[CONTENT]

Executive Summary

IT networking acts as the nervous system of modern organizations, connecting systems, applications, and users to enable secure, reliable, and efficient data exchange. It underpins service delivery and business objectives while providing the foundation to address the complexities of distributed environments, microservices, Zero Trust security models, and digital transformation initiatives. Leading organizations are investing in advancements that enhance agility and user experience, blending security into cloud-native network operations to stay competitive and resilient in a rapidly changing digital landscape.¹

Portnox Cloud is a cloud-native platform that unifies access controls across an organization’s network, applications, and infrastructure, helping them address modern security challenges with agility and scale. The platform delivers Zero Trust security, passwordless authentication, and compliance enforcement across identities, devices, data, and locations, enabling IT teams to deploy and manage network and endpoint security without on-premises infrastructure.

Portnox commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Portnox Cloud.² The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Portnox Cloud on their organizations.

287%

Return on investment (ROI)

$5.0M

Net present value (NPV)

To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed six decision-makers with experience using Portnox Cloud. For the purposes of this study, Forrester aggregated the experiences of the interviewees and combined the results into a single composite organization, which is a globally distributed organization with $5 billion annual revenue and 50,000 devices.

Interviewees said that prior to using Portnox Cloud, their organizations struggled with outdated or overly complex network access control (NAC) systems, which required significant maintenance, specialized knowledge, and on-premises infrastructure. These legacy systems often experienced latency and disruption, affecting IT teams and end users alike. The systems lacked compatibility with modern cloud environments and diverse device types leading to operational inefficiencies, while small and resource-constrained IT teams had difficulty managing large-scale deployments and maintaining consistent security and network policies across distributed environments.

After the investment in Portnox Cloud, the interviewees described how their organizations were able to innovate and grow faster and more securely. They highlighted how the platform’s out-of-the-box visibility and easy-to-use interface connected devices and users for simplified management. Interviewees noted how this also helped improve business agility by supporting faster time to value and agile expansion into new markets through organic growth and mergers and acquisitions (M&A).

At the same time, interviewees shared how Portnox Cloud helped reduced reliance on centralized IT resources, enabling their organizations to grow without proportionally increasing headcount or complexity and allowing technical resources to focus on more urgent and complex network security activities. This enhanced security posture contributed to measurable reductions in breach risk and supported compliance with regulatory frameworks, helping reduce cybersecurity insurance premiums and improve insurability.

Key Findings

Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:

Forty percent reduction in networking technology costs. With Portnox’s cloud-native architecture, the composite organization eliminates the need for physical infrastructure, reducing capital expenditures for on-premises network hardware and associated licensing, storage, and energy costs. It consolidates multiple tools into its single Portnox Cloud environment and reduces the need for virtual infrastructure. This decreases networking hardware, software, and SaaS costs by 40% and allows the composite organization to reallocate 90% NAC management labor to higher-value activities with Portnox Cloud. Taken together, these optimizations total $2.8 million in savings for the composite.
Ninety percent faster time to value with new deployments. With Portnox Cloud, the composite organization rapidly expands or contracts across globally distributed locations without added costs or complex operations. It streamlines processes for opening and onboarding new sites, reducing hardware and deployment time and enabling faster and more efficient integration with minimal labor. The composite significantly reduces waste and accelerates time to market. Over the investment period, this business agility improves profit by $1.5 million.
Seventy-five percent reduced risk of exposure to breach costs from addressable attacks. Portnox Cloud improves the composite organization’s protection against rogue devices by enforcing network-, application- and infrastructure-level access controls and device authentication, significantly reducing the risk of unauthorized access and lateral movement. The composite’s IT teams gain insight and visibility into connected devices, monitoring for up-to-date antivirus and other posture checks, and can proactively block rogue or unmanaged endpoints. This enhanced security posture measurably reduces breach risk exposure by $1.3 million.
Ninety-five percent reduction in annual downtime hours. Portnox improves network reliability and performance by eliminating the on-premises infrastructure dependency that previously caused outages and authentication failures. Its cloud-native architecture provides high availability across multiple regions, reducing downtime and ensuring consistent connectivity. This improved performance and connectivity improves profit by $637,000 for the composite.
Twenty-five percent productivity improvement for networking operations. With Portnox Cloud, the composite organization’s network teams categorize devices better, enforce policies more consistently, and remediate issues more efficiently. The teams leverage streamlined workflows in the cloud-native environment, reducing manual effort and improving operational consistency. Overall, Portnox Cloud improves network operations, yielding $379,200 in labor savings for the composite.
Eighty percent faster and more streamlined end-user access to secure network resources. With Portnox Cloud, the composite organization’s users connect to the network more seamlessly, regardless of their location or device. Connections are faster with fewer reboots, and passwordless authentication leads to less chance of human error. This reduces the time to access a protected resource by 80%. The value of this improved end-user experience over three years totals $190,600.

Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:

SecOps and disaster recovery improvements. Portnox Cloud enhances the composite’s security operations and disaster recovery through improved device authentication visibility, consistent policy enforcement, and faster recovery enabled by cloud-native architecture and integrated threat response capabilities.
IT help desk optimization. Portnox Cloud significantly reduces help desk workload and ticket volume by enabling automated workflows, real-time visibility, and rapid self-service issue resolution.
Improved cyber insurance and compliance posture. Portnox Cloud strengthens compliance and risk mitigation efforts, helping the composite meet cybersecurity insurance criteria and reduce premium costs through enhanced access control and endpoint hygiene.

Costs. Three-year, risk-adjusted PV costs for the composite organization include:

Portnox Cloud annual costs of $1.6 million for 50,000 devices over three years. The composite organization simplifies licensing with Portnox, with agent-based and agentless devices allowing for tailored coverage across its 50,000 endpoints, IoT, and peripherals.
Deployment and administration costs of $112,800. The composite organization quickly stands up its Portnox Cloud environment and scales it across 50,000 devices over 150 sites. After full-scale implementation, it dedicates 3 hours per week to maintenance and administration.

The financial analysis that is based on the interviews found that a composite organization experiences benefits of $6.8 million over three years versus costs of $1.8 million, adding up to a net present value (NPV) of $5.0 million and an ROI of 287%.

90%

Faster time to value with Portnox Cloud

“The biggest [value driver for Portnox Cloud] for me is the improved security, [and we] don’t need as many tools to do the same thing. We can update posturing as we need, we can quickly make groups for people if we have to. It’s a flexible and powerful tool [that has] definitely broadened what we can do now.”

Information security manager, entertainment

Key Statistics

287%

Return on investment (ROI)

$6.8M

Benefits PV

$5.0M

Net present value (NPV)

<6 months

Payback

Benefits (Three-Year)

[CHART DIV CONTAINER]

Networking technology cost optimization Improved business agility Reduced costs of a material data breach Improved performance and connectivity Improved network operations Improved end-user experience

The Portnox Cloud Customer Journey

Drivers leading to the Portnox Cloud investment

Interviews

Role	Industry	Region	Number of Devices
Director of infrastructure security	Hospitality	North America HQ, global operations	100K
Network engineering manager	Technology	North America HQ, global operations	17K
IT director	Healthcare	North America HQ	400
IT security administrator	Education	North America HQ	12K
Network manager	Utilities	North America HQ	10K
Information security manager	Entertainment	North America HQ	1.2K

Key Challenges

Interviewees shared how their organizations faced significant challenges with network security and access control before their Portnox investments, including limited visibility into devices, difficulty enforcing policies, and risks from rogue access points. Maintaining their legacy NAC systems was resource-intensive, requiring specialized knowledge and frequent troubleshooting due to issues with certificates, server failures, and upgrade complications. Teams were small and overburdened, and licensing costs often exceeded the value delivered. Additionally, complex environments often resulted in network disruptions, leading to persistent operational strain and frequent connectivity issues for end users.

