Configure profiled devices
The profiled devices view displays a list of devices that have been profiled using the device profiling rules. Based on how closely each device matched a rule it was given a device type and placed either in the Inventory, the Host View, or both. Devices placed in the Inventory do not display on the Profiled Devices tab. Devices placed in the Host View are shown on the Profiled Devices tab. When a device is registered and it has an associated user, it is removed from the Profiled Devices tab and displays only in the Host View.
Administrators can access this list of devices. Device managers can only see those devices that match rules listed in the device manager's profile.
Only administrators with additional permissions have access to the Views column, as well as Rule Settings, Confirm Rule, and Details on the Profiled Devices view. See Permissions list for additional information.
Entries in this window are devices that require network services. Typically they include things such as mobile devices, gaming devices or PCs. They are considered hosts on the network. Only those devices associated with a device profiling rule are displayed.
New devices are not displayed in the Profiled Devices view unless you click Refresh or close and reopen the tab.
Devices identified by a device profiling rule maintain their association with that rule. If rule confirmation is enabled, the associated rule and the device are checked periodically to see if the rule is still valid for the device. Rule confirmation can be enabled for a rule, which affects all devices associated with the rule, or it can be enabled for individual devices.
Settings
Field |
Definition |
---|---|
Rogue Evaluation Queue Size |
Indicates the number of rogues waiting to be processed by the device profiling rules. The queue is filled by rogues as they connect to the network. If Run on the Device Profiling Rules window is clicked, any rogues that were not previously categorized are added to the queue immediately. This number will move up and down as the system processes rogues. |
Name |
Name of the user associated with this device or the name of the manufacturer. For example, if a PC connects and has no associated user, you may see DELL, INC. in the name field. If the device is registered, but has no associated user the name field may be blank. Devices that are registered and have an associated user display in the Host View but are removed from the Profiled Devices tab. |
Rule Name |
Name of the Device Profiling Rule that was a match for this device. |
Type |
Icon that represents the type of host, such as Mobile Device or Gaming System. This field is populated by the Device Profiling Rule. Device type can also be assigned by vendor OUI; however, the type in the Device Profiling Rule takes precedence. If this host is associated with a user, a host status icon is displayed. See Icons |
Role |
Role assigned to this host by the Device Profiling Rule. Roles can also be assigned by vendor OUI; however, the role in the Device Profiling rule takes precedence. |
IP address |
IP address of the device. |
Physical Address |
MAC address of the device. |
Location |
Location where the device connected to the network. |
Notes |
Indicates whether or not there are notes for this device. |
Registered |
Indicates whether or not the device is registered. |
Views |
Displays icons for the FortiNAC views that can be accessed for this device. Click an icon to go to the view. Possible views include: Adapter, group membership, port properties and Device Properties. |
Confirm Rule On |
If enabled, device profiler confirms that previously profiled devices still match their associated rule the next time they connect to the network. A green check mark indicates that the option is enabled. A red circle indicates that the option is disabled. |
Confirm Rule Interval |
If enabled, displays the interval used to confirm device rules, such as 2 Days. Indicates that device profiler will confirm that the associated rule matches the device every two days. |
Last Confirmation Time |
If Rule Confirmation is enabled, this column displays the last time this device had its associated rule confirmed. |
Confirmation Failure Action |
If Rule Confirmation is enabled, this column indicates the action to be taken if a device no longer matches its associated rule. Options are Disable Device or None. |
Export |
Exports data to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data. |
Right click options |
|
Register As Device |
Registers selected devices. If the device is not associated with a user, the name is blank or displays as ROGUE, ROGUE. If the device is associated with a user, it is removed from the Profiled Devices tab and displays in the Host View. |
Delete |
Deletes selected devices from the database. This deletes the hosts from both the Profiled Devices window and the Host View. |
Rule Settings |
Changes rule confirmation settings for the selected device. |
Confirm Rule |
Runs the rule confirmation process for the selected device. If the device does not match the rule an event is generated. See Events and alarms. The device must be online in order to confirm the associated rule. |
Details |
Allows you to modify the role of a single device. Only available for Administrators users. |
Notes |
Opens the Notes window for the selected device. Allows you to add a note and view previous notes. Notes include the date and time they were created. |
Enable |
Enables the selected device. |
Disable |
Disables the selected device. |
Export profiled devices
This option on the Profiled Devices tab allows you to export the device data displayed in the tab.
- Click Users & Hosts > Profiled Devices.
- A list of devices is displayed.
- At the bottom of the window in the Export to: section select the file format for the export file.
- Either save or open the file created.