DOCUMENT LIBRARY
DOCUMENT LIBRARY
Products
Best Practices
Hardware Guides
Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
Hybrid Mesh Firewall
FortiGate/ FortiOS
FortiGate-5000
/
6000
/
7000
NOC Management
FortiManager
/
FortiManager Cloud
Managed Fortigate Service
LAN
FortiSwitch
FortiAP / FortiWiFi
FortiEdge Cloud
FortiNAC-F
WAN
Secure SD-WAN
FortiExtender
More >>
Unified SASE
Single Vendor SASE
FortiSASE
Secure SD-WAN
Zero Trust Network Access (ZTNA)
FortiProxy
FortiMonitor
Cloud Network Security
FortiGate Public Cloud
FortiGate Private Cloud
FortiGate CNF
FortiFlex
Lacework FortiCNAPP
Secure Endpoint Connectivity
FortiClient
/
FortiClient Cloud
Web Application / API Protection
FortiWeb
FortiADC
FortiDAST
More >>
Security Operations
Security Operations Automation
FortiAnalyzer
/
FortiAnalyzer Cloud
FortiSIEM
/
FortiSIEM Cloud
FortiSOAR
SOC-as-a-Service (SOCaaS)
Identity
FortiAuthenticator
FortiTrust Identity
FortiPAM
Early Detection & Prevention
FortiSandbox
/
FortiSandbox Cloud
FortiNDR
FortiDeceptor
FortiRecon
More >>
Secure Networking
Hybrid Mesh Firewall
FortiGate/ FortiOS
FortiGate-5000
/
6000
/
7000
NOC Management
FortiManager
/
FortiManager Cloud
Managed Fortigate Service
FortiAIOps
LAN
FortiSwitch
FortiAP / FortiWiFi
FortiAP-U Series
FortiEdge Cloud
FortiNAC-F
WAN
Secure SD-WAN
FortiExtender
Communication & Surveillance
FortiVoice
/
FortiVoice Cloud
FortiFone
FortiCamera
FortiRecorder
FortiCentral
Unified SASE
Single Vendor SASE
FortiSASE
Secure SD-WAN
Zero Trust Network Access (ZTNA)
FortiProxy
FortiMonitor
Secure Endpoint Connectivity
FortiClient
/
FortiClient Cloud
Cloud Network Security
FortiGate Public Cloud
FortiGate Private Cloud
FortiGate CNF
FortiFlex
Cloud-Native Security
Lacework FortiCNAPP
FortiDevSec
Web Application / API Protection
FortiWeb
FortiADC
FortiDAST
Security Operations
Security Operations Automation
FortiAnalyzer
/
FortiAnalyzer Cloud
FortiSIEM
/
FortiSIEM Cloud
FortiSOAR
Endpoint
FortiClient
/
FortiClient Cloud
FortiEDR/XDR
Data Protection
FortiDLP
FortiDLP Agent
FortiDLP Policies
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken
/
FortiToken Cloud
FortiPAM
Email
FortiMail
FortiPhish
Early Detection & Prevention
FortiSandbox
/
FortiSandbox Cloud
FortiNDR
FortiDeceptor
FortiRecon
Expert Services
SOC-as-a-Service (SOCaaS)
Edge Firewall
FortiGate/FortiOS
FortiGate-5000
/
6000
/
7000
FortiGate Public Cloud
FortiGate Private Cloud
Orchestration & management
FortiManager
/
FortiManager Cloud
FortiAnalyzer
/
FortiAnalyzer Cloud
Overlay-as-a-Service
SD Branch
FortiSwitch
FortiAP / FortiWiFi
FortiExtender
/
FortiExtender Cloud
Application Delivery
FortiADC
/
FortiGSLB
Single Vendor SASE
FortiSASE
Secure Endpoint Connectivity
FortiClient
/
FortiClient Cloud
Secure Private Access
Secure SD-WAN
Zero Trust Network Access (ZTNA)
Thin Edge
FortiGate/ FortiOS
FortiAP / FortiWiFi
FortiExtender
/
FortiExtender Cloud
