FortiNAC is Fortinet’s network access control solution that enhances the Security Fabric with visibility, control, and automated response for everything that connects to the network. FortiNAC provides protection against IoT threats, extends control to third-party devices, and orchestrates automatic responses to a wide range of networking events.
Visibility Across the Network for Every Device and User
FortiNAC provides detailed profiling of even headless devices on your network using multiple information and behavior sources to accurately identify what is on your network.
Extend Control of the Network to Third-Party Products
Implement micro-segmentation policies and change configurations on switches and wireless products from more than 70 vendors. Extend the reach of the Security Fabric in heterogeneous environments.
React to events in your network in seconds to contain threats before they spread. FortiNAC offers a broad and customizable set of automation policies that can instantly trigger configuration changes when the targeted behavior is observed.
Fundamental to the security of a constantly changing network is an understanding of its makeup. FortiNAC sees everything on the network providing complete visibility. FortiNAC scans your network to discover every user, application, and device. With up to 18 different techniques, FortiNAC can then profile each element based on observed characteristics and responses. Scanning can be done actively or passively and can utilize permanent agents, dissolvable agents, or no agents. Additionally, FortiNAC can asses a device to see if it matches approved profiles, noting the need for software updates to patch vulnerabilities. With FortiNAC deployed, the entire network is known.
In addition to knowing the entire network, FortiNAC’s enhanced visibility can also use passive traffic analysis to identify devices on the network by integrating Fortinet’s FortiGate appliances. This provides another level of identity to ensure accurate classification.
Dynamic Network Control
Once the devices are classified and the users are known, FortiNAC enables detailed segmentation of the network to enable devices and users access to necessary resources while blocking non-related access. FortiNAC uses dynamic role-based network access control to logically create network segments by grouping applications and like data together to limit access to a specific group of users or devices. In this manner, if a device is compromised, its ability to travel in the network and attack other assets will be limited. FortiNAC helps to protect critical data and sensitive assets while ensuring compliance with internal, industry, and government regulations and mandates.
Ensuring the integrity of devices before they connect to the network minimizes risk and the possible spread of malware. FortiNAC validates a device’s configuration as it attempts to join the network. If the configuration is found to be non-compliant, the device can be handled appropriately such as by an isolated or limited access VLAN.
FortiNAC will monitor the network on an ongoing basis, evaluating endpoints to ensure they conform to their profile. FortiNAC will rescan devices to ensure MAC-address spoofing does not bypass your network access security. Additionally, FortiNAC can watch for anomalies in traffic patterns. This passive anomaly detection works in conjunction with FortiGate appliances. Once a compromised or vulnerable endpoint is detected as a threat, FortiNAC triggers an automated response to contain the endpoint in real-time.
- Agent and agentless scanning of the network for detection and classification of devices
- Create an inventory of all devices on the network
- Assess risk of every endpoint on the network
- Centralized Architecture for easier deployment and management
- Extensive support for third-party network devices to ensure effectiveness with existing network infrastructure
- Automate onboarding process for a large number of endpoints, users, and guests
- Enforce dynamic network access control and enable network segmentation
- Reduce containment time from days to seconds
- Event reporting to SIEM with detailed contextual data to reduce investigation time