FortiLink NACis the NAC (Network Access Control) engine built into FortiGate when it manages FortiSwitch devices.
It performs:
✔Automated device onboarding
Automatically detects new devices connecting to switches.
Uses MAC, vendor, DHCP fingerprinting, or IoT database to classify devices.
No manual VLAN assignment required.
✔Security posture verification
Works with FortiClient EMS, ZTNA tags, IoT detection.
Applies policies based on:
Device type
User role
Endpoint compliance
IoT vulnerability status
✔Dynamic VLAN assignment
Automatically moves devices into proper VLANs, quarantine networks, or guest zones.
✔Integration with LAN Edge & Zero Trust
Uses FortiGate + FortiSwitch + FortiAP to enforce zero-trust access.
This matches the LAN Edge 7.6 Architect explanation of FortiLink NAC.
❌Why other answers are wrong
A. Extend security policies across FortiGate firewalls
Not NAC. That refers to Security Fabric or SD-WAN.
C. Apply manual firewall rules
FortiLink NAC is specifically designed toautomateaccess control.
D. Manually place devices in VLANs
NAC eliminates manual VLAN assignment — it is dynamic.