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken
Application Gateway
FortiGate/ FortiOS
FortiProxy
FortiADC
/
FortiGSLB
Enterprise Asset Management
FortiClient EMS
Endpoint Agent
FortiClient
/
FortiClient Cloud
Agentless Security Posture
FortiNAC-F
FortiSIEM
/
FortiSIEM Cloud
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken
Wireless
FortiAP / FortiWiFi
FortiAP-U Series
FortiGate Cloud
Switching
FortiSwitch
FortiEdge Cloud
FortiNAC-F
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken
Privilege Acccess Management
FortiPAM
Next Generation Firewall
FortiGate / FortiOS
FortiGate-5000
/
6000
/
7000
FortiGate Public Cloud
FortiGate Private Cloud
Orchestration & management
FortiManager
/
FortiManager Cloud
FortiAnalyzer
/
FortiAnalyzer Cloud
Expert Services
SOC-as-a-Service (SOCaaS)
Managed Fortigate Service
All
FortiADC Public Cloud
FortiAnalyzer Public Cloud
FortiAuthenticator Public Cloud
FortiDeceptor Public Cloud
FortiGate Public Cloud
FortiIsolator Public Cloud
FortiManager Public Cloud
FortiNDR Public Cloud
FortiPAM Public Cloud
FortiPortal Public Cloud
FortiProxy Public Cloud
FortiSandbox Public Cloud
FortiTester Public Cloud
FortiVoice Public Cloud
FortiWeb Manager Public Cloud
FortiWeb Public Cloud
All
FortiADC Private Cloud
FortiAnalyzer BigData Private Cloud
FortiAnalyzer Private Cloud
FortiAuthenticator Private Cloud
FortiDeceptor Private Cloud
FortiGate Private Cloud
FortiManager Private Cloud
FortiNDR Private Cloud
FortiPAM Private Cloud
FortiProxy Private Cloud
FortiSandbox Private Cloud
FortiTester Private Cloud
FortiVoice Private Cloud
FortiWeb Manager Private Cloud
FortiWeb Private Cloud
Account Management
FortiCloud Services
SAAS Management
FortiGate Cloud
FortiEdge Cloud
FortiEdge Cloud
FortiExtender Cloud
FortiPresence Cloud
FortiToken Cloud
FortiTrust Identity
FortiZTP
FortiCamera Cloud
SAAS Application Security
FortiWeb Cloud
FortiGSLB
FortiCASB
FortiCNP
FortiInsight
FortiPhish
FortiGate CNF
Managed Services
SOC-as-a-Service (SOCaaS)
Managed Fortigate Service
Platform as a service (PAAS)
FortiSASE
FortiAnalyzer Cloud
FortiManager Cloud
FortiClient Cloud
FortiSandbox Cloud
FortiMail Cloud
FortiSOAR Cloud
Other SAAS Services
Overlay-as-a-Service
FortiRecon
FortiConverter
ForiIPAM
FortiFlex
FortiCare Elite
4D Resources
Solution Hubs
Define, design, deploy, demo
4D Pillars
Secure SD-WAN
Zero Trust Network Access
Wireless
Switching
Secure Access Service Edge
Identity and Access Management
Next Generation Firewall
Curated Links by Solution
Cloud
FortiCloud
Public & Private Cloud
Popular Solutions
Secure SD-WAN
Zero Trust Network Access
Secure Access
Security Fabric
Tele-Working
Multi-Factor Authentication
FortiASIC
Operational Technology
MSSP
Next Generation Firewall
FortiAnalyzer
FortiAnalyzer Big-Data
FortiADC
FortiAP / FortiWiFi
FortiAP U-Series
FortiAuthenticator
FortiCache
FortiCarrier
FortiController
FortiDDoS
FortiDDoS-F
FortiDeceptor
