Portnox Reviews

The primary use of Portnox was for Network Access Control (NAC) and management. It was used to control and manage access to the network in my client's network. Unauthorised devices were locked out until approved and granted by the NAC manager. It showed information including the IP address, MAC address, hostname of device, username, switch location, and port number of where a device is connected to. It covers both wired and wireless. 

Portnox CORE helped in securing my client's threat landscape from attackers and hackers.

For the information security team, the security level was improved because it helped to manage and prevent rogue devices from connecting to the corporate network. The reporting was granular, and reports we scheduled for delivery on Portnox were useful during investigations and audits, especially in cases where the IP address changed.

For network support, it helped in troubleshooting the type of connection challenge that a device or user experienced. Network engineers could identify the location of the device on a switch to verify if the user's challenge was network or device related.

NAS view page gave a virtual graphical view of the switches, similar to the physical view, and just like how you see the ports on them. 

There is an add-on feature for application control to kill unwanted applications when launched on a user's device.

It has a feature to check the compliance state of computers. An example is for an antivirus. It checks if it was installed, installed but not running, or not installed, then it defines policy action based on compliance status, which it applies.

It supports a good number of known antivirus products.

It has scheduling reports for backward review of incidents.

Its knowledge base refers you to similar tickets or solutions.

Areas that Portnox CORE can improve include: 

1. Support for unmanaged switches (or hubs) and other brands of network devices. These kinds of devices are still in use in organisations, especially SMEs who cannot afford to buy a managed switch.
2. The licensing module. This should be reviewed to count the number of devices instead of port numbers of total switches. There is a case for this where not all ports for a switch are used by devices. Unused ports are calculated in the license, then the customer pays for license for those unused ports.  
   

Over three years.

It is stable.

There has been progress from research and development when requests are made or something unusual is discovered during support.

Portnox customer service has been good and quick to respond.

No.

Deployment is straightforward.

Vendor implementation.

The vendor price is fair. licensing was per total number of switch ports.

None.

On-premises

We use this solution for network access control in an on-premises deployment. It handles our authentication, allowing users to access a network only according to the policy that the organization provides. The network is not open to everyone. Rather, it's only open to those who actually work for the network.

The minute people have issues on their network, we can see what is happening right away. It is graphical, and we can see where the issue is, including the network port. It makes it a lot easier for us to troubleshoot and correct network problems.

The user interface is very convenient.

This solution reports a certain number of false positives, but it generally has to do with the configuration. 

The licensing is based on a per-port price, even when you are not using all of the ports, and this is something that could be improved.

Better integration with our firewall, so that we can create policies that would block ports that are in a state of attack, would be a helpful inclusion for the next release of this solution.

We have been using this solution for more than six years.

This is a stable solution that we use on a daily basis. It works, and we don't have any problems with it.

Whenever we grew, there were no issues with scalability. It is just a question of adding licenses. Currently, we have approximately eight hundred ports, which means eight hundred devices. As the company grows, our usage will continue to grow.

We have not had to contact technical support for a long time, but when we did, we have had good support from them.

We did not use another solution prior to this one.

The initial setup of this solution is simple and straightforward. I believe that our deployment took one day, although the system will take some time to learn after that. In total, it probably takes a couple of days.

Nothing is required in order to maintain this solution. It works. We get alerts, and we work according to the alerts. There is no dedicated team for this.

We had an integrator to assist us with the deployment. Everything works fine, and we are very pleased with them.

We pay for port licensing and support on a yearly basis, and it's not cheap.

Six years ago, I evaluated other solutions before choosing this one. This was what we decided on at the time, but maybe today there are other solutions on the market that do the same thing, and maybe in a better way. This solution satisfied us at the time, and since then we have been happy with it. 

Forescout was one of the solutions that I evaluated, and it was more complicated. It may be better today, but at the time it was more complex and it took it a lot more time to integrate into the company. It had false positive issues.

This is a simple solution and it does pretty much what it's supposed to do. We haven't had any problems with it for the past six years. This product is always running in the background. We get reports and alerts, and we deal with them accordingly.