In particular, interviewees noted how their organizations struggled with:

Outdated network technology and management complexity. Organizations struggled with outdated or overly complex NAC systems. Licensing fees, hardware expenses, and the labor required to manage outdated infrastructure inflated technology costs, as these legacy systems required significant maintenance, specialized knowledge, and on-premises infrastructure. Limited visibility and remote management capabilities led to unnecessary travel and operational delays, while aging infrastructure and frequent technical failures monopolized staff resources and compounded IT team strain.
- The network engineering manager at the technology company shared how their organization experienced difficulty with its complex, outdated legacy infrastructure: “We had distributed on-premises servers and virtual machines (VMs), which had [our legacy NAC] on them. Whenever we were doing an upgrade for our virtual machines, we faced issues with [our legacy NAC] like hard drives burning out and servers dying or going offline. Those were some of the challenges we faced, so in terms of human resources, we had three people we were turning to on a weekly basis to jump on a call and start troubleshooting.”
Constraints to scaling, mergers, and acquisitions. Inconsistent network environments and lack of visibility into inherited infrastructure hindered growth from acquisitions or geographic expansion. Organizations faced challenges onboarding new sites or offices due to manual processes, lack of automation, and limited scalability of legacy solutions. Interviewees reported resource-intensive scaling efforts requiring significant time and labor to achieve baseline network security. Additionally, localized solutions created onboarding bottlenecks and troubleshooting burdens and lacked compatibility with modern cloud environments and diverse device types and operating systems (e.g., Mac, Linux, IoT), making it difficult to integrate new entities quickly and securely.
- The network manager at the utility company shared how their organization faced significant labor effort to reduce risk introduced from M&A activity and said, “You can imagine [with] 760 sites all operating, … we don’t even know what we’re inheriting on the front end.”
- The network engineering manager at the technology company shared that, in the prior environment, their organization had limited ability to scale new offices up and down quickly as business needs dictated. This was particularly the case in emerging markets, where it could take significant procurement and logistics effort to ship servers to newly deployed offices: “A lot of times it would take time to get more revenue, so when we go to a country, most of the time we are losing money. It takes years to start seeing revenue.”
Costly risks of material data breaches from unauthorized devices. Organizations faced substantial risk from unauthorized or rogue devices connecting to their networks, often without detection. In some cases, users plugged personal devices into corporate networks, bypassing security controls and exposing sensitive data. The lack of port-level security and device authentication created vulnerabilities that could be exploited for lateral movement or data exfiltration, particularly in environments handling regulated data such as PII, PCI, or HIPAA-sensitive information.
- The director of infrastructure security at the hospitality company said: “Prior to Portnox, there was no real network security in terms of what devices were allowed to be there versus not allowed to be there. There were rules, but they were difficult if not impossible to enforce, so a lot of unauthorized devices may not have posed any immediate threat, but then other devices certainly would.”
Poor network availability due to outages and severe performance degradation. Legacy systems contributed to frequent outages, sometimes affecting hundreds or thousands of devices. Hardware failures, server downtime, or software incompatibilities caused these disruptions, leading to degraded performance and unreliable connectivity. In some cases, network instability delayed business operations, impacted productivity, and required extensive troubleshooting efforts from IT teams.
- The IT security administrator at the education organization noted: “At one point, the old solution actually was causing our network core to reboot itself. … Since it was on our core switch, everyone was affected, [causing] full disruption of the network.”
- The network engineering manager at the technology company shared how product issues with their servers would lead to business disruption, sometime requiring disaster recovery procedures: “The problem with [our legacy vendor] was that servers can fail sometimes. … A lot of times, [our] offices had to do yearly power shutdowns to test or do fire drills, and a lot of times during those power shutdowns, our [legacy] server would go down and never come back up. So when this happened, we could have a disaster.”
Manual, time-consuming, and error-prone networking operations. Before adopting Portnox, interviewees shared how their small IT teams had difficulty managing large-scale deployments or maintaining consistent network policies across distributed environments. Networking operations were heavily manual, including tasks like media access control (MAC) address collection, port security configuration, and device classification. These processes consumed significant time, introduced errors, and required frequent intervention from IT staff. Lack of automation and centralized visibility made it difficult to enforce network-level, device- and user-based policies consistently or respond to issues quickly, especially in environments with limited staffing.
- The information security manager at the entertainment company indicated: “We would probably get a dozen tickets every day from people who were having problems connecting with the Wi-Fi, maybe more, and of course then our network engineer and I would have to spend time tracking down logs on what’s going on, all that good stuff. It was a full-time job for me and the network engineer.”
Disruption to end users. End users experienced frequent connectivity issues, long authentication times, and inconsistent access due to unreliable legacy systems. These disruptions affected productivity, delayed meetings, and created frustration across departments. In some cases, they impacted entire buildings or critical business functions, including point-of-sale systems and remote access capabilities. Tickets related to network access overwhelmed help desks, often requiring manual intervention and delaying resolution.
- The information security manager at the entertainment company indicated that their organization’s end users relied on many different types of devices, which were poorly supported in their prior environment, leading to significant disruption: “It really did not pair well with a lot of our users with Mac, Linux, and ARM devices. [Our legacy NAC] was just not working too well for that.”

“We did not have a lot of visibility into what was being plugged into the network. We didn’t have any sort of port security at all. The biggest pain point was tracking down rogue devices on the network.”

Network manager, utilities

Investment Objectives

The interviewees searched for a fully cloud-native, unified access control solution that could support hybrid networks and align security with business growth objectives. Their organizations selected Portnox Cloud to invest in due to its:

Simplified deployment and user-friendly experience. Interviewees expressed the need for their technical teams to focus on supporting business objectives with the Portnox Cloud investment rather than merely maintain their environments.
- The network engineering manager at the technology company shared, “[Our legacy NAC was] a great product, but there were a lot of features that we didn’t really need or use, and it required a lot of human resources to maintain, so this was the main criteria [for selecting Portnox].”
- The director of infrastructure security at the hospitality company stated: “The primary driver [of our investment in Portnox] was the [prior] lack of security due to the absence of an NAC product and our inability to act at scale to prevent unauthorized device access. I would say that there were some other knock-on effects that we leveraged, like the manual process of disabling the ports, which was problematic [and] consumed labor.”
Operational agility. Interviewees indicated that their organizations intended to move faster with their Portnox deployments, improving time to value and reducing maintenance costs and complexity with the agentless, cloud-native Portnox solution.
- The IT director at the healthcare organization said: “We are trying to get all of our stuff off premises. We don’t want to have servers and things on-premises, and [legacy solutions] require physical appliances on site, so that wasn’t attractive, [as] it goes against our overall long-term strategy to get fully cloud native. The cloud-native option was definitely more ideal.”
Meeting security and cyber insurance compliance needs. Interviewees noted that their organizations invested in Portnox Cloud to advance security, compliance, cyber insurance, and Zero Trust objectives.
- The IT security administrator at the education organization noted: “A lot of our changes that we’re making are being driven by cyber insurance costs. They’re all going up nowadays, so the more we can do to meet the requirements, the less we have to pay for the insurance. One of the big ones is making sure your PII is separated from everyone else, and that was not the case with the way we had our network set up.”