FortiExtender
FortiGate-5000
FortiGate-6000
FortiGate-7000
FortiHypervisor
FortiIsolator
FortiMail
FortiManager
FortiNAC
FortiNDR
FortiProxy
FortiRecorder
FortiGate
FortiRPS
FortiSandbox
FortiSIEM
FortiSwitch
FortiTester
FortiToken
FortiVoice
FortiWAN
FortiWeb
FortiWLC
FortiWLM
AscenLink
AV Engine
AWS Firewall Rules
Container FortiOS
FortiADC
FortiADC E Series
FortiADC Manager
FortiADC Private Cloud
FortiADC Public Cloud
FortiAIOps
FortiAnalyzer
FortiAnalyzer BigData
FortiAnalyzer BigData Private Cloud
FortiAnalyzer Cloud
FortiAnalyzer Private Cloud
FortiAnalyzer Public Cloud
FortiAP / FortiWiFi
FortiAP-U Series
FortiAuthenticator
FortiAuthenticator Private Cloud
FortiAuthenticator Public Cloud
FortiAuthProxy
FortiBalancer
FortiBranchSASE
FortiBridge
FortiCache
FortiCamera
FortiCamera Cloud
FortiCare Elite
FortiCarrier
FortiCASB
FortiCentral
FortiClient
FortiClient Cloud
FortiCloud Services
FortiCNP
FortiConnect
FortiController
FortiConverter Service
FortiConverter Tool
FortiCore
FortiCSPM
FortiCWP
FortiDAST
FortiDB
FortiDDoS
FortiDDoS-F
FortiDeceptor
FortiDeceptor DaaS
FortiDeceptor Private Cloud
FortiDeceptor Public Cloud
FortiDevSec
FortiDLP
FortiDLP Agent
FortiDLP Policies
FortiDNS
FortiEdge Cloud
FortiEDR/XDR
FortiEndpoint
FortiExplorer
FortiExplorer Go
FortiExtender
FortiFlex
FortiFone
FortiGate / FortiOS
FortiGate Cloud
FortiGate CNF
FortiGate Private Cloud
FortiGate Public Cloud
FortiGate-5000
FortiGate-6000
FortiGate-7000
FortiGate-as-a-Service
FortiGSLB
FortiGuard Advanced Bot Protection
FortiGuest
FortiHypervisor
FortiInsight
FortiInsight Cloud
FortiIPAM
FortiIsolator
FortiIsolator Public Cloud
FortiLAN Cloud
FortiMail
FortiMail Cloud
FortiManager
FortiManager Cloud
FortiManager Private Cloud
FortiManager Public Cloud
FortiMonitor
FortiNAC
FortiNAC-F
FortiNDR
FortiNDR (on-premise) Private Cloud
FortiNDR (on-premise) Public Cloud
FortiNDR Cloud
FortiNDR Cloud Sensors
FortiPAM
FortiPAM Private Cloud
FortiPAM Public Cloud
FortiPhish
FortiPlanner
FortiPolicy
FortiPortal
FortiPortal Public Cloud
FortiPresence
FortiPresence VM
FortiProxy
FortiProxy Private Cloud
FortiProxy Public Cloud
FortiRecon
FortiRecorder
FortiRPS
FortiSandbox
FortiSandbox Cloud
FortiSandbox Private Cloud
FortiSandbox Public Cloud
FortiSASE
FortiScanner
FortiSIEM
FortiSIEM Cloud
FortiSOAR
FortiSOAR Cloud
FortiSRA
FortiSwitch
FortiSwitch Manager
FortiTap
FortiTester
FortiTester Private Cloud
FortiTester Public Cloud
FortiToken
FortiToken Cloud
FortiTrust Identity
FortiVoice
FortiVoice Cloud
FortiVoice Private Cloud
FortiVoice Public Cloud
FortiWAN
FortiWAN Controller
FortiWeb
FortiWeb Cloud
FortiWeb Manager Private Cloud
FortiWeb Manager Public Cloud
FortiWeb Private Cloud
FortiWeb Public Cloud
FortiWLM
FortiZTP
IPS Engine
Lacework FortiCNAPP
Managed FortiGate Service
Overlay-as-a-Service
Security Awareness and Training
SOCaaS
Wireless Controller
Search documents and hardware ...
