Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • IOT Deployment Guide

    Home FortiNAC-F 7.2.0 IOT Deployment Guide
    7.2.0
    7.6.0
    7.4.0
    7.2.0

    Profiling IoT Devices

    Profiling IoT Devices

    Device profiler is a mechanism that automatically categorizes and controls unknown or rogue devices that connect to your network and receive an IP address. Running continuously, this process scans the host database for rogues with IP addresses and assigns them a device type based on profiles or rules set up in FortiNAC. Device profile rules use information such as operating system and vendor OUI to determine what the connecting device might be. The Device Profiler is installed with some default rules which can be refined; new rules can be added as well. You can evaluate uncategorized rogues manually as new rules are added or existing rules are modified.

    After a device has been categorized, the rule used to profile the device is associated with that device. If the device disconnects from the network and later reconnects, the device profiler confirms that the device still matches the rule. If the device does not match its associated rule, the device profiler can disable the device or notify the administrator by using events and alarms. Rule confirmation is an optional setting. This setting can be applied globally on the rule itself or individually on a profiled device.

    FortiNAC supports up to 26 methods of device profiling; in this section, we will create the profile definitions for IOT Devices. The initial example profiles a FortiCamera using the active method based on NMAP scans. The same steps can be used to define profiling with other methods.

    Profile IoT Devices

    1. In the FortiNAC management interface, go to Users & Hosts and click on Device Profiling Rules. Click Add.

    2. In the General tab, configure the following options:

      • Check the Enabled checkbox

      • Name: FortiCamera(nmap)

      • Registration: Automatic

      • Type: Camera

      • Role: Click Add and use “IP_Camera” in the field and click OK.

      • Register as: Device in Host View.

      • Check Add to Group: Click Add and use the “IP_Cameras” as group name.

      Graphical user interface, application Description automatically generated

    3. Click on the Methods tab and check the Active checkbox:

      • Mark the checkbox of the Match Custom option

      • Add the Value of “FortiCamera” and click OK.

      Graphical user interface, text, application Description automatically generated

    4. After clicking OK, the device profiling for FortiCameras is completed.

    For reference, to configure profiling for other IoT Devices, the following shows configuration steps for creating profiling rules for a Lexmark Printer and HP Printer devices:

    i – Lexmark Printer

    Graphical user interface, text, application Description automatically generated

    Graphical user interface, text, application, email Description automatically generated

    Graphical user interface, application Description automatically generated

    ii – HP Printer

    Previous
    Next

    Profiling IoT Devices

    Profiling IoT Devices

    Device profiler is a mechanism that automatically categorizes and controls unknown or rogue devices that connect to your network and receive an IP address. Running continuously, this process scans the host database for rogues with IP addresses and assigns them a device type based on profiles or rules set up in FortiNAC. Device profile rules use information such as operating system and vendor OUI to determine what the connecting device might be. The Device Profiler is installed with some default rules which can be refined; new rules can be added as well. You can evaluate uncategorized rogues manually as new rules are added or existing rules are modified.

    After a device has been categorized, the rule used to profile the device is associated with that device. If the device disconnects from the network and later reconnects, the device profiler confirms that the device still matches the rule. If the device does not match its associated rule, the device profiler can disable the device or notify the administrator by using events and alarms. Rule confirmation is an optional setting. This setting can be applied globally on the rule itself or individually on a profiled device.

    FortiNAC supports up to 26 methods of device profiling; in this section, we will create the profile definitions for IOT Devices. The initial example profiles a FortiCamera using the active method based on NMAP scans. The same steps can be used to define profiling with other methods.

    Profile IoT Devices

    1. In the FortiNAC management interface, go to Users & Hosts and click on Device Profiling Rules. Click Add.

    2. In the General tab, configure the following options:

      • Check the Enabled checkbox

      • Name: FortiCamera(nmap)

      • Registration: Automatic

      • Type: Camera

      • Role: Click Add and use “IP_Camera” in the field and click OK.

      • Register as: Device in Host View.

      • Check Add to Group: Click Add and use the “IP_Cameras” as group name.

      Graphical user interface, application Description automatically generated

    3. Click on the Methods tab and check the Active checkbox:

      • Mark the checkbox of the Match Custom option

      • Add the Value of “FortiCamera” and click OK.

      Graphical user interface, text, application Description automatically generated

    4. After clicking OK, the device profiling for FortiCameras is completed.

    For reference, to configure profiling for other IoT Devices, the following shows configuration steps for creating profiling rules for a Lexmark Printer and HP Printer devices:

    i – Lexmark Printer

    Graphical user interface, text, application Description automatically generated

    Graphical user interface, text, application, email Description automatically generated

    Graphical user interface, application Description automatically generated

    ii – HP Printer

    Previous
    Next