This product has helped us tremendously during the years in locating all kind of issues that we had on the network, very quickly, and I recommend it.

Overall, it is a very good product and we are very happy with it.

I would rate this solution a nine out of ten.

For our use case we can check on syndication issues while using it for NAC (Network Access Control). It helps us to allow users access to the network according to the policy that the organization provides.

The product has helped improve our organization in a number of different ways. The most important of all is that we are aware of situations the minute anyone on the network has issues. We can see what is happening right away. It has a very good graphical interface and we see exactly where the issue is, what ports the issue is occurring at and that makes it a lot easier for us to troubleshoot network issues. That ability helps with uptime and productivity.

The most valuable feature of the product in our case is the network visibility. The product gives us a very good view of what's happening on the network and we can take action proactively. It also provides security. Our network isn't open to everyone in the organization. It's open only to people who have a real need to work on the network. The product helps us control that access.

It also helps that the product is self-sufficient. We don't need to allocate employee resources to the maintenance and monitoring unless something goes wrong. It is all automated. We get alerts and we react according to the alerts we receive without a dedicated team that monitors the solution. We're a team and we work together on other things while the product monitors the system. When we get alerts, that's when we deal with it.

In our case, the product does what it's meant to do. I don't see any real need for improvement here, at least not for our needs. The interface is very convenient and provides very good security for exactly what we need the product for. It's a simple solution and we haven't had any problems with it for the past six or seven years. I don't know that we really have any pain points with the product or I'd be aware of them.

There are a certain number of false positives on occasion where we get an alert and really nothing is wrong, but generally, those issues have to do with computer configuration. It isn't really the fault of the product. I don't have anything bad to say about the product. We are very happy with it.

I guess one of the problems with the tool is our own fault. We could use a lot more of its features than we do now. But we have been using the parts of the product that we need for years now. If we had problems with it and it didn't do what we needed it to anymore, we wouldn't continue buying the support for it and we'd look for another solution.

I guess the only thing that might really make a difference is a change in the pricing structure. They charge us by the number of ports that we have on our switches. The more ports we have on the switch, the more we have to pay — even if we're not using all of the ports. From the point of view of licensing, there could be some kind of improvement. I think it would be better if we were paying for actual usage.

If there were additional features to add, I might suggest better options for integration with the firewall. I know that the product has this feature already, but it's something we haven't explored more deeply because it isn't the reason we use the solution. If there were better integration with our firewall, we might be able to do additional things like creating policies that would block ports that are under attack or other things like that which could be beneficial.

Portnox has the integration capability, but as far as I know, it's not something that's really built into the solution. It involves some scripting. I think that if they made that easier to deploy, we would definitely use it.

We have been using the product for more than six years.

This solution is stable and it just works. We don't ever have any problems with it.

We don't have any issues with scalability. Whenever we grow, the only question about scalability is determining how many licenses to add and then just adding the licenses. As the company grows and we expand, the usage grows as well.

Right now, we're licensed for about 800 ports. That means that up to 800 devices can be connected. It's easy to add the licenses. It just gets more expensive when you do.

Our experience with customer support is pretty limited. We haven't contacted them for a long time. But, generally, when we do have to contact them — for whatever reason — we get good support from them.

It has been a while since the initial setup, but I recall that it was pretty simple. It might have only taken a day to deploy. Then it might have taken a couple of days running checks on the system. In all, it only took a couple of days.

When we did the deployment we used an integrator that we use regularly from time-to-time for implementing our security products. Our experience with the integrator is always good and everything works fine. We are very pleased with the integrator's services.

One return on the investment is that we don't need to dedicate employee time to monitoring the system. We just pay for the product.

As far as pricing, we only pay for support on a yearly basis. There are no other costs after you initially pay for the licenses. The only exception to that is if you need to add devices to the system. If you add to the system you need to license more ports. You need to pay for the additional licensing. Other than that it essentially works by itself so it is like having another employee for the cost of support.

I don't know the exact prices but I know the product is not cheap.