Administration Guide
What's new in FortiNAC 8.3
Introduction
Additional help
Requirements
DNS configuration for administrators
IPv6 support
Login to FortiNAC
Admin user interface connection errors
Licensing
Events and alarms
FortiNAC Control Manager
Evaluation license keys
Navigation
Filters
Search
Search and filter options
Find containers or devices
Menus
Manage bookmarks
Admin user preferences
Software properties
Passwords
Time stamps and time zones
Accessing analytics
Icons
Certificates
Dashboard
Add a panel
Alarm
Host summary
Network device summary
Details list view
License information
Performance
Persistent Agent summary
Scans
Summary
Security summary
User summary
Views
Manage hosts and ports
Locate
Guest accounts
Send messages to hosts
Quick start
Guest/contractor templates
Visitor types
Create templates
Endpoint compliance policies for guests
Guest or contractor accounts
Create guest/contractor accounts
Provide login information
Containers
Configure container for devices
Discover devices
Discovery results
Network devices
Wireless security
Auto-configured data
SSIDĀ mappings
Secure SSID for guest management
Open SSID for guest management
Secure SSID for device onboarding
Open SSID for device onboarding
L2 polling (resync hosts)
L3 polling (IP address to MAC address)
Learning about hosts on the network
Network device groups
Portal configuration
Splash page
Portal content editor
Edit style sheets
Export portal page content
Import portal page content
Portal page images
Sample portal page change
Using special or foreign characters
Portal configuration process
Host inventory
Multiple portals
Create a portal
Copy a portal
Select a default portal
Edit portal settings
Delete a portal
Configure authentication credentials
Portal configuration - version 1 settings
Content fields
Global properties
Registration
Authentication
Remediation
VPN portal
Isolation portal
Dead end portal
Policy failure portal
Agent portal
EasyConnect portal
Host inventory portal
Settings
Authentication
Automatic authentication
Google account authentication
Using the Google Developer's Console
Add/modify account settings
Enable push notifications from Google Cloud Messaging
Authentication directories
Requirements
Directory structure and synchronization
Directory configuration
Delete directory
Schedule directory synchronization
Preview directory
Create a keystore for SSL or TLS
Passive registration
Customize login and logout scripts
Active Directory setup
Novell setup for passive registration
RADIUS settings
Manage settings
RADIUS and 802.1x environments
Order of precedence
Configure profiles
Set defaults
Set domain mappings
Configure local domain list
Failover process
Validate redundant RADIUS
Roaming guests
Control
Access point management
Allowed domains
Web proxy integration
Quarantine
Identification
NAT detection
Rogue DHCP server detection
Vendor OUIs
Network device
Persistent Agent settings
Global updates
Credential configuration
Security management
Status notifications
Transport configurations
USB detection
Reports settings
Security settings
Portal SSL
Certificate management
System communication
Email settings
Log receivers
MDM services
Mobile providers
Patch management
Proxy settings
SNMP
Syslog management
Security event parsers
Trap MIB files
Vulnerability scanner
System management
Database archive
Database backup/restore
License management
NTP and time zone
High availability
Power management
Backup to a remote server
System backups
Updates
Agent packages
Updating CentOS
System update
User/host management
Aging
Allowed hosts
Device profiler
MACĀ address exclusion
Device profiler
Device profiling process
Device profiler implementation
Device profiling rules
Manage rules
Best practices
Add or modify rules
Delete a device profiling rule
Copy a device profiling rule
Evaluate rogue hosts with device profiling rules
Administrative user profiles for device managers
Add an administrative user for device profiler
Device profiler events and alarms
Profiled devices
Monitor devices
View and register known devices
Isolate unknown devices
Control access based on device types
View logs and reports
Policies
Policy assignment
User/host profiles
Filter example
Profile example
Profiles in use
Delete a profile
Portal policies
Implementation
Manage policies
Add/modify a policy
Delete a policy
Authentication policies
Manage policies
Add/modify a policy
Delete a policy
When no profile or policy exists
Authentication configuration
Add/modify a policy
Delete a configuration
Network access policies
Implementation
Manage policies
Add/modify a policy
Delete a policy
Network access configurations
Add/modify a configuration
Configurations in use
Delete a configuration
Endpoint compliance policies
Determining host operating system
Add/modify a policy
Delete a policy
Endpoint compliance configurations
Add/modify a configuration
Configurations in use
Delete a configuration
Chaining configuration scans
Scans
Scan on connect
Scan hosts without enforcing remediation
Delayed remediation for scanned hosts
