In FortiNAC, endpoint compliance is typically defined during the Policy configuration stage. This stage involves setting up policies that determine the requirements for devices to be considered compliant before they are allowed network access. These policies may include checks for antivirus status, operating system patches, and other security criteria.

There are four key configuration stages in a FortiNAC deployment: Management configuration is where all the administrative tasks are carried out, like licensing, configuring management interfaces, uploading SSL certificates for agent communication, captive portal. The configuration wizard is used to define the FortiNAC captive networks. Network modelling is where you will add the devices for the endpoints to be connected, for example, FortiGate, FortiSwitch, FortiAP. To model devices, FortiNAC requires SNMP and ICMP connectivity to these devices. Device onboarding is where devices are detected and profiled, for example, corporate devices, BYOD, IoT. After the device is detected and profiled, the device is registered and provided with different access levels based on policy configuration. Policy configuration decides the different access levels that can be provided to a device, based on device profiles, endpoint compliance.