FortiNAC is a network access control platform that helps organisations discover, classify and control devices across enterprise networks, including wired, wireless, IoT and OT environments. It provides device visibility, enforces access controls and can automate segmentation or quarantine, helping teams reduce the risk of unmanaged or non-compliant endpoints.
When shared networks carry corporate, guest, IoT and operational devices, access control must identify each endpoint quickly and stop unknown or risky connections from reaching sensitive resources.
FortiNAC from Fortinet is a network access control platform for wired, wireless and VPN environments, with support across IT, IoT, OT, ICS and medical device networks. It gives operations and security teams a practical way to discover connected assets and apply policy where normal endpoint tools may not reach.
FortiNAC discovers devices as they appear on the network, classifies them and then enforces access policy before unrestricted connectivity is allowed. In practice, that means unmanaged IoT, OT and medical devices can be identified without agents, while guest and BYOD traffic can be separated from trusted corporate endpoints based on device context and identity.
When a device is risky or non-compliant, FortiNAC can trigger VLAN, ACL or isolation actions through infrastructure integrations, including FortiGate, FortiSwitch, FortiAP, FortiManager, FortiAnalyzer, directory services, MDM and security tools. This helps teams turn visibility into response, so unknown devices do not receive inappropriate access and suspicious endpoints can be quarantined before they affect production networks.
If you are evaluating FortiNAC for network access control, segmentation or device visibility, our team can help you assess how it fits your environment and operational priorities.
FortiNAC is a network access control platform for enterprise networks that discovers connected devices, enforces access policy, and automates response across IT, IoT, OT, ICS, and medical environments.
Network Access Control
FortiNAC controls device access across wired, wireless, and VPN environments so heterogeneous enterprise networks can apply consistent policy to users, IoT, and unmanaged endpoints.
Device Discovery and Profiling
The platform discovers connected assets and classifies devices to give security teams visibility into endpoints that cannot use agents or standard user authentication.
Automated Containment Actions
FortiNAC can trigger containment actions when risky or non-compliant endpoints appear on the network, helping teams isolate suspicious devices before they disrupt operations.
Guest and BYOD Enforcement
It supports access control for guest and personal devices so visitor and BYOD traffic can be granted appropriate connectivity without inheriting managed corporate permissions.
Policy-Based Segmentation
FortiNAC uses device identity, type, risk, and policy to place endpoints into the right network segment automatically.
OT and Industrial Visibility
The platform provides visibility into OT, ICS, and medical device environments where legacy systems and unknown assets create operational risk.
Fortinet and Multivendor Integration
FortiNAC integrates across Fortinet and multivendor wired, wireless, and VPN networks so access and segmentation decisions can be applied in mixed infrastructure environments.
If you need clearer device visibility, tighter access control, or automated quarantine for mixed enterprise and industrial networks, our team can help map FortiNAC to your operational and policy requirements.
Used across enterprise wired, wireless and VPN access networks, FortiNAC discovers devices as they connect, classifies them and applies policy before unrestricted access is granted, making it a strong fit for enforcing consistent network access control at scale.
In campuses, healthcare estates and industrial sites, FortiNAC identifies unmanaged IoT, OT and medical devices that endpoint agents cannot always cover, giving teams the visibility and device profiling needed to bring those assets under control.
Where device risk needs to be contained quickly, FortiNAC integrates with Fortinet and multivendor network infrastructure to trigger VLAN, ACL or isolation actions, turning device context into automated segmentation rather than relying on manual response.
For guest and personal device access, FortiNAC separates non-corporate endpoints from trusted users by using device context and access policy across wired, wireless and VPN environments, helping organisations enforce safer BYOD and guest access rules.
In operational and industrial networks, FortiNAC provides visibility and access control for OT and ICS devices without depending on endpoint agents, which makes it well suited to environments where unmanaged assets must still be discovered, profiled and governed.