Add/modify a scan
Delete a scan
Scans in use
Schedule a scan
Custom scans
Custom scan options - scan level
Custom scans options within a category level
Windows
macOS
Linux
Severity level
Use case
Supplicant EasyConnect policies
Requirements
Manage policies
Add/modify a policy
Delete a policy
Supplicant configurations
Add/modify a configuration
Configurations in use
Delete a configuration
Policy details
Remediation configuration
Add a scan
View scan status
Clear scanned hosts list
Modify/remove a scan
Policy simulator
Endpoint compliance
Implementation
Agent overview
Dissolvable Agent
Passive Agent
Registration
Manage configurations
Add/modify configuration
Delete configuration
Copy configuration
IP ranges
Test a directory user
Administrative templates for GPO
CLI arguments
Persistent Agent
Installion for Windows
Installation for macOS
Installation for Linux
Using the Persistent Agent
Using Windows domain logon credentials
GPO settings for high availability
Persistent Agent certificate validation
Upgrade the Persistent Agent
Logging
Mobile Agent
Agent server communications
SSL certificates
DNS server configuration
Agent server discovery
Persistent Agent on Windows
Persistent Agent on macOS
Persistent Agent on Linux
Host logging for agent security
Auto-Definition updates
Send a message to group/all hosts
Role management
Configuration
Assigning roles
Roles
Add a role
Modify/delete roles
Role in use
Network device roles
Add a role
Modify/delete a role
Guest manager
Implementation
Guest/contractor templates
Visitor types
Create templates
Endpoint compliance policies for guests
Modify templates
Copy templates
Delete templates
Admin profiles
Add a guest manager profile
Add a guest kiosk profile
Add a guest self registration profile
Administrative users
Portal page setup for version 1
Portal page setup for version 2
Printer settings for guest badges
Events and alarms
Sponsors
Guest or contractor accounts
Create guest/contractor accounts
Create bulk or multiple accounts
Bulk guest import
Provide login information
Conference accounts
Guest account details
Guest/contractor login
Using a kiosk
Kiosk browser
Log into a kiosk
Account creation
Account activation
Kiosk shut down
Guest self-registration
Requesting an account
Approve or deny a request
Configure the email link
Self-registration requests
Automated Threat Response (ATR)
Implementation
Security rules
Add/modify a rule
Delete a rule
Triggers
Add a trigger
Delete a trigger
Add/modify filters
Delete a filter
Security actions
Add/modify an action
Delete an action
Add/modify activities
Delete activities
Security alarms
Security events
User view
Configure table columns and tooltips
Search and filter options
User view and search settings
User drill-down
User properties
Add/modify a user
Delete a user
Add users to groups
User group membership
Policy details
Policy simulator
Guest account details
Set user expiration date
Admin profiles and permissions
Default administrator profiles
Permissions list
Add an admin profile
Modify admin profiles
Modify admin profiles for administrator users
Delete an admin profile
Copy an admin profile
Admin profile mappings
Mappings process
Add/modify a mapping
Delete a mapping
Admin users
Add an admin user
Modify an admin user
Delete an admin user
Copy an admin user
Modify a user's admin profile
User theme
Limit admin access with groups
Set admin privileges based on directory groups
Add admin users to groups
Admin user group membership
Configure secure mode
Import and export data
Import archived data
Import hosts, users or devices
Sample import files
Import from a .csv file.csv File
Import from a previous version
Import admin users
Import IP ranges
CLI import tool
Create .csv files for device import
Import devices with the CLI tool
Import port descriptions
Export data
Topology view
Topology tree contact status
Find containers or devices
Control access
Containers
Network summary
Customer icon
Configure container for devices
Forced registration group
Control access
Rename customer icon
Container icon
Add/modify a device
Add/modify a pingable device
Add/modify the Palo Alto User-ID agent as a pingable
Control access on devices in a container
Convert all pingables to hosts
Discover devices
Discovery results
Device view
Control access on a device
Delete a device
Convert devices to hosts
Device group membership
Local management (HTTP)
Move a device to a different container
Network access/VLANs
Poll for contact status
Poll for L2 (hosts) information
Ports and hosts
Device properties
Modify multiple device properties
Pingable device properties
Resync interfaces
View role membership
Set device mapping for unknown SNMP devices
Update device mapping
Device configuration
Add/modify a device
Delete a device
Resync interfaces
Model configuration
Global model configuration
Move a device to a different container
Convert all pingables to hosts
Set CDP polling
Wired devices and 802.1X
Secure port/static port overview
Ports view
Update ports view
View connection details