“We needed to meet HIPAA compliance. … We looked at other solutions [but] then we came across Portnox, and it was all cloud native and the price was much better than the other ones, so it looked like the perfect solution for us, and we jumped on it.”

IT director, healthcare

Composite Organization

Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the interviewees’ organizations, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:

Description of composite. The global composite organization is highly distributed and heavily regulated, with goals to accelerate business growth at scale. It has $5 billion annual revenue, 1% of which it earns through growth activities such as opening new sites and M&A.
Deployment characteristics. The composite organization has eight FTEs on its networking team, which rolls out Portnox on 50,000 devices across 150 sites. As it shifts workloads from on-premises to the cloud, it is deploying a hybrid workforce strategy for its 100,000 FTEs.

KEY ASSUMPTIONS

Heavily regulated, compliance-driven, highly distributed
$5 billion annual revenue
100,000 FTEs
50,000 devices
150 sites

Analysis Of Benefits

Quantified benefit data as applied to the composite

Total Benefits

Ref.	Benefit	Year 1	Year 2	Year 3	Total	Present Value
Atr	Networking technology cost optimization	$1,127,071	$1,127,071	$1,127,071	$3,381,214	$2,802,859
Btr	Improved business agility	$609,229	$609,229	$609,229	$1,827,688	$1,515,063
Ctr	Reduced costs of a material data breach	$542,118	$542,118	$542,118	$1,626,353	$1,348,166
Dtr	Improved performance and connectivity	$256,164	$256,164	$256,164	$768,492	$637,042
Etr	Improved network operations	$152,490	$152,490	$152,490	$457,470	$379,220
Ftr	Improved end-user experience	$44,442	$44,442	$44,442	$133,325	$110,520
	Total benefits (risk-adjusted)	$2,731,514	$2,731,514	$2,731,514	$8,194,541	$6,792,870

Networking Technology Cost Optimization

Evidence and data. Portnox Cloud enabled interviewees’ organizations to reduce infrastructure and operational costs significantly by eliminating the need for on-premises appliances, complex licensing models, and high-maintenance legacy systems. The shift to a cloud-native architecture removed expenses related to server hardware, lifecycle management, and specialized support. In some cases, organizations reported savings and other optimizations from:

Reducing capital expenditures for hardware. Portnox significantly reduced capital outlays by eliminating the need for on-premises network hardware, including servers, routers, switches, and associated storage and energy costs.
- The network engineering manager at the technology company explained that their organization experienced a 40% decrease in network hardware costs for servers, switches, etc. They also indicated that their organization could avoid costs to ship, store, and recycle hardware for additional savings across the product lifecycle and said, “Our costs with Portnox are about 40% lower than they would be with all other competitors, [and] I don’t have to buy servers.”
Lowering software and SaaS costs with fewer requirements. By consolidating multiple tools into a single cloud-native solution, interviewees’ organizations avoided complex infrastructure investments, reduced the need for virtual infrastructure to manage their modernized networks, and cut software licensing and SaaS expenses. Interviewees credited those savings with needing fewer tools for the same functionalities at a lower, more flexible cost basis than the prior environment.
- The information security manager at the entertainment company indicated that their organization avoided significant costs by investing in Portnox rather than several other tools with similar functionality (e.g., a legacy NAC solution, malware protection, and internet and web app security): “Our on-prem for Portnox was just in docker containers, that’s it. Before, with our legacy solution, we had three to four VMs, each one with 64 gigs of RAM running 20-something virtual CPUs with two terabytes of storage each, and of course, every one of those nodes had to be licensed and it was not fun.”
Dramatically reducing labor hours required for system management. Portnox reduced the time and effort required for network and server maintenance, allowing teams to free up valuable engineering resources and focus on higher-priority initiatives instead of routine system upkeep. Organizations reported a dramatic drop in maintenance time, as the platform’s “set it and forget it” nature allowed administrators to focus on higher-value activities such as security enforcement, network optimization, and user support. Features for MAC address and API integrations with identity providers and ticketing systems and real-time monitoring further minimized manual intervention. In some cases, automation and centralized visibility eliminated the need for one to two FTEs who would have managed access control at scale. These efficiencies translated to substantial cost savings and improved operational agility.
- The network engineering manager at the technology company shared how Portnox Cloud helped reduce maintenance time and effort tending to servers that were burning out and reaching end of life. They shared that their network team went from dedicating more than 60 hours per week across three networking FTEs down to around 1 hour of management per week: “[With Portnox Cloud], I don’t need to be in the server maintenance business. … Maintenance [by our] engineering resources literally went down to about 1 hour a week; that’s [a] big [difference].”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

In the prior environment, the composite organization spent $2.6 million on networking hardware, software, and SaaS costs.
With Portnox Cloud, the composite organization reduces capital outlays for on-premises network hardware and associated licensing, storage, and energy costs. It consolidates multiple tools into its single Portnox Cloud environment and reduces the need for virtual infrastructure. This decreases networking hardware, software, and SaaS costs by 40%.
In the prior environment, the composite organization dedicated three resources to maintaining the legacy network security stack.
With Portnox Cloud, the composite organization reduces the number of tools in its stack and switches to vendor-managed updates. This allows the composite organization to reallocate 90% NAC management labor to higher-value activities.
The fully burdened annual salary for a technical resource is $143,520.

Risks. The following risks may impact this benefit:

An organization’s size, networking and security maturity, number of legacy tools, and internal labor effort to manage them can all influence IT spend.
An organization’s use of Portnox Cloud services and actual costs for required capabilities and existing contractual terms, including support and/or warranty costs.
Prevailing labor rates and the skill sets available.

Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $2.8 million.

16,000+

Hours of network maintenance reallocated to higher-value activities with Portnox Cloud

“We don’t need as many tools to do the same things. We initially looked at spreading this whole [effort] out between three separate tools and now we’ve consolidated that into one.”