When risky or non-compliant devices appear on the network, FortiNAC can automatically contain them through integrated response actions rather than only alerting, supporting compliance workflows that require immediate quarantine and controlled remediation.
FortiNAC discovers, profiles and controls devices across Fortinet and multivendor wired, wireless and VPN networks before access is granted.
Integrates with FortiGate, FortiSwitch and FortiAP to enforce segmentation and containment actions directly through network infrastructure.
Connects with FortiManager and FortiAnalyzer so device risk and access events can inform broader network control and analysis.
Supports directory services, MDM and security tools to classify devices and apply access policy using user and endpoint context.
Provides visibility for unmanaged IoT, OT, ICS and medical devices that agent-based tools often cannot cover.
Triggers VLAN, ACL or isolation responses through integrated infrastructure when risky or non-compliant endpoints appear on the network.
FortiNAC BASE is licensed per concurrent endpoint and provides device discovery, classification and dynamic VLAN steering for visibility-led NAC across wired, wireless and VPN networks.
FortiNAC PLUS builds on BASE by adding 802.1X enforcement, MAB for IoT, guest portals and BYOD onboarding for organisations that need fuller network access control.
FortiNAC PRO adds automated threat response, security incident correlation and contextual triage so access can be isolated, quarantined or re-segmented based on Indicators of Compromise.
FortiNAC is licensed by concurrent endpoint connection rather than registered host, with sizing bands at 100, 1K, 10K and 50K endpoints depending on deployment scale.
FortiNAC is available as FNC-CA, FNC-M, FNC-CAS or FortiNAC-VM, while FortiAuthenticator, FortiAnalyzer and third-party security platforms may require separate licensing for related integrations.
Our team can help assess peak concurrent endpoint count, required tier, wired and wireless scope, IoT density, integration needs, appliance or VM choice, subscription versus perpetual licensing and renewal alignment.
We help assess FortiNAC requirements across wired, wireless, VPN and IoT environments, so your team can define the right access control approach, visibility goals and containment priorities for day-to-day operations.
Our team can assist with FortiNAC installation, initial policy setup and endpoint profiling configuration, helping to align access rules, device categories and response settings with your organisation’s network standards.
We support integration of FortiNAC with FortiGate, FortiSwitch, FortiAP, directory services and FortiManager, so access decisions and segmentation actions fit cleanly into your existing Fortinet and multivendor environment.
We can help prepare administrators and service desk teams for FortiNAC by aligning handover materials, approval processes and operational procedures for guest access, BYOD onboarding and endpoint containment events.
We provide ongoing support for FortiNAC, including health checks, configuration review, licence alignment, renewal planning and lifecycle guidance, so your deployment remains aligned with current access and security requirements.
We help assess FortiNAC licence requirements against peak concurrent endpoint usage, required tier and estate scope, so your BASE, PLUS or PRO position stays aligned to visibility, control and automated response needs.
Our team can review how FortiNAC fits alongside Fortinet appliances, virtual deployments and FortiNAC Manager in a wider security portfolio, helping you coordinate coverage, growth and renewal visibility across the estate.
We support reviews of licence model, capability tier and subscription structure, including perpetual, subscription or FortiFlex options, so FortiNAC investment reflects operational priorities across wired, wireless, VPN and IoT-heavy environments.
We can review changing endpoint volumes, tier requirements and timing across FortiCare and licence renewals, helping you plan ahead as environments expand, consolidate or move between appliance and virtual form factors.
Successful network access control depends on ongoing adoption as much as product choice, and our team can help with usage review, policy optimisation and lifecycle guidance so FortiNAC continues to support practical value over time.
The software and technologies listed here support different requirements and are often used together as part of a wider IT stack.
As an official partner to vendors including Cisco, Juniper, HPE and Fortinet, we can help confirm which software or combination provides the capabilities your team needs, while avoiding under- or over-licensing.
Speak to our team for help matching the right solution and licence level to your requirements.