Add ports to groups
Modify multiple ports
View port group membership
Remove ports from multiple groups
Port properties
Port uplink types
SSID view
SSID configuration
Modify multiple SSIDs
Hosts, adapters, and applications
USB/Thunderbolt external Ethernet adapters
Host view
Settings
Drill-down
Properties
Host health and scanning
Application inventory
Add/modify a host
Delete a host
Enable or disable hosts
Add IP phones
Add hosts to groups
Host group membership
Register a host as a device
Run the agentless scanner
Set host expiration date
Send a message to a host
Host registration and user authentication
Adapter view
View and search settings
Properties
Device identity
Enable or disable an adapter
Modify an adapter
Aging out host or user records
Application view
Device identity
Groups view
Add groups
Copy a group
Delete a group
Limit user access with groups
Modify a group
Display group membership
Show group members
Group in use
Aging hosts in a group
System groups
Customer defined groups
Admin auditing
Configuration
Accessing the auditing log
Scheduler view
Add a task
Add other scheduled tasks
Copy a task
Delete a task
Modify a task
Run task now
Event management
Enable and disable events
Event thresholds
Log events to an external log host
Examples of syslog messages
View events currently mapped to alarms
Events view
Event notes
Events and alarms list
Alarms view
Show/hide alarm details
Map events to alarms
Add or modify alarm mapping
Bulk modify alarm mappings
Delete alarm mapping
Reports view
Standard report templates
Preview standard report templates
Guest registrations report
Registrations report
Scan results report
Custom reports
Add a custom report
Preview a custom report
Modify a custom report
Remove a custom report
Schedule reports
Archived reports
Compliance reports
PCI reports
Agent versions
Guest registrations
Network device count
Network devices by type
Ports by VLAN
Daily network access by role
Historical scans
Registration failures
Host registrations
Scans by operating system
Scans by policy
Users by role
Download or run compliance report templates
Crystal reports
Configure a database password
Install and configure MySQL ODBC connector
Configure the database connection
Scan results view
Show details
Archive and clear all scans
Archive and clear selected scans
Connections view
CLI configuration
Configuration in use
Show configuration
Port based and host based configurations
Add/modify a configuration
Sample configurations
Implement configurations
Apply a port based configuration via the model configuration
Apply a host based configuration via the model configuration
Apply a CLI configuration using a role
Apply a CLI configuration using a network access policy
Apply a CLI configuration using a scheduled task
Port changes view
Requirements for ACL based configurations
Create the Cisco extended ACL
Apply the ACL to the physical interface
Poll the switch/router
High availability
Server communication
Using a shared IP Address (Layer 2)
Servers on different subnets (Layer 3)
Connectivity configuration
Primary and secondary configuration
Update software
High availability concepts
Startup
Monitor
Control sequence
Recovery
Stop the primary server
Troubleshooting tips
Determine which appliance has the shared IP
Determine appliance status
ConfirmĀ database replication
Verify license key
Configure the email link
Receive data from external devices
Send SMS messages
RESTĀ API
API URLs
Alarms
Specific alarm
Acknowledge alarm
Containers - bulk
Specific container
Control tasks
Control task items
Control task - scan by endpoint ID
Device identities
Specific device identity
Profiled devices
Specific profiled devices
Register a profiled device
Device profiling rules
Specific device profiling rule
Endpoint
Specific endpoint
Endpoints - bulk
Specific endpoint adapter
Add or update an endpoint - FORM
Add or update an dndpoint - JSON/XML
Bulk add or update endpoints - JSON/XML
Events
Specific event
Group
Specific group
Add or update a group
Delete a group
Specific network device
Network devices - bulk
Specific network port
Service
Scheduled tasks
Run a scheduled task
Specific scheduled task
Users
Add or update a user
Add or update a user - FORM
Add or update a user - JSON/XML
Vendor OUIs
Specific vendor OUI
Troubleshooting REST API
Appendix A: Scan parameters
Anti-Virus parameters - Windows
Anti-Virus parameters - macOS
Operating system parameters - Windows
Operating systems parameters - macOS
Appendix B: Portal page contents fields
Appendix C: Security event severity level mappings
Home
FortiNAC 8.3.0
Administration Guide
8.3.0
9.4.0
9.2.0
9.1.0
8.8.0
8.7.0
8.6.0
8.5.2
8.3.0
Run task now
Run task now
To run a scheduled action at any time:
Select
System > Scheduler
.
Use the filters to display a list of tasks.
Click the task to select it.
Click
Run Now
.
Previous
Next
Run task now
Run task now
To run a scheduled action at any time:
Select
System > Scheduler
.
Use the filters to display a list of tasks.
Click the task to select it.
Click
Run Now
.