Information security manager, entertainment

Networking Technology Cost Optimization

Ref.	Metric	Source		Year 1	Year 2	Year 3
A1	Networking hardware and software/SaaS costs in the prior environment	Composite		$2,553,337	$2,553,337	$2,553,337
A2	Percentage reduction in networking hardware and software/SaaS costs with Portnox Cloud	Interviews		40%	40%	40%
A3	Subtotal: Reduction in networking hardware and software/SaaS costs	A1*A2		$1,021,335	$1,021,335	$1,021,335
A4	Total resources dedicated to networking hardware and software/SaaS maintenance in the prior environment	Composite		3	3	3
A5	Percentage NAC management labor reallocated to higher-value activities with Portnox Cloud	Interviews		90%	90%	90%
A6	Fully burdened annual salary for a technical resource	Composite		$143,520	$143,520	$143,520
A7	Subtotal: Reduction in labor hours dedicated to networking hardware and software/SaaS maintenance	A4A5A6		$387,504	$387,504	$387,504
At	Networking technology cost optimization	A3+A7		$1,408,839	$1,408,839	$1,408,839
	Risk adjustment	↓20%
Atr	Networking technology cost optimization (risk-adjusted)			$1,127,071	$1,127,071	$1,127,071
Three-year total: $3,381,214			Three-year present value: $2,802,859

Improved Business Agility

Evidence and data. Portnox’s cloud-native foundation allowed interviewees’ organizations to scale rapidly across geographies and business units without requiring additional infrastructure. Organizations opened and onboarded new sites without needing physical infrastructure or complex logistics, meaning they had minimal technical overhead for new sites, offices, and acquisitions. This reduction in effort and complexity allowed teams to expand or contract operations effortlessly, reducing waste and accelerating time to market.

The network manager at the utility company indicated that their organization was acquisitive, merging up to 20 acquired companies annually. They shared how Portnox Cloud helped their organization reduce onboarding time from days to hours: “We have an acquisition team that [used to] spend two business days getting the site converted for the average-sized site. But for Portnox, … the total time [is] about 5 hours.”
The network engineering manager at the technology company shared that their company was opening one or two offices a year and that Portnox accelerated business agility by enabling faster, more streamlined deployments across newly acquired sites and global offices. It rapidly reduced onboarding time, allowing teams to integrate new environments with minimal disruption and labor. They told Forrester: “I can add another 2,000 employees without asking for another new IT hire because I’m using Portnox right now, so I can scale really fast. Plus, I can use our engineering time to do what really matters, which is optimizing the end-office experience; improving productivity for the software engineering, QA, and testing teams; and having more time to spend one-on-one with people with issues than basically just telling them to open a ticket.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

The composite organization opens or acquires two new sites annually.
In the prior environment, the composite organization generated 1% of its revenue, or $160,256 per week, from growth activities (e.g., expanding and opening new sites, M&A).
In the prior environment, the composite organization took 24 weeks to deploy or integrate new sites due to site and capacity planning, hardware appliance purchasing and procurement cycles, third-party expertise, and internal labor hours dedicated to training on and deploying systems.
With Portnox Cloud, the composite streamlines processes for opening and onboarding news sites, reducing hardware and deployment time from two full weeks to just 5 hours per location, enabling faster and more efficient integration with minimal labor. Portnox improves business agility by enabling rapid deployments and seamless scalability across globally distributed locations, decreasing the time it takes the composite to open new sites by 90%.
The composite organization’s operating margin is 11%.

Risks. The following risks may impact this benefit:

An organization’s revenue, operating margin, and portion of revenue earned from companies acquired and/or new sites.
The number of companies acquired and/or new sites opened throughout the investment period and the legacy processes required to absorb a new company and/or open a new site in the prior environment.
Prevailing labor rates and the skill sets available.

Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.5 million.

90%

Faster time to value with Portnox Cloud

“[Before], onboarding an acquisition and folding [it] into our network was a two-day engagement. Now with Portnox, we have it down to a very efficient flow. We converted a site this morning in about 20 minutes. … With the reconnaissance that we do, overall, it’s about 2 hours to implement [Portnox Cloud at a site].”

Network manager, utilities

Improved Business Agility

Ref.	Metric	Source		Year 1	Year 2	Year 3
B1	Revenue per site per week	Composite		$160,256	$160,256	$160,256
B2	Sites opened or acquired per year	Composite		2	2	2
B3	Time to deploy or integrate a new site in the prior environment (weeks)	Composite		24	24	24
B4	Percentage reduction in time to open a new site with Portnox Cloud	Interviews		90%	90%	90%
B5	Operating margin	Composite		11%	11%	11%
Bt	Improved business agility	B1B2B3B4B5		$761,537	$761,537	$761,537
	Risk adjustment	↓20%
Btr	Improved business agility (risk-adjusted)			$609,229	$609,229	$609,229
Three-year total: $1,827,688			Three-year present value: $1,515,063

Reduced Costs Of A Material Data Breach

Evidence and data. Portnox Cloud strengthened interviewees’ network security by enforcing network-level access controls and device authentication, significantly reducing the risk of unauthorized access and lateral movement. Their organizations gained visibility into connected devices and proactively blocked rogue or unmanaged endpoints, which enhanced their security posture and contributed to measurable risk reductions.

The IT director at the healthcare organization said: “[In the prior environment], we found out people were bringing in personal laptops, [which was] a massive issue because they could access anything from our [medical records] database. That would be great for [allowing lateral movement if their device was already compromised. Things like that could potentially be catastrophic. … Portnox has helped patch one of our biggest holes in our security infrastructure. We know what’s plugged in now [that] Portnox Cloud is stopping that kind of stuff.”
The network manager at the utility company indicated that Portnox improved protection against rogue devices across their organization’s 760 remote-managed sites: “Portnox definitely improved [our] risk posture. We don’t have that exposure to someone just bringing a rogue device onto our primary network. [With Portnox, we can] rest a little easier knowing that we have that in place at [our] sites. It gives me more insight into my environment. We know the types of devices that are out there now, as compared to before when we didn’t.”
The IT security administrator at the education organization noted: “[With Portnox Cloud], we are not getting a lot of those false negatives anymore. … I think it’s doing a much better job of making sure the [end-user device] antivirus is up to date than the previous system was. The previous system was only really checking for the presence of it, not necessarily the efficacy or the quality of [the antivirus. Sometimes it] would just outright fail and allow a computer through and we wouldn’t even know.”
The director of infrastructure security at the hospitality company said that preventing unauthorized devices from accessing the network also significantly reduced the amount of troubleshooting their teams had to do: “People are much less likely to just plug in random devices because they know that they’re not going to work. … You can’t even connect a printer, so we don’t have to take that call. It adds consistency to the environment where there was inconsistency.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

According to Forrester research:
- The cumulative cost of breaches for the composite total $3.9 million per year in the prior environment.³
- The composite has a 67% likelihood of experiencing one or more breaches.⁴
- Thirty-five percent of breaches targeting the composite organization originate from external attacks from a network-connected device.⁵
With Portnox Cloud, the composite organization improves device visibility and data protection with automated policy enforcement, real-time endpoint risk posture assessment, and passwordless authentication via certificates. It centralizes access control to secure networks across endpoints, which, taken together, minimizes the composite’s exposure to breach costs from addressable attacks by 75%.

Risks. The following risks may impact this benefit:

An organization’s size, industry, location, security maturity, legacy security capabilities, and level of Portnox Cloud coverage and adoption, which may influence security and risk metrics and breach impacts.
The frequency of security incidents involving persistent threat actors and remediation efforts in the prior environment.

Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.3 million.

75%

Reduced risk of exposure to breach costs from addressable attacks with Portnox Cloud

“We have seen a drop in DOS attacks against our access points. We have seen fewer brute force password spray attacks to get onto the corporate network just because of how we have set up Portnox now.”

