Network access control, rebuilt for the cloud - no appliances, no VMs, no specialists.
For most of the last two decades, controlling who and what could join a corporate network meant buying hardware. Racks of appliances. Virtual machines to patch. A specialist - or a team of them - to keep the whole thing running. This category, Network Access Control, was powerful and, for many organizations, quietly miserable. Portnox was founded on the belief that it did not have to be.
Portnox builds cloud-native access control. In plain terms, it decides whether a laptop, a phone, a printer, a smart camera, or a contractor's device is allowed onto a network - and what it is allowed to do once there. It checks identity, profiles the device, assesses risk, and enforces policy across wired, wireless, and remote connections. The difference is where all of that happens: not on a box in a server closet, but in the cloud, delivered as software.
The company traces its origins to 2007 and a group of engineers who had done network security work for the Israeli Air Force. They had felt, first-hand, the gap between the access-control tools that existed and the ones they wished existed - so they built the latter. In 2017, Portnox shipped what it describes as the first cloud-native NAC solution on the market, years ahead of a category that was still selling appliances. It later added the first cloud-native TACACS+ service and, in 2024, passwordless conditional access for applications.
“They felt the pain of inadequate access control - so they built the product they wished they could have had.”
A modern network is a crowd of unknowns. Managed laptops sit next to personal phones, IoT sensors, medical equipment, and machines a vendor plugged in last week. Each one is a question - should this be here, and what should it be allowed to touch? Portnox answers those questions automatically, and by its own account blocks more than a million unauthorized access attempts a day.
Its customers are the organizations for whom a wrong answer is expensive: more than 1,000 of them, concentrated in healthcare, financial services, manufacturing, and technology - industries that carry compliance obligations like HIPAA and PCI-DSS. For lean security teams, the appeal is blunt: enterprise-grade zero trust without the appliance budget or the headcount to run it.
Real-time visibility and control over every device on wired and wireless networks, with profiling and automated remediation.
AI-powered fingerprinting discovers and classifies unmanaged and personal devices, then applies policy without manual tagging.
Phishing-resistant, certificate-based authentication that removes passwords - the weakest link in most breaches.
Continuous endpoint risk assessment and posture checks aligned to HIPAA, PCI-DSS, and internal policy.
Portnox Cloud folds capabilities that traditionally required separate products - NAC, RADIUS, TACACS+, and application access - into a single cloud-native platform. Modules can be adopted one at a time and share the same policy engine.
Vendor-neutral network access control with endpoint visibility, device profiling, and automated remediation.
Zero-trust authentication across wired and wireless layers, with certificate-based and passwordless options.
The first cloud-native TACACS+ service for AAA and network device administration.
Passwordless, phishing-resistant application access with endpoint risk assessment and Microsoft EAM support.
The incumbents in access control - Cisco ISE and Aruba ClearPass chief among them - are powerful and deeply customizable. They are also appliance- or VM-based, which means hardware, licensing, and specialists, plus deployment timelines measured in months. Portnox's entire thesis is to remove that layer. Being vendor-neutral and cloud-delivered, it works across mixed network gear and starts, its customers report, in a fraction of the time.
| Capability | Portnox | Legacy NAC (ISE / ClearPass) |
|---|---|---|
| Delivery | Cloud-native SaaS | Appliance / VM |
| Hardware needed | None | Multiple appliances |
| Vendor lock-in | Vendor-neutral | Ecosystem-oriented |
| Deployment time | Days | Weeks to months |
| Passwordless / conditional access | Built in | Add-on / limited |
Comparison reflects Portnox's published positioning and independent NAC comparisons. Capabilities of competing products vary by version and license.
Access control is unglamorous - and disproportionately effective. Deciding who gets on the network quietly prevents more incidents than most flashier tools. Portnox sits in the network-security and zero-trust market alongside NAC incumbents and identity players, competing on simplicity and total cost of ownership rather than raw feature sprawl. The relative bars below illustrate its stated positioning, not audited benchmarks.
Portnox sells subscription licenses to its cloud platform, typically priced per device or per user, with add-on modules for NAC, RADIUS, TACACS+, and conditional access. It goes to market directly and through resellers and MSPs, and is available on the Microsoft Azure Marketplace.
Engineers with Israeli Air Force network-security backgrounds start Portnox.
Portnox opens a U.S. office and deepens its footprint in the American market.
The market's first cloud-delivered network access control solution ships.
Elsewhere Partners leads a round to accelerate the cloud platform.
Portnox extends AAA and device administration into the cloud.
Application access with endpoint risk assessment and Microsoft EAM support.
Updata Partners leads a Series B; Portnox named Best NAC at RSA.
Portnox provides cloud-native access control that decides who and what can connect to an organization's network and applications, unifying NAC, RADIUS, TACACS+, and passwordless conditional access in one platform.
ISE and ClearPass are appliance- or VM-based and require significant hardware, budget, and expertise. Portnox is delivered entirely from the cloud, is vendor-neutral, and needs no on-premises appliances - lowering cost and speeding deployment.
More than 1,000 organizations across healthcare, financial services, manufacturing, and technology use Portnox to secure access for managed, unmanaged, IoT, and BYOD devices.
Portnox was founded in 2007 by a team with Israeli Air Force network-security backgrounds and is now headquartered in Austin, Texas.
Portnox has raised $59.5M in total, including a $22M Series A (2022, Elsewhere Partners) and a $37.5M Series B (2025, Updata Partners).