the information they needed

I know that IT solutions are expensive. You are charged according to the number of users. For now, the organisation can afford it, but smaller organisations may not be, so Portnox can also consider that when pricing.

The unified access control platform, especially on cloud, offers great functionality. Having all functionalities under one roof is beneficial, though some big organizations prefer on-premises solutions for security purposes.

Regarding conditional access, it can be configured for specific ports, such as ATM machines, to ensure availability while maintaining security. For user systems, conditional access is limited, and vouchers are issued only when necessary, such as when systems need to remain online during maintenance.

As an end user, I would rate this solution an eight out of ten.

Our primary use case for Portnox is to authenticate users. Authentication means ensuring that the person connecting to our network is the correct staff member of the organization. Someone cannot simply carry a system from anywhere to the estate and access the facility. Previously, some people brought their systems and were able to connect. With Portnox, it will first verify if you are part of the organization by checking if the person has the password and username. It will also check if that system is a domain-joined system. 

It checks two things: the user and the system being used. It verifies if this person is part of this organization and not a foreign user to our domain. From the support perspective, it checks to see if that person is authenticated via these two methods.

Previously, we had a solution where you needed to call for a NAC port issue, and the engineer would check for the port number. With Portnox, you have a large-scale view of the systems on your estate. You can use the ID of that user to search and get substantial information about a user. It is a very robust application because three teams use that part: the network team, the security team, and the support people. If I need to get a particular number to find out where a switch is or a particular port on a switch, I can use it to get it. The previous solution did not accommodate these features.

Using Portnox is easy. The only challenge is the time it takes to connect because authentication occurs on the cloud. If there are issues with the cloud-based server, authentication becomes problematic. This authentication issue with Portnox needs to be addressed. We have observed that it takes time for people to authenticate based on the fact that the cloud-based facilities are having issues. Authentication is delayed because it is communicating with a set of controllers.

I have been using Portnox for more than three years.

For the stability of Portnox, it needs to be made more accessible. When they have an update, there should be time-to-time communication. There should be something easier to push through. If there is a version one and another version, the communication between the organization using it and Portnox should be firm so they can coordinate effectively. We have seen instances where the older version stops working properly, and we have to update each system individually. This process is time-consuming as it needs to be done manually for each system experiencing issues.

The scalability is very satisfactory.

I only used Portnox. They were trying to review it, and there wasn't a better solution at that time.

For enrollment, you must have the software installed first. Then it authenticates the user by checking if the user ID is correct. After that, it will indicate if your device is healthy. The enrollment process involves entering your organization's details for confirmation.

The procurement portion is handled by another team due to segregation of duties. While I cannot specify the price, we have been using it consistently. Considering that the solution might be priced in foreign currency, if it were not cost-effective, they would have retired it.

I would rate Portnox an eight out of ten; no application is perfect.

We use Portnox for our primary network access control in all our offices to protect against unauthorized devices on our network.

The ease of use stands out as the interface is straightforward compared to other NAC solutions.

I have Portnox integrated with Azure and utilize certificate-based authentication for our wireless and wired networks.

We immediately recognized Portnox's benefits during a proof of concept, which seamlessly transitioned into a purchase. After fine-tuning the system with Portnox engineers and integrating it with Azure, we implemented certificate-based authentication for both our wired and wireless networks, providing a seamless experience for our users.

Moving from a traditional, on-premise Network Access Control solution, fully managed by the IT department, to a cloud-based NAC solution like Portnox offers significant cost savings.

The cloud-based feature of Portnox is excellent. We use Meraki for our switching, making it simple to point all our networks and offices to Portnox. It is seamless and integrates well with our Azure setup.

We use devices like PLCs and controllers, and when we receive a request to allow one on the network, we bypass typical authentication, associate it with a group account, and push it to a firewalled VLAN. However, problems arise when the same MAC address is requested for a different project. Our current system only finds authenticated MAC addresses, making it difficult to troubleshoot when the same device is used for multiple purposes. Ideally, we should be able to search for any MAC address in the database, regardless of its authentication status, to see all its associated groups and potential conflicts.

I have been using Portnox for about two years.

I've spoken with several members of the support team, and they have been excellent and very attentive. They resolved issues quickly and provided clear explanations.

Positive

The initial setup was handled by our IT department and Portnox's experts. Once we configured everything, it was not too challenging.

The implementation was done by myself, with assistance from Portnox.

The pricing is a bit high, possibly due to the cloud features and running instances across regions like the US, Asia, and Europe.

I would rate Portnox an eight out of ten.

Operational efficiency has become more complex and time-consuming due to increased security measures. While previously devices could easily connect to the network, now a more rigorous procedure is required to ensure security. This involves a help desk ticket and MAC address bypass to properly document and allow devices, which are often more than just employee laptops, onto the network. Although this process increases complexity and workload, it significantly enhances security.

The maintenance is managed by Portnox.

While cloud security is a valid concern, Portnox prioritizes security as a network security company. Their practices align with industry standards, even with the increased exposure of a cloud-based system. For global companies, the centralized management platform offers significant advantages.

My initial use case for Portnox was as an on-prem solution that we used for network access control. We implemented ISO 27001 around that period, and Portnox served as our network access control. It helped in locking our ports where unauthorized users or devices in the environment were blocked. It worked pretty efficiently for us.

The last time I used Portnox was earlier this year because I just moved roles. Where I am now, I've recommended that Portnox be implemented, which is currently under review. We might contact the vendor for a PoC, but it's something that I know works and has helped me significantly in terms of network access control.

Portnox helped to free up staff time and resources for other IT security priorities and IT work. There were improvements in our operational efficiency after installing Portnox, as we were able to block unauthorized users entirely from gaining access to the organizational Wi-Fi. It helps when we see people sharing or using outdated PCs in the environment.

I found the user interface of Portnox quite cool. It's good, and I enjoyed it. The interface was something I never had issues with, and the UI was superb.

I used Portnox conditional access, and for me, it's a cool feature.

Portnox did allow us to stop people from not allowing their PCs to be patched fully.

One of the features I enjoyed the most about Portnox was the ability to dive in with proper details on an endpoint. For instance, you can see a PC connected to it, and you can tell which user the PC is using and which version of the OS it's running. It provides very granular details of the device connected to each port. The ability to integrate it with a wireless controller helped me implement Portnox in our Wi-Fi solution.

The Wi-Fi integration could be done better from their end. If there is an improvement, it should be around having more functions on the integration with the Wi-Fi controller I used, which was a UniFi controller, also on-prem. It was a seamless integration, but we did experience some difficulties initially where mobile phones were being locked out until we figured out how to set footprints for mobile phones that would be able to connect using Portnox to access the Wi-Fi in the environment.

At this point, there is nothing additional I want from Portnox.

I started using Portnox in 2018, so it has been quite a while now.

In the four years that I used Portnox, if it crashed or the server crashed, that would not have been more than once.

Portnox is scalable.

I contacted their technical support on one occasion, and the response was swift. I would rate their support a nine out of ten based on that one interaction.

Positive

It was straightforward. It wasn't difficult at all.

The deployment took about a week, but the onboarding of devices was an ongoing event.  It took about a month because we had over a hundred of them.

For deployment, there were just three people in my team who were assigned to handle it, and we were able to do it.

We worked with the vendor, just one person from the vendor and three from the in-house team.

I would rate Portnox an eight out of ten.