The purpose of this article is to provide a Fortinet FortiLink NAC overview. Fortinet switches and access points (FortiSwitches and FortiAPs) come with the ability to apply some basic NAC (network access control) rules. This feature is called FortiLink and is managed from the Fortinet firewall (FortiGate). FortiLink is a proprietary protocol developed by Fortinet and only available with Fortinet firewalls.
You can enhance your visibility, control, and response by implementing FortiLink NAC policies. FortiLink NAC helps system administrators increase security of their networks by implementing policies that control what happens to a device once it is on the network.
FortiLink works with all models of the FortiSwitch and FortiAP product line but does not work on non-Fortinet switches and access points. There is no additional cost for FortiLink as it is included with the FortiGate.
Switch Port NAC vs Wireless NAC
FortiLink NAC can be applied on a switch or wireless network. When traffic enters the network, it is profiled and sent to a VLAN. It is profiled on a switch network by device type, operating system, MAC address, IP, hostname, or username. When traffic enters a wireless network, it is profiled based on the same thing in addition to user groups and EMS tags.
Common FortiLink Questions
- Q: Can I see all my physical ports on a FortiSwitch from their network interfaces on the FortiGate firewall?
- A: No. You can see all your VLANs on your network interface on the FortiGate, however.
Contact a Fortinet Specialist
If you’re looking to add network access control to your Fortinet network and would like help from a Fortinet partner and specialist, please fill out the form below.