Information security manager, entertainment

Reduced Costs Of A Material Data Breach

Ref.	Metric	Source		Year 1	Year 2	Year 3
C1	Cumulative cost of breaches for the composite	Forrester research		$3,853,000	$3,853,000	$3,853,000
C2	Likelihood of experiencing one or more breaches for the composite	Forrester research		67%	67%	67%
C3	Percentage of breaches originating from a network-connected device	Forrester research		35%	35%	35%
C4	Annual risk exposure addressable with Portnox Cloud	C1C2C3		$903,529	$903,529	$903,529
C5	Reduced risk of exposure to breach costs from addressable attacks with Portnox Cloud	Interviews		75%	75%	75%
Ct	Reduced costs of a material data breach	C4*C5		$677,647	$677,647	$677,647
	Risk adjustment	↓20%
Ctr	Reduced costs of a material data breach (risk-adjusted)			$542,118	$542,118	$542,118
Three-year total: $1,626,353			Three-year present value: $1,348,166

Improved Performance And Connectivity

Evidence and data. By replacing unstable legacy systems with Portnox Cloud, interviewees’ organizations experienced fewer outages and improved network reliability. It reduced connection times from up to 10 seconds to near instantaneous, and authentication failures dropped dramatically. Helpdesk tickets related to connectivity issues decreased from dozens per day to just a few per month. These improvements translated to better availability of critical services and reduced business disruption, particularly in environments with high user mobility or distributed operations.

The network engineering manager at the technology company shared: “We used to have roughly a monthly outage due to [our legacy solution], and those outages varied from 15 devices not being able to connect to a thousand [employee and IoT] devices not being able to connect. … [Now we have] high availability … so it’s a really solid, fast deployment.”
The information security manager at the entertainment company told Forrester how Portnox improved network performance and connectivity by eliminating the need for on-site appliances and manual capacity planning, resulting in fewer outages and more reliable access. Its cloud-native architecture enhanced availability and resilience, allowing operations to continue even during regional disruptions. They said: “We would have a few outages because of the requirement for [our legacy solution] to have on-prem resourcing. If that site went down, then the VPN was just not accessible. Even if we had a backup VPN collector, we couldn’t authenticate. … [Portnox Cloud] is life-changing because now I can actually go on vacation and not have to worry about getting an email about why the network is down and have to hop on a hotspot somewhere.”
The information security manager at the entertainment company indicated that their organization’s prior environment often experienced widespread business disruption. With Portnox Cloud, however, they mitigated this disruption: “We wouldn’t be able to produce [items] that were producing future revenue. There was one instance that delayed us about a week. … [Even though Portnox is] a cloud solution, there’s also a significant ability to have on-prem as failover, so if you lose the cloud, you still are functioning. That’s another reason why it [provides] such good stability for the network and for people who need to be able to do what they need to do.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

In the prior environment, the composite organization experienced 36 hours of network downtime annually due to outages and severe performance degradations, which impacted 15% of revenue-related systems.
With Portnox Cloud, the composite organization improves network performance and connectivity by eliminating the need for additional appliances, whether proprietary servers or VMs. It improves onboarding and offboarding through automation and continues to uphold network integrity and availability, resulting in fewer outages and more reliable access. Its cloud-native architecture enhances availability and resilience and reduces the total annual hours of downtime due to outages by 95%, recapturing 34 hours of network downtime. By reducing downtime and operational disruptions, Portnox enables teams to maintain productivity and avoid delays in revenue-generating activities.
The fully burdened hourly rate for an end user is $40, and end users reattribute 25% of time savings to productive use.
The composite organization’s operating margin is 11%.

Risks. The following risks may impact this benefit:

An organization’s size, industry, and location, which may impact profitability, network performance, uptime, and other network availability factors prior to Portnox Cloud.
Prevailing labor rates and the extent to which end users can recapture saved time toward productive work.

Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $637,000.

34 hours

Annual network downtime recaptured with Portnox Cloud

“[The] benefit of Portnox’s cloud-native service [means] if something in our data center goes down, then the students are still able to get to it … and it’s still able to do the blocking even if they’re not able to reach our servers.”

IT security administrator, education

Improved Performance And Connectivity

Ref.	Metric	Source		Year 1	Year 2	Year 3
D1	Annual network downtime in the prior environment (hours)	Composite		36	36	36
D2	Percentage improvement in performance and connectivity with Portnox Cloud	Interviews		95%	95%	95%
D3	Annual network downtime recaptured with Portnox Cloud (hours)	D1*D2		34	34	34
D4	Percentage of revenue-related systems impacted by network downtime in the prior environment	Composite		15%	15%	15%
D5	Average revenue generated per hour	Composite		$570,776	$570,776	$570,776
D6	Operating margin	Composite		11%	11%	11%
Dt	Improved performance and connectivity	D3D4D5*D6		$320,205	$320,205	$320,205
	Risk adjustment	↓20%
Dtr	Improved performance and connectivity (risk-adjusted)			$256,164	$256,164	$256,164
Three-year total: $768,492			Three-year present value: $637,042

Improved Network Operations

Evidence and data. Portnox Cloud unified and simplified network access management, allowing IT teams to categorize devices, enforce policies, and troubleshoot issues more efficiently. The platform’s agentless and agent-based options supported flexible deployment across diverse environments. Interviewees reported streamlined workflows, reduced manual effort, and improved operational consistency. This freed up IT staff to focus on higher-value initiatives such as automation, architecture optimization, and security enforcement.

The director of infrastructure security at the hospitality company shared several time-saving automations that benefited their networking team, including an automatic daily email report identifying switches the team needed to enroll in the program. The importance of these and other automations was significant: “I would say all of the above innovations eliminate the need for one to two additional FTEs to support this solution. We would never be able to handle the volume of requests or operationally maintain the solution at current staffing levels without these automations. [For another option we considered], we were going to have to run in [the public cloud with virtual infrastructure] on top of it and then [the NAC solution] on top of that. It was an incredibly complex solution to manage. … [We] estimated that we would need six FTEs dedicated to managing the [competitor NAC solution, versus] one-quarter of an FTE for Portnox.”

The network engineering manager at the technology company indicated that Portnox Cloud had quicker, more intuitive workflows compared to their prior environment, which permitted faster onboarding of critical, high-value developer resources: “Once we deploy it, we don’t have to do a lot of changes. If you like what you see, just keep it this way and move on with your life. That’s one of the nice things about Portnox. … I want to get someone who doesn’t know anything about the tool to be an expert within 80 hours, two weeks. This is really feasible with Portnox, but was not feasible with other products.”

The network manager at the utility company discussed how Portnox Cloud made it significantly easier for network security resources to track and shut down rogue devices: “Just tracking down rogue devices or investigating something [has] definitely saved us some time. … Portnox gave us insight about radius authentication for endpoint devices and IoT devices. We are also using TACACS, which is to authenticate to switches once we roll Portnox or network-attached storage devices and that gives us some insight into who’s doing what in our environment. We did not have that before. We were using local logins on network devices. We have that accounting of changes and access that we did not have before.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

In the prior environment, the composite dedicated five FTEs to networking operations.
With Portnox Cloud, the composite network teams can better categorize devices, more consistently enforce policies, and more efficiently troubleshoot issues. The teams leverage streamlined workflows in the cloud-native environment, reducing manual effort and improving operational consistency. This allows the networking team to reallocate 25% of its networking operations to higher-value activities without needing to add resources as the organization scales.
The average fully burdened annual salary for a technical resource is $143,520.

Risks. The following risks may impact this benefit:

The number of users and the amount of time spent configuring and enforcing policies, provisioning users and sites, and other relevant NetOps activities.
Legacy processes and solutions required to add, secure, and manage users and networking infrastructure in the prior environment.
Prevailing labor rates, the skill sets available, and the extent to which IT resources can recapture time savings toward productive work.

Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $379,000.

7,800

Hours of networking labor reallocated to higher-value activities with Portnox Cloud

“Now we’re able to group users and devices a lot easier … and we’ve definitely gone a lot more granular with access. Portnox has allowed us to get our other systems much more in line with the framework that we set up with the segmentation. … So if we need to lock something up, we can do it very quickly, both on network and off-prem, and it’s a lot simpler.”

Information security manager, entertainment

Improved Network Operations

Ref.	Metric	Source		Year 1	Year 2	Year 3
E1	FTEs dedicated to networking operations in prior environment	Composite		5	5	5
E2	Percentage networking operations reallocated to higher-value activities with Portnox Cloud	Interviews		25%	25%	25%
E3	Fully burdened annual salary for a technical resource	Composite		$143,520	$143,520	$143,520
Et	Improved network operations	E1E2E3		$179,400	$179,400	$179,400
	Risk adjustment	↓15%
Etr	Improved network operations (risk-adjusted)			$152,490	$152,490	$152,490
Three-year total: $457,470			Three-year present value: $379,220

Improved End-User Experience

Evidence and data. Interviewees described how their organizations’ Portnox Cloud environments benefited end users, from faster onboarding and fewer disruptions to more consistent access locations. Portnox Cloud’s automation and self-service capabilities enabled immediate resolution of access issues, often within minutes, without requiring IT intervention. This significant reduction in end-user downtime improved productivity and enhanced user satisfaction. In particular, interviewees shared how Portnox enabled easier and more streamlined secure access to network resources with:

Improved posturing approaches. The information security manager at the entertainment company described how Portnox Cloud impacted their end users’ ability to connect to network resources, something they needed to do multiple times a day. They indicated that the Portnox environment was faster, easier, and safer: “I think posturing has definitely become a lot easier for them since Portnox takes the agent-based approach. That process is a lot faster and a lot smoother. Initially, if they wanted to access a protected resource, it would take a good amount of time, several retries [totaling] 1 minute, maybe up to 2 minutes. They would often have complete network drops on their devices before they got access to anything. But with Portnox, we really haven’t seen that.”
Passwordless authentication via certificates. The information security manager at the entertainment company indicated: “With the old environment, we had to run physical nodes everywhere and each one of those physical nodes had its own certificate, so if a user went to a different site, they would be prompted to accept the new certificate. [Now with Portnox], people can go to any of our facilities, and they’re automatically connected, they don’t have to reauthenticate. They have certificates on the machine, and they are ready to roll.”
Reduced impact area. The information security manager at the entertainment company further indicated that Portnox Cloud’s improved performance reduced the frequency as well as the breadth of network-related disruptions: “In the prior environment, people were having problems connecting to the internet every day and it wasn’t just our time [in IT that was impacted] — the whole organization’s time was impacted. And now when we hear about [any connection issues with Portnox], it’s much, much rarer and it’s usually restricted to one or two people rather than a whole building, and those usually tend to be more of a user error than a technology [issue].”
Less disruptive device remediation procedures. The information security manager at the entertainment company indicated that Portnox Cloud provided their users with a more seamless experience, even when their devices were engaged in remediation activities: “It’s a much more graceful failure for the users. With Portnox, they are just over on the guest network rather than completely cut off, so the experience has probably improved for end users.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

In the prior environment, 10,000 FTEs required access to protected network resources.
On average, it took 10 seconds to access a protected network resource in the prior environment, which FTEs accessed an average of 250 times annually. This led to FTEs spending nearly 7,000 hours accessing protected resources annually across the entire organization.
With Portnox Cloud, the composite organization’s users connect to their network more seamlessly, regardless of their location or device. Connections are faster with fewer reboots, and passwordless authentication leads to less chance for human error. This reduces the time to access a protected resource by 80%.
The fully burdened hourly rate for an end user is $40, and end users reattribute 25% of time savings to productive use.

Risks. The following risks may impact this benefit:

The performance of an organization’s legacy environment.
The size of an organization, its employee base, and the breadth of Portnox Cloud adoption.
Prevailing labor rates and each user’s ability to recapture time savings toward productive activities.

Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $111,000.

80%

Reduction in time to access network resources with Portnox Cloud

“The average time to connect [to a network resource] when we were on [our legacy NAC server] was about 10 seconds for a successful connection, which of course, the users were going to notice right away. With Portnox, it’s pretty much instantaneous.”

Information security manager, entertainment

Improved End-User Experience

Ref.	Metric	Source		Year 1	Year 2	Year 3
F1	Total FTEs accessing protected network resources	Composite		10,000	10,000	10,000
F2	Total time to access a protected network resource in the prior environment (seconds)	Composite		10	10	10
F3	Total annual end-user time spent accessing a protected resource in the prior environment (hours)	(F1F2250) /3,600		6,944	6,944	6,944
F4	Percentage reduction in time to access a resource with Portnox Cloud	Interviews		80%	80%	80%
F5	Productivity recapture	TEI methodology		25%	25%	25%
F6	Average fully burdened hourly rate for an end user	Composite		$40	$40	$40
Ft	Improved end-user experience	F3F4F5*F6		$55,552	$55,552	$55,552
	Risk adjustment	↓20%
Ftr	Improved end-user experience (risk-adjusted)			$44,442	$44,442	$44,442
Three-year total: $133,325			Three-year present value: $110,520

Unquantified Benefits

Interviewees mentioned the following additional benefits that their organizations experienced but were not able to quantify:

