FortiNAC – Network Access Control & Device Visibility Platform

FortiNAC is a network access control platform that helps organisations discover, classify and control devices across enterprise networks, including wired, wireless, IoT and OT environments. It provides device visibility, enforces access controls and can automate segmentation or quarantine, helping teams reduce the risk of unmanaged or non-compliant endpoints.

FortiNAC Overview

When shared networks carry corporate, guest, IoT and operational devices, access control must identify each endpoint quickly and stop unknown or risky connections from reaching sensitive resources.

Network Access Control for Mixed Environments

FortiNAC from Fortinet is a network access control platform for wired, wireless and VPN environments, with support across IT, IoT, OT, ICS and medical device networks. It gives operations and security teams a practical way to discover connected assets and apply policy where normal endpoint tools may not reach.

Device Context Before Access Is Granted

FortiNAC discovers devices as they appear on the network, classifies them and then enforces access policy before unrestricted connectivity is allowed. In practice, that means unmanaged IoT, OT and medical devices can be identified without agents, while guest and BYOD traffic can be separated from trusted corporate endpoints based on device context and identity.

Containment That Supports Production Control

When a device is risky or non-compliant, FortiNAC can trigger VLAN, ACL or isolation actions through infrastructure integrations, including FortiGate, FortiSwitch, FortiAP, FortiManager, FortiAnalyzer, directory services, MDM and security tools. This helps teams turn visibility into response, so unknown devices do not receive inappropriate access and suspicious endpoints can be quarantined before they affect production networks.

If you are evaluating FortiNAC for network access control, segmentation or device visibility, our team can help you assess how it fits your environment and operational priorities.

FortiNAC Key Features​

FortiNAC is a network access control platform for enterprise networks that discovers connected devices, enforces access policy, and automates response across IT, IoT, OT, ICS, and medical environments.

Control Access Across Every Device Type

Network Access Control
FortiNAC controls device access across wired, wireless, and VPN environments so heterogeneous enterprise networks can apply consistent policy to users, IoT, and unmanaged endpoints.

Device Discovery and Profiling
The platform discovers connected assets and classifies devices to give security teams visibility into endpoints that cannot use agents or standard user authentication.

Automated Containment Actions
FortiNAC can trigger containment actions when risky or non-compliant endpoints appear on the network, helping teams isolate suspicious devices before they disrupt operations.

Guest and BYOD Enforcement
It supports access control for guest and personal devices so visitor and BYOD traffic can be granted appropriate connectivity without inheriting managed corporate permissions.

Segment Networks By Risk

Policy-Based Segmentation
FortiNAC uses device identity, type, risk, and policy to place endpoints into the right network segment automatically.

OT and Industrial Visibility
The platform provides visibility into OT, ICS, and medical device environments where legacy systems and unknown assets create operational risk.

Fortinet and Multivendor Integration
FortiNAC integrates across Fortinet and multivendor wired, wireless, and VPN networks so access and segmentation decisions can be applied in mixed infrastructure environments.

Speak to a FortiNAC Security Specialist

If you need clearer device visibility, tighter access control, or automated quarantine for mixed enterprise and industrial networks, our team can help map FortiNAC to your operational and policy requirements.

FortiNAC Use Cases

Network Access Control

Used across enterprise wired, wireless and VPN access networks, FortiNAC discovers devices as they connect, classifies them and applies policy before unrestricted access is granted, making it a strong fit for enforcing consistent network access control at scale.

IoT Device Discovery

In campuses, healthcare estates and industrial sites, FortiNAC identifies unmanaged IoT, OT and medical devices that endpoint agents cannot always cover, giving teams the visibility and device profiling needed to bring those assets under control.

Automated Network Segmentation

Where device risk needs to be contained quickly, FortiNAC integrates with Fortinet and multivendor network infrastructure to trigger VLAN, ACL or isolation actions, turning device context into automated segmentation rather than relying on manual response.

Guest and BYOD Enforcement

For guest and personal device access, FortiNAC separates non-corporate endpoints from trusted users by using device context and access policy across wired, wireless and VPN environments, helping organisations enforce safer BYOD and guest access rules.

OT Network Access Visibility

In operational and industrial networks, FortiNAC provides visibility and access control for OT and ICS devices without depending on endpoint agents, which makes it well suited to environments where unmanaged assets must still be discovered, profiled and governed.

Compliance-Based Quarantine

When risky or non-compliant devices appear on the network, FortiNAC can automatically contain them through integrated response actions rather than only alerting, supporting compliance workflows that require immediate quarantine and controlled remediation.

Supported FortiNAC Environments & Integrations

Network Access Control Environments

FortiNAC discovers, profiles and controls devices across Fortinet and multivendor wired, wireless and VPN networks before access is granted.

