Fortinet black logo

IOT Deployment Guide

Home FortiNAC-F 7.2.0 IOT Deployment Guide
7.2.0
7.4.0
7.2.0

Adding the managed device network

Adding the managed device network

Now, add network devices such as switches into the Inventory to be managed by FortiNAC. In the inventory, you can customize the containers as desired. The example below creates containers based on the network environment. We will use the Fabric Hardware container to add a new network device and start discovering the endpoints.

Adding the managed device network

  1. First, we need to create the Containers.

    Note

    What are containers in FortiNAC?

    In FortiNAC, a container is a logical grouping of devices based on their characteristics, such as their location, role, or function. Containers are used to enforce access policies and control network access based on the type of device or user, ensuring that only authorized devices and users can access specific resources on the network.

    For example, you may create a container for all IoT devices on the network, such as smart thermostats, security cameras, and door locks. You can then enforce access policies for this container, such as only allowing specific users to access the IoT devices or restricting the types of data that the IoT devices can access.

    To create your Container, go to Network > Inventory:

  2. Under the Container tab, click the Add button and define the name of your Container.

  3. Click OK to save and repeat the same step to create all your containers.

  4. To add the network device under the selected container, click on your container.

    Graphical user interface, text, application, chat or text message Description automatically generated

  5. Under the Devices tab, click on the Add button.

    Fill out the data management information in the screen below:

    Graphical user interface Description automatically generated

    Note: The IP address, SNMP settings and credentials used for managing the devices, need to be defined following the pre-requisite section.

  6. Click Validate Credentials. If the message validates without error, click OK. After a while, the FortiNAC will discover the port configuration and status of the new managed device and each will show under the container like the screen below:

    Graphical user interface, text, application Description automatically generated

  7. Following the configuration of the new Switch, we will assign the VLAN ID for each Logical Network defined previously. To define the VLAN ID for the IP Cameras, click on the Model Configuration tab.

  8. In the Logical Network drop-down menu, choose IP Camera and click “Add Configuration." Add the VLAN ID that will be used for the IP Cameras.

    Graphical user interface Description automatically generated

  9. Click Save to commit the configuration for this Switch device in the FortiNAC settings.

    Note: All other Logical Networks can be defined based on their customer environment; the only mandatory logical network is the Registration. The Logical Networks are defined by each Managed Device (Switch, Router, Firewall, etc.), so every new discovered Managed Device needs to be configured.

Previous
Next

Adding the managed device network

Now, add network devices such as switches into the Inventory to be managed by FortiNAC. In the inventory, you can customize the containers as desired. The example below creates containers based on the network environment. We will use the Fabric Hardware container to add a new network device and start discovering the endpoints.

Adding the managed device network

  1. First, we need to create the Containers.

    Note

    What are containers in FortiNAC?

    In FortiNAC, a container is a logical grouping of devices based on their characteristics, such as their location, role, or function. Containers are used to enforce access policies and control network access based on the type of device or user, ensuring that only authorized devices and users can access specific resources on the network.

    For example, you may create a container for all IoT devices on the network, such as smart thermostats, security cameras, and door locks. You can then enforce access policies for this container, such as only allowing specific users to access the IoT devices or restricting the types of data that the IoT devices can access.

    To create your Container, go to Network > Inventory:

  2. Under the Container tab, click the Add button and define the name of your Container.

  3. Click OK to save and repeat the same step to create all your containers.

  4. To add the network device under the selected container, click on your container.

    Graphical user interface, text, application, chat or text message Description automatically generated

  5. Under the Devices tab, click on the Add button.

    Fill out the data management information in the screen below:

    Graphical user interface Description automatically generated

    Note: The IP address, SNMP settings and credentials used for managing the devices, need to be defined following the pre-requisite section.

  6. Click Validate Credentials. If the message validates without error, click OK. After a while, the FortiNAC will discover the port configuration and status of the new managed device and each will show under the container like the screen below:

    Graphical user interface, text, application Description automatically generated

  7. Following the configuration of the new Switch, we will assign the VLAN ID for each Logical Network defined previously. To define the VLAN ID for the IP Cameras, click on the Model Configuration tab.

  8. In the Logical Network drop-down menu, choose IP Camera and click “Add Configuration." Add the VLAN ID that will be used for the IP Cameras.

    Graphical user interface Description automatically generated

  9. Click Save to commit the configuration for this Switch device in the FortiNAC settings.

    Note: All other Logical Networks can be defined based on their customer environment; the only mandatory logical network is the Registration. The Logical Networks are defined by each Managed Device (Switch, Router, Firewall, etc.), so every new discovered Managed Device needs to be configured.

Previous
Next