SecOps and disaster recovery improvements. Portnox Cloud enhanced security operations by improving visibility into device authentication and enabling more consistent policy enforcement across distributed environments. The cloud-native architecture supported faster recovery times, with the ability to isolate compromised devices and integrate with endpoint detection tools contributing to a more resilient and proactive security posture.
- The network engineering manager at the technology company reported strengthened data protections as well as improved posturing and segmentation capabilities, which reduced disaster recovery windows: “[With Portnox], we don’t have to back up any data; we don’t have to do anything. … [Disaster] recovery will be really fast. … We’re going from 16 hours roughly down to 6 hours.”
IT help desk optimization. Deploying Portnox Cloud led to measurable reductions in help desk workload and ticket volume. Interviewees’ organizations that previously handled dozens of access-related tickets daily saw that number drop to just a few per month. Automated workflows and real-time visibility allowed lower-tier support staff to resolve issues independently, reducing escalations and improving response times. In some cases, self-service mechanisms resolved device unblock requests within minutes, significantly improving operational efficiency and freeing up IT resources for strategic initiatives.
- The information security manager at the entertainment company reported that their organization’s helpdesk teams experienced a sharp decline in access-related help desk ticket volumes, from 12 tickets a day for one site to 12 tickets a month for all sites, enhancing user satisfaction and support efficiency: “We reduced help desk load because we have fewer access-related issues. … [Portnox] has really helped cut down a lot on the troubleshooting time and streamlines everything. … Most of the time it takes maybe about 5 minutes for their device to start working again, whereas previously, I’d have to be in there for probably 20 or 30 minutes to figure out what the issue was and then get it changed.”
Improved cyber insurance posture. Portnox Cloud contributed to stronger compliance alignment and risk mitigation, which improved organizations’ standing with cybersecurity insurers. By enforcing port-level security and preventing unauthorized device access, organizations met key insurance criteria and reduced exposure to potential breaches. Several organizations noted that Portnox Cloud helped them retain coverage or qualify for lower premiums by demonstrating enhanced control over network access and endpoint hygiene. The platform’s integration with identity providers and endpoint protection systems further supported audit readiness and policy compliance.
- The IT security administrator at the education organization noted: “The cyber insurance premiums were going up, so we started shopping around and finding out that if we made a few changes, they could drop by a couple hundred thousand dollars per year. That was definitely a big push for being able to save money [with Portnox] that we can invest elsewhere to improve the quality of our network.”

“Portnox has been referenced as a positive with [our cyber insurance providers]. I believe they appreciate that we have [Portnox as our] NAC. When it comes to the data that we generate about the networks, we don’t have these unmanaged piles of security risk with individual devices, so it makes our data look a lot cleaner.”

Director of infrastructure security, hospitality

Flexibility

The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement Portnox Cloud and later realize additional uses and business opportunities, including integrations with other network, security, and operational tools.

The information security manager at the entertainment company indicated that their organization was looking at integrating Portnox with SentinelOne, their managed detection and response platform: “I’m anticipating that will help significantly because it looks like from the roadmap, Portnox will be able to tell SentinelOne to isolate and do all these other automations and such.”
The network engineer at the technology company shared: “Integration with modern services is key. As we’re shifting our organization to more cloud-centric platforms, [our legacy NAC] could not support that. In terms of integrations, any kind of authentication against our identity provider just did not work very well, [whereas] with Portnox, integrations work great.”

Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Total Economic Impact Approach).

Analysis Of Costs

Quantified cost data as applied to the composite

Total Costs

Ref.	Cost	Initial	Year 1	Year 2	Year 3	Total	Present Value
Gtr	Portnox Cloud annual costs	$0	$660,000	$660,000	$660,000	$1,980,000	$1,641,322
Htr	Deployment and administration	$79,488	$14,242	$12,917	$12,917	$119,563	$112,815
	Total costs (risk-adjusted)	$79,488	$674,242	$672,917	$672,917	$2,099,563	$1,754,137

Portnox Cloud Annual Costs

Evidence and data. Portnox Cloud enabled interviewees’ organizations to streamline licensing and reduce software-related overhead by offering a scalable, subscription-based model. The flexibility of the model allowed organizations to scale use without immediate penalties or service interruptions. This approach supported dynamic environments where device counts fluctuated due to growth, acquisitions, or seasonal demand.

The network engineering manager at the technology company shared that their Portnox Cloud’s subscription-based licensing scheme was flexible and scalable, requiring no new servers or resources and with no hard limits on additional licenses: “Portnox is easy to scale. I don’t have to deploy any new servers or any new resources. I was just going to ask for more licenses. … Cost efficiency is really great because it’s subscription based. I’m just going to pay for the licenses that I’m using.”
Pricing may vary. Contact Portnox for additional details.

Modeling and assumptions. Based on the interviews, Forrester assumes the composite organization licenses 50,000 devices with a mix of full agent deployments and standard device coverage over a three-year period.

Risks. Risks that may impact this cost include the number of Portnox solutions deployed, and the size, coverage, and adoption of the Portnox Cloud deployment.

Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.6 million.

“When you’re talking about solutions that have such potential for operational impacts, I don’t think this is a place to cheap out. Our core competency is not building network security solutions.”

Director of infrastructure security, hospitality

Portnox Cloud Annual Costs

Ref.	Metric	Source	Initial	Year 1	Year 2	Year 3
G1	Portnox Cloud annual costs	Composite	$0	$600,000	$600,000	$600,000
Gt	Portnox Cloud annual costs	G1	$0	$600,000	$600,000	$600,000
	Risk adjustment	↑10%
Gtr	Portnox Cloud annual costs (risk-adjusted)		$0	$660,000	$660,000	$660,000
Three-year total: $1,980,000			Three-year present value: $1,641,322

Deployment And Administration

Evidence and data. Organizations experienced streamlined and cost-effective deployments with Portnox Cloud, avoiding the need for complex infrastructure or extensive professional services. Initial setup timelines varied depending on scale, with some organizations completing pilot deployments in less than a week and full rollouts across dozens of sites within a few months. Some organizations opted for slower implementation schedules due to business requirements specific to their organizations.

Deployment. Portnox’s cloud-native architecture eliminated the need for on-premises appliances, reducing hardware provisioning, shipping logistics, and associated costs. Resource-constrained internal teams were able to manage deployments without requiring additional headcount or external consultants, thanks to Portnox’s intuitive configuration workflows and automation capabilities. In one case, deployment across 36 global offices took approximately six months to complete, while another organization onboarded hundreds of sites over a two-year period.
- The information security manager at the entertainment company indicated a conservative, low-impact deployment process to minimize disruption: “We had Portnox done in no more than four months from the time that we first contacted them to the time that we got stable. With [our legacy NAC solution], we were at that point barely after two years of deployment.”
Administration. Portnox Cloud significantly reduced ongoing administrative overhead by simplifying network access controls and automating routine tasks.
- The network manager at the utility company indicated: “The ongoing management costs … are going to be pretty low. ... Even at scale, even at full implementation, I can’t see us dedicating more than probably 3 hours total a week in Portnox.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

In the initial two-month deployment period, the composite partially dedicates four resources to standing up the Portnox Cloud. Each resource dedicates an average of 240 hours to initial deployment.
The composite organization scales Portnox Cloud across the remainder of the organization’s 50,000 devices at 150 sites in Year 1, with three resources dedicating 40 hours each to the global implementation of Portnox Cloud.
In Year 1, the composite organization dedicates 1 hour per week to maintaining the existing Portnox environment. After full-scale implementation, it dedicates 3 hours per week to maintenance and administration.
The fully burdened hourly rate for resources dedicated to deployment and management is $69.

Risks. The following risks may impact this cost:

The size, scope, and complexity of deployment and the legacy environment.
Implementation and ongoing management requirements, organizational priorities, and change management efforts.
Prevailing labor rates, internal skill sets, and training requirements for IT resources and end users.

Results. To account for these risks, Forrester adjusted this cost upward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $113,000.

“Portnox Cloud has proven that NAC can be deployed in a global enterprise environment without blowing everything up. … The mixture of Portnox capabilities as well as the automation and integrations that we built in mitigates that.”