Previous
Next
Home
Product Pillars
Network Security
Network Security
FortiGate / FortiOS
FortiGate 5000
FortiGate 6000
FortiGate 7000
FortiProxy
NOC & SOC Management
FortiManager
FortiManager Cloud
FortiAnalyzer
FortiAnalyzer Cloud
FortiMonitor
FortiGate Cloud
Enterprise Networking
Secure SD-WAN
FortiLAN Cloud
FortiSwitch
FortiAP / FortiWiFi
FortiAP-U Series
FortiNAC-F
FortiExtender
FortiExtender Cloud
FortiAIOps
Business Communications
FortiFone
FortiVoice
FortiVoice Cloud
FortiRecorder
FortiCamera
Zero Trust Access
ZTNA
Zero Trust Network Access
FortiClient EMS
SASE
FortiSASE
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken
Cloud Security
Hybrid Cloud Security
FortiGate Public Cloud
FortiGate Private Cloud
FortiFlex
Cloud Native Protection
FortiCNP
FortiDevSec
Web Application / API Protection
FortiWeb
FortiWeb Cloud
FortiADC
FortiGSLB
FortiGuard ABP
SAAS Security
FortiMail
FortiMail Cloud
FortiCASB
Security Operations
SOC Platform
FortiAnalyzer
FortiAnalyzer Cloud
FortiSIEM
/
FortiSIEM Cloud
FortiSOAR
FortiPhish
Advanced Threat Protection
FortiSandbox
FortiSandbox Cloud
FortiNDR
FortiNDR Cloud
FortiDeceptor
FortiInsight
FortiInsight Cloud
FortiIsolator
Endpoint Security
FortiClient
FortiClient Cloud
FortiEDR
Best Practices
Solution Hubs
Cloud
FortiCloud
Public & Private Cloud
Popular Solutions
Secure SD-WAN
Zero Trust Network Access
Secure Access
Next Generation Firewall
Security Fabric
Tele-Working
Multi-Factor Authentication
FortiASIC
Operational Technology
MSSP
4-D Resources
Secure SD-WAN
Zero Trust Network Access
Wireless
Switching
Secure Access Service Edge
Identity and Access Management
Next Generation Firewall
Hardware Guides
FortiAnalyzer
FortiAnalyzer Big-Data
FortiADC
FortiAP / FortiWiFi
FortiAP U-Series
FortiAuthenticator
FortiCache
FortiCarrier
FortiController
FortiDDoS
FortiDDoS-F
FortiDeceptor
FortiExtender
FortiGate
FortiGate-5000
FortiGate-6000
FortiGate-7000
FortiHypervisor
FortiIsolator
FortiMail
FortiManager
FortiNAC
FortiNDR
FortiProxy
FortiRecorder
FortiRPS
FortiSandbox
FortiSIEM
FortiSwitch
FortiTester
FortiToken
FortiVoice
FortiWAN
FortiWeb
FortiWLC
FortiWLM
Product A-Z
AscenLink
AV Engine
AWS Firewall Rules
Container FortiOS
FortiADC
FortiADC E Series
FortiADC Manager
FortiADC Private Cloud
FortiADC Public Cloud
FortiAIOps
FortiAnalyzer
FortiAnalyzer BigData
FortiAnalyzer BigData Private Cloud
FortiAnalyzer Cloud
FortiAnalyzer Private Cloud
FortiAnalyzer Public Cloud
FortiAP / FortiWiFi
FortiAP-U Series
FortiAuthenticator
FortiAuthenticator Private Cloud
FortiAuthenticator Public Cloud
FortiAuthProxy
FortiBalancer
FortiBranchSASE
FortiBridge
FortiCache
FortiCamera
FortiCamera Cloud
FortiCare Elite
FortiCarrier
FortiCASB
FortiCentral
FortiClient
FortiClient Cloud
FortiCloud Services
FortiCNP
FortiConnect
FortiController
FortiConverter Service
FortiConverter Tool
FortiCore
FortiCSPM
FortiCWP
FortiDAST
FortiDB
FortiDDoS
FortiDDoS-F
FortiDeceptor
FortiDeceptor DaaS
FortiDeceptor Private Cloud
FortiDeceptor Public Cloud
FortiDevSec
FortiDLP
FortiDLP Agent
FortiDLP Policies
FortiDNS
FortiEdge Cloud
FortiEDR/XDR
FortiEndpoint
FortiExplorer
FortiExplorer Go
FortiExtender
FortiFlex
FortiFone
FortiGate / FortiOS
FortiGate Cloud
FortiGate CNF
FortiGate Private Cloud
FortiGate Public Cloud
FortiGate-5000
FortiGