Fortinet white logo
Fortinet white logo

New Features

Asset Identity Center page 7.0.2

Asset Identity Center page 7.0.2

The Asset Identity Center page unifies information from detected addresses, devices, and users into a single page, while building a data structure to store the user and device information in the backend. Asset view groups information by Device, while Identity view groups information by User. Hover over a device or a user in the GUI to perform different actions relevant to the object, such as adding a firewall device address, adding an IP address, banning the IP, quarantining the host, and more.

To view the Asset Identity Center page:
  1. Go to Security Fabric > Asset Identity Center.
  2. Click Asset to view information by device. The default columns are Device, Software OS, Hardware, FortiClient User, User, Status Vulnerabilities, and Last Seen. The optional columns are Address, Firewall Address, Hostname, IP Address, and Server.

  3. Click Identity to view information by user. The default columns are User, Device, and Properties. The optional columns are IP Address, Logoff Time, and Logon Time.

    Each view has a dropdown option to view the information within different time frames (Latest, 1 hour, 24 hours, and 7 days). Vulnerability information is displayed when applicable. The page displays user and device relationships, such as which users are logged in to multiple devices or if multiple users are logged in to single devices.

  4. Hover over a device in the list to view the tooltip and possible actions. In this example, the available actions are add firewall device address, add firewall IP address, and quarantine the host.

Diagnostics for the unified user device store

The following options have been added to diagnose user-device-store unified <option>:

Option

Description

device-memory-query

Get device records and associated user records from memory.

device-query

Get device records and associated user records from memory and disk.

user-memory-query

Get user records and associated device records from memory.

user-query

Get user records and associated device records from memory and disk.

re-query

Retrieve query by <query-id> <iteration-start> <iteration-count> (takes 0-3 arguments).

list

List unified queries.

clear

Delete all unified queries.

dump

Dump unified query stats by <query-id> (takes 0-1 arguments).

delete

Delete unified query by <query-id> (takes 0-1 arguments).

stats

Get statistics for unified queries.

debug

Enable/disable debug logs for unified queries.

Asset Identity Center page 7.0.2

Asset Identity Center page 7.0.2

The Asset Identity Center page unifies information from detected addresses, devices, and users into a single page, while building a data structure to store the user and device information in the backend. Asset view groups information by Device, while Identity view groups information by User. Hover over a device or a user in the GUI to perform different actions relevant to the object, such as adding a firewall device address, adding an IP address, banning the IP, quarantining the host, and more.

To view the Asset Identity Center page:
  1. Go to Security Fabric > Asset Identity Center.
  2. Click Asset to view information by device. The default columns are Device, Software OS, Hardware, FortiClient User, User, Status Vulnerabilities, and Last Seen. The optional columns are Address, Firewall Address, Hostname, IP Address, and Server.

  3. Click Identity to view information by user. The default columns are User, Device, and Properties. The optional columns are IP Address, Logoff Time, and Logon Time.

    Each view has a dropdown option to view the information within different time frames (Latest, 1 hour, 24 hours, and 7 days). Vulnerability information is displayed when applicable. The page displays user and device relationships, such as which users are logged in to multiple devices or if multiple users are logged in to single devices.

  4. Hover over a device in the list to view the tooltip and possible actions. In this example, the available actions are add firewall device address, add firewall IP address, and quarantine the host.

Diagnostics for the unified user device store

The following options have been added to diagnose user-device-store unified <option>:

Option

Description

device-memory-query

Get device records and associated user records from memory.

device-query

Get device records and associated user records from memory and disk.

user-memory-query

Get user records and associated device records from memory.

user-query

Get user records and associated device records from memory and disk.

re-query

Retrieve query by <query-id> <iteration-start> <iteration-count> (takes 0-3 arguments).

list

List unified queries.

clear

Delete all unified queries.

dump

Dump unified query stats by <query-id> (takes 0-1 arguments).

delete

Delete unified query by <query-id> (takes 0-1 arguments).

stats

Get statistics for unified queries.

debug

Enable/disable debug logs for unified queries.