Imaging

Imaging

Choose a secure staging area for the machines to be imaged. Keep the switch in this area out of enforcement to ensure the machine has proper network access and can complete the imaging process. If port is under enforcement, FortiNAC may inadvertently switch the VLAN and interrupt the process.
Ensure latest agent has been downloaded to FortiNAC. For instructions see Download new agent packages in section Agent Packages of the Administration Guide.
Download agent package from FortiNAC to the machine with the master image. Use the file formats listed below for the specific operating systems.

Windows: .exe

Linux (Debian, Ubuntu): .deb

Linux (RHEL, Fedora, CentOS): .rpm

For instructions see Download the Persistent Agent For custom distribution in section Agent Packages of the Administration Guide.
Install the agent software. Refer to the applicable section in the Administration Guide:

Installation for Windows

Installation for macOS

Installation for Linux

Important: It is strongly recommended to configure the Persistent Agents settings separately; do not modify the installer. If the installer is modified in any way, any or all customization may be removed upon updating or uninstalling the agent.

Configure the Persistent Agent software settings as necessary based upon the information from the section Software Modifiable Settings for the Persistent Agent. The Persistent Agent settings are configured within the Policy Settings (as opposed to default settings). For details, see Persistent Agent Settings File Location on Host. Configuration can be done in a variety of ways:
- Group Policy: see Agent Settings and Packages Domain Distribution in the Appendix for instructions.
- For all other software management programs, refer to vendor documentation for operation instructions.
- Add configuration as part of the master image.

The Persistent Agent settings are configured within the Policy Settings (as opposed to default settings). These settings take precedence over the Default Settings.

Persistent Agent Policy Settings Location

Windows

32-bit operating systems (Registry Key): HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Bradford Networks\Persistent Agent

64-bit operating systems (Registry Key): HKLM\Software\wow6432node\Policies\Bradford Networks\Persistent Agent

MacOS

/Library/Preferences/com.bradfordnetworks.bndaemon.policy

Linux*

/etc/xdg/com.bradfordnetworks/ PersistentAgentPolicy.conf

*Best practice: PersistentAgentPolicy.conf should be ASCII encoding. As of FortiNAC 8.7.0, UTF-8 can also be parsed.

For more details, see Persistent Agent Settings File Location on Host in the Appendix.

For implementation steps for company asset use cases and recommended Persistent Agent Settings, refer to the following sections:

Windows Domain (Silent Onboard (Single-Sign-On))

MacOS Machines (Onboard Through Isolation)

Linux Machines (Onboard Through Isolation)

MacOS Machines (Silent Onboard)

Linux Machines (Silent Onboard)

Imaging

Choose a secure staging area for the machines to be imaged. Keep the switch in this area out of enforcement to ensure the machine has proper network access and can complete the imaging process. If port is under enforcement, FortiNAC may inadvertently switch the VLAN and interrupt the process.

Ensure latest agent has been downloaded to FortiNAC. For instructions see Download new agent packages in section Agent Packages of the Administration Guide.

Download agent package from FortiNAC to the machine with the master image. Use the file formats listed below for the specific operating systems.

Windows: .exe

Linux (Debian, Ubuntu): .deb

Linux (RHEL, Fedora, CentOS): .rpm

For instructions see Download the Persistent Agent For custom distribution in section Agent Packages of the Administration Guide.

Install the agent software. Refer to the applicable section in the Administration Guide:

Installation for Windows

Installation for macOS

Installation for Linux

Important: It is strongly recommended to configure the Persistent Agents settings separately; do not modify the installer. If the installer is modified in any way, any or all customization may be removed upon updating or uninstalling the agent.

Configure the Persistent Agent software settings as necessary based upon the information from the section Software Modifiable Settings for the Persistent Agent. The Persistent Agent settings are configured within the Policy Settings (as opposed to default settings). For details, see Persistent Agent Settings File Location on Host. Configuration can be done in a variety of ways:

Group Policy: see Agent Settings and Packages Domain Distribution in the Appendix for instructions.
For all other software management programs, refer to vendor documentation for operation instructions.
Add configuration as part of the master image.

The Persistent Agent settings are configured within the Policy Settings (as opposed to default settings). These settings take precedence over the Default Settings.

Persistent Agent Policy Settings Location

Windows

32-bit operating systems (Registry Key): HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Bradford Networks\Persistent Agent

64-bit operating systems (Registry Key): HKLM\Software\wow6432node\Policies\Bradford Networks\Persistent Agent

MacOS

/Library/Preferences/com.bradfordnetworks.bndaemon.policy

Linux*

/etc/xdg/com.bradfordnetworks/ PersistentAgentPolicy.conf

*Best practice: PersistentAgentPolicy.conf should be ASCII encoding. As of FortiNAC 8.7.0, UTF-8 can also be parsed.

For implementation steps for company asset use cases and recommended Persistent Agent Settings, refer to the following sections:

Persistent Agent Deployment and Configuration

Imaging

Imaging