The license key installed on your FortiNAC controls both the feature set that is enabled and the number of managed hosts, users and devices.
- Base: Network discovery, host profiling, and classification.
- Plus: Host registration, scanning, and access control, along with all base features.
- Pro: Automated Threat Response (Security Incidents), along with all plus and base features.
All licenses include high availability.
There are two types of license counts on FortiNAC: concurrent licenses and Security Incidents licenses. See license usage information on the Dashboard and License management.
FortiNAC allows the “In Use” license count to go over by a small buffer of the “Total” count. When this buffer is exceeded, FortiNAC does the following:
- No new registrations are allowed.
- Attempts at new registrations are presented with the message Exceeded concurrent connection license limit.
- Rogues, at-risk, and disabled hosts continue to be placed in isolation as they normally would be.
- Existing registered hosts and devices continue to have network access.
- Network Access provisioning based on policy will not occur
The count of concurrent licenses is based on the total number of concurrent connections to your network that are managed by FortiNAC. There may be parts of your network that are not managed by FortiNAC.
This count includes hosts, servers or devices that are online on your network at any given time. When a host, server or device disconnects from the network, the license is released and can be used for another connection. For example, you may have 1000 hosts in your database but if only 100 are connected, then only 100 licenses are used.
A registered host will use a license if the host is seen by FortiNAC to be online, even if the host is not on an enforced port. When a registered host shows online, even if no one is logged on, a license is still used. When the licenses run out, no new devices can register and access the network.
The following devices use a concurrent license when connected:
- Online hosts in the Host View (including registered hosts and IP phones)
- Online, non-infrastructure devices in Inventory (servers, printers, IP phones)
The following devices don't use a concurrent license when connected:
- Rogue devices
- Switches, routers, wireless controllers and wireless access points in Inventory
Security Incidents licenses
These licenses are based on the total number of licenses configured for Security Incidents that are currently in use by devices connected to your network.
Additional services at no cost come with licenses and are shown as entitlements in the license dashboard.
|Telephone Support||Global toll-free technical support available 24/7 over telephone.|
|IoT Detection||Access to database of devices through the cloud-look up service hosted by FortiGuard Labs used by FortiNAC to identify devices.|
|Vulnerability Management||Vulnerability analysis and remediation for potential security weakness.|
|Firmware & General Updates||Firmware updates and weekly network device database updates to keep deployments up to date.|
|Enhanced Support||24/7 FortiCare Enhanced Support that includes real-time ticket system, interactive chat features, and return/replace hardware support.|