FortiGate, FortiSwitch & FortiAP Integrations

Integrates with FortiGate, FortiSwitch and FortiAP to enforce segmentation and containment actions directly through network infrastructure.

FortiManager & FortiAnalyzer Ecosystem

Connects with FortiManager and FortiAnalyzer so device risk and access events can inform broader network control and analysis.

Directory Services & Identity Sources

Supports directory services, MDM and security tools to classify devices and apply access policy using user and endpoint context.

IoT, OT, ICS & Medical Device Environments

Provides visibility for unmanaged IoT, OT, ICS and medical devices that agent-based tools often cannot cover.

Automated Segmentation & Quarantine Actions

Triggers VLAN, ACL or isolation responses through integrated infrastructure when risky or non-compliant endpoints appear on the network.

FortiNAC Licensing Options

FortiNAC BASE

FortiNAC BASE is licensed per concurrent endpoint and provides device discovery, classification and dynamic VLAN steering for visibility-led NAC across wired, wireless and VPN networks.

FortiNAC PLUS

FortiNAC PLUS builds on BASE by adding 802.1X enforcement, MAB for IoT, guest portals and BYOD onboarding for organisations that need fuller network access control.

FortiNAC PRO

FortiNAC PRO adds automated threat response, security incident correlation and contextual triage so access can be isolated, quarantined or re-segmented based on Indicators of Compromise.

FortiNAC Licensing Model

FortiNAC is licensed by concurrent endpoint connection rather than registered host, with sizing bands at 100, 1K, 10K and 50K endpoints depending on deployment scale.

Deployment and Adjacent Licensing

FortiNAC is available as FNC-CA, FNC-M, FNC-CAS or FortiNAC-VM, while FortiAuthenticator, FortiAnalyzer and third-party security platforms may require separate licensing for related integrations.

Licence Review & Optimisation

Our team can help assess peak concurrent endpoint count, required tier, wired and wireless scope, IoT density, integration needs, appliance or VM choice, subscription versus perpetual licensing and renewal alignment.

FortiNAC Implementation and Support

Solution Design & Planning

We help assess FortiNAC requirements across wired, wireless, VPN and IoT environments, so your team can define the right access control approach, visibility goals and containment priorities for day-to-day operations.

Deployment & Configuration

Our team can assist with FortiNAC installation, initial policy setup and endpoint profiling configuration, helping to align access rules, device categories and response settings with your organisation’s network standards.

Integration with Existing Environments

We support integration of FortiNAC with FortiGate, FortiSwitch, FortiAP, directory services and FortiManager, so access decisions and segmentation actions fit cleanly into your existing Fortinet and multivendor environment.

User Adoption & Operational Readiness

We can help prepare administrators and service desk teams for FortiNAC by aligning handover materials, approval processes and operational procedures for guest access, BYOD onboarding and endpoint containment events.

Ongoing Support & Lifecycle Management

We provide ongoing support for FortiNAC, including health checks, configuration review, licence alignment, renewal planning and lifecycle guidance, so your deployment remains aligned with current access and security requirements.

Commercial Optimisation & Support for FortiNAC

Subscription & Licence Reviews

We help assess FortiNAC licence requirements against peak concurrent endpoint usage, required tier and estate scope, so your BASE, PLUS or PRO position stays aligned to visibility, control and automated response needs.

Portfolio Alignment

Our team can review how FortiNAC fits alongside Fortinet appliances, virtual deployments and FortiNAC Manager in a wider security portfolio, helping you coordinate coverage, growth and renewal visibility across the estate.

Commercial Optimisation

We support reviews of licence model, capability tier and subscription structure, including perpetual, subscription or FortiFlex options, so FortiNAC investment reflects operational priorities across wired, wireless, VPN and IoT-heavy environments.

Renewal Planning & Lifecycle Management

We can review changing endpoint volumes, tier requirements and timing across FortiCare and licence renewals, helping you plan ahead as environments expand, consolidate or move between appliance and virtual form factors.

Adoption & Value Realisation

Successful network access control depends on ongoing adoption as much as product choice, and our team can help with usage review, policy optimisation and lifecycle guidance so FortiNAC continues to support practical value over time.

Related solutions for FortiNAC

The software and technologies listed here support different requirements and are often used together as part of a wider IT stack.

As an official partner to vendors including Cisco, Juniper, HPE and Fortinet, we can help confirm which software or combination provides the capabilities your team needs, while avoiding under- or over-licensing.

Not sure which software or licensing tier you need?

Speak to our team for help matching the right solution and licence level to your requirements.

Need a clearer view of your software costs?

We can review your current setup, licensing and renewal cycle to check whether your software is still doing what you need, where costs can be reduced, and where administration can be simplified.