Director of infrastructure security, hospitality

Deployment And Administration

Ref.	Metric	Source	Initial	Year 1	Year 2	Year 3
H1	Total internal resources dedicated to deployment and implementation	Interviews	4	3	0	0
H2	Average time dedicated to initial deployment per resource (hours)	Interviews	240	0	0	0
H3	Average time dedicated to global implementation per resource (hours)	Interviews	0	40	0	0
H4	Fully burdened hourly rate for resources dedicated to deployment and management	Composite	$69	$69	$69	$69
H5	Subtotal: Deployment and scaling	(H1(H2+H3))H4	$66,240	$8,280	$0	$0
H6	Administration time per year (hours)	Interviews	0	52	156	156
H7	Subtotal: Administration	H4*H6	0	$3,588	$10,764	$10,764
Ht	Deployment and administration	H5+H7	$66,240	$11,868	$10,764	$10,764
	Risk adjustment	↑20%
Htr	Deployment and administration (risk-adjusted)		$79,488	$14,242	$12,917	$12,917
Three-year total: $119,563			Three-year present value: $112,815

Financial Summary

Consolidated Three-Year, Risk-Adjusted Metrics

Cash Flow Chart (Risk-Adjusted)

[CHART DIV CONTAINER]

Total costs Total benefits Cumulative net benefits Initial Year 1 Year 2 Year 3

Cash Flow Analysis (Risk-Adjusted)

	Initial	Year 1	Year 2	Year 3	Total	Present Value
Total costs	($79,488)	($674,242)	($672,917)	($672,917)	($2,099,563)	($1,754,137)
Total benefits	$0	$2,731,514	$2,731,514	$2,731,514	$8,194,541	$6,792,870
Net benefits	($79,488)	$2,057,272	$2,058,597	$2,058,597	$6,094,978	$5,038,733
ROI						287%
Payback						<6 months

Please Note

The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.

These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.

The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.

From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment in Portnox Cloud.

The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Portnox Cloud can have on an organization.

Due Diligence

Interviewed Portnox stakeholders and Forrester analysts to gather data relative to Portnox Cloud.

Interviews

Interviewed six decision-makers at organizations using Portnox Cloud to obtain data about costs, benefits, and risks.

Composite Organization

Designed a composite organization based on characteristics of the interviewees’ organizations.

Financial Model Framework

Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.

Case Study

Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.

Total Economic Impact Approach

Benefits

Benefits represent the value the solution delivers to the business. The TEI methodology places equal weight on the measure of benefits and costs, allowing for a full examination of the solution’s effect on the entire organization.

Costs

Costs comprise all expenses necessary to deliver the proposed value, or benefits, of the solution. The methodology captures implementation and ongoing costs associated with the solution.

Flexibility

Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. The ability to capture that benefit has a PV that can be estimated.

Risks

Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”

Financial Terminology

Present value (PV)

The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feeds into the total NPV of cash flows.

Net present value (NPV)

The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.

Return on investment (ROI)

A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.

Discount rate

The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.

Payback

The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.

Appendix A

Total Economic Impact

Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists solution providers in communicating their value proposition to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of business and technology initiatives to both senior management and other key stakeholders.

Appendix B

Endnotes

¹ Source: The Top 10 Trends In IT Networking, 2025, Forrester Research, Inc., July 14, 2025.

² Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists solution providers in communicating their value proposition to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of business and technology initiatives to both senior management and other key stakeholders.

³ Regression analysis of the reported total cumulative costs of all breaches experienced by security decision-makers’ organizations in the past 12 months. The composite organization’s revenue is used as the input to the regression formula. Source: Forrester’s Security Survey, 2024, “Using your best estimate, what was the total cumulative cost of all breaches experienced by your organization in the past 12 months?” Base: 1,660 global security decision-makers who have experienced a breach in the past 12 months.

⁴ Regression analysis of the likelihood of experiencing one or more breaches, using the frequency that organizations experienced breaches in the past 12 months as reported by security decision-makers. The composite organization’s revenue is used as the input to the regression formula. Source: Forrester’s Security Survey, 2024, “How many times do you estimate that your organization’s sensitive data was potentially compromised or breached in the past 12 months?” Base: 2,769 global security decision-makers.

⁵ Percentage of breaches by primary attack vector for breaches, as reported by security decision-makers whose organizations experienced at least one breach in the last 12 months. Source: Forrester’s Security Survey, 2024, “Of the times that your organization’s sensitive data was potentially compromised or breached in the past 12 months, please indicate how many of each fall into the categories below.” Base: 1,542 global security decision-makers who have experienced a breach in the past 12 months.

Disclosures

Readers should be aware of the following:

This study is commissioned by Portnox and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.

Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Portnox Cloud. For any interactive functionality, the intent is for the questions to solicit inputs specific to a prospect’s business. Forrester believes that this analysis is representative of what companies may achieve with Portnox Cloud based on the inputs provided and any assumptions made. Forrester does not endorse Portnox or its offerings. Although great care has been taken to ensure the accuracy and completeness of this model, Portnox and Forrester Research are unable to accept any legal responsibility for any actions taken on the basis of the information contained herein. The interactive tool is provided ‘AS IS,’ and Forrester and Portnox make no warranties of any kind.

Portnox reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.

Portnox provided the customer names for the interviews but did not participate in the interviews.

Consulting Team:

Courtenay O’Connor

Published

December 2025

The Total Economic Impact™ Of Portnox Cloud

Cost Savings And Business Benefits Enabled By Portnox Cloud

Table Of Contents

Executive Summary

287%

Return on investment (ROI)

$5.0M

Net present value (NPV)

Key Findings

90%

Key Statistics

287%

$6.8M

$5.0M

<6 months

Benefits (Three-Year)

The Portnox Cloud Customer Journey

Drivers leading to the Portnox Cloud investment

Interviews

Key Challenges

Investment Objectives

Composite Organization

KEY ASSUMPTIONS

Analysis Of Benefits

Quantified benefit data as applied to the composite

Total Benefits

Networking Technology Cost Optimization

16,000+

Networking Technology Cost Optimization

Improved Business Agility

90%

Improved Business Agility

Reduced Costs Of A Material Data Breach

75%

Reduced Costs Of A Material Data Breach

Improved Performance And Connectivity

34 hours

Improved Performance And Connectivity

Improved Network Operations

7,800

Improved Network Operations

Improved End-User Experience

80%

Improved End-User Experience

Unquantified Benefits

Flexibility

Analysis Of Costs

Quantified cost data as applied to the composite

Total Costs

Portnox Cloud Annual Costs

Portnox Cloud Annual Costs

Deployment And Administration

Deployment And Administration

Financial Summary

Consolidated Three-Year, Risk-Adjusted Metrics

Cash Flow Chart (Risk-Adjusted)

Cash Flow Analysis (Risk-Adjusted)

Please Note

TEI Framework And Methodology

Due Diligence

Interviews

Composite Organization

Financial Model Framework

Case Study

Glossary

Total Economic Impact Approach

Benefits

Costs

Flexibility

Risks

Financial Terminology

Present value (PV)

Net present value (NPV)

Return on investment (ROI)

Discount rate

Payback

Appendixes

Appendix A

Total Economic Impact

Appendix B