Before we decided on Portnox CORE as a solution, we did try other solutions to compare. I'm talking around six years back, so remembering the reasons for everything isn't that easy. In the end, we decided this was the solution we needed. Today there may be other solutions in the market that do the same thing — maybe in a better way, I don't know — but this solution satisfied us at the time, and since then we're happy with it. There's no reason to explore other options until the solution isn't providing what we need. Even then, it may be an opportunity to explore more of the existing product's capabilities.

One of the products we did evaluate was SportScout. It was more complicated and we found it was more complex to implement at the time. I don't know how it is today. It may be better and improved by simplifying some of the processes involved in the deployment. At the time it was obvious that it would be more complex and take a lot more time to integrate it into the company. It had a false-positive issue.

We really like the solution and it does what we need it to, so in rating it let's say we give it a nine out of ten. It's just hard for me to give anything a ten because that means it is perfect. But truly, I have nothing bad to say about the product. It's a good product and it helped us tremendously in the years in locating all kinds of issues that we had on the network. It does that very quickly and reliably and I recommend it.

The product is something we use on a daily basis. It's something that's always working away in the background. We get reports, we get alerts, we assess what the alerts are telling us and then we take action as necessary. If that's what an organization needs, then this is a very good solution.

It's being used in a bank of over 4,000 devices, and so far it has been good. No complaints.

Previous to the deployment we didn't have complete visibility of all the endpoints, all the devices that are connected to the network. But with the deployment of portnox, we could see all the devices and where they're connecting. We can equally segregate and apply different rules, policies to each location that we didn't monitor specifically.

It's agentless, and it's scalable.

For now, they just released the new version which has a completely different design interface, and there are some other improvements that were added onto it. So we need to look at it and understand how these features impact the performance and all that before we can make a recommendation.

One thing they can look at is increasing the number of support staff so that there will be more people supporting the solution than they currently have.

It's very, very, stable. 

Of course, it's a scalable solution. One server can support up to 10,000 endpoints and cannot equally be deployed in clusters, where you need more than 10,000.

Tech support is good.

It was easy. It was straightforward. Once you follow the guides it's not complicated.

When selecting a product, if I want to bring in a new solution, I will look up the competing solution: What features do they have that are better than what I'm bringing, which will put me in a better position to make an informed decision and advise the customer accordingly.

If I'm to advise a customer that wants to buy a similar solution, I would first of all find out what their needs are, what their priorities are. Would they want agent or agentless? Would they want software or hardware? Those are the questions I would have to ask before I can say, "Go for this," or, "Go for that." Honestly, all NAC solutions are the same, they do the basic work. So it all depends on the environment, what is obtainable. Some companies don't want agents in their environment, so they go for agentless. Some don't want hardware, so they go for software. So my position is to advise.

I rate this solution a seven out of 10 because it meets my needs of ensuring that my network is protected. But then, I believe there's room for improvement.

The ability of the product to search the entire network and know what you have hidden on your network.

For tech support, most of the time they do not need to ask the IP address of the client since they see it in portnox.

The GUI and the knoxer remote site functions.

2 years

Yes, it didn't block rogue devices in 90 seconds, it took 6 minutes, but they fixed it. Besides that, there were a few security issues they fixed.

It can't work fully redundant.

Customer Service: High level and good customer service.Technical Support: They have good tech support, but have room for improvement.

Before you choose portnox, make sure that it supports all of your needs.

It's a good product but needs improvement.

We use the solution for NAC which gives us the ability to control networks. 

I am impressed with the solution's voucher capability and authentication. The tool is integrated with Active Direct storage. 

The product should consider more integration with vendors like Huawei. It should also improve visibility. The solution should offer a partner portal that can provide customers training on the in and out of the solution. 

I have been working with the product for more than six months. 

I would rate the solution's stability an eight out of ten. 

I would rate the tool's scalability a seven out of ten since for large environments it needs more intervention. 

The tool's setup is not complex. You need to have some knowledge about it. 

The tool is more expensive than Fortinet. 

The solution is suited for enterprises. I would rate it an eight out of ten.