FortiNAC is the Fortinet network access control solution. It enhances the overall Fortinet Security Fabric with visibility, control, and automated response for everything that connects to the network. It provides protection against IoT threats, extends control to third-party devices, and orchestrates automatic responses to a wide range of networking events.
What is FortiNAC Network Access Control (NAC)?
FortiNAC Network access control, or NAC, is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their corporate networks.
This technology has been around for nearly two decades, but a new generation of its solutions is helping organizations keep up with today’s ever-expanding attack surface, delivering not only visibility of the network environment, but also enforcement and dynamic policy control. Whether devices are connecting from inside or outside the network, it can automatically respond to compromised devices or anomalous activity.
Modern solutions also provide a clear view into network assets to support regulatory certifications and security best practices that require organizations to establish and maintain an accurate inventory of all connected devices—even in virtual environments where assets are constantly connecting and disconnecting from the network. The monitoring and response capabilities are especially critical since many devices open users to additional risk via compromised, poorly written and un-patchable software, unadvertised back doors hardwired into firmware, and other factors.
NAC is an important part of a Zero Trust Network Access model for security, in which trust is no longer implicit for users, applications, or devices attempting to access the network, and for which IT teams can easily know who and what are accessing the network, as well as how to protect corporate assets both on and off the network
How FortiNAC Secures Your Network
NAC provides visibility over everything connected to the network, as well as the ability to control those devices and users, including dynamic, automated responses. It plays a role in strengthening overall network security infrastructure.
A properly functioning solution can deny access to noncompliant users or devices, place them in quarantine, or restrict access to a small number of network resources, separated from the rest of the network. NAC generally supports the following:
- Authentication and authorization of users and devices
- User and device profiling
- Denial of unsecured devices
- Quarantine of unsecured devices
- Restricting access to unsecured devices
- Policy lifecycle management
- Overall security posture assessment
- Incident response through policy enforcement
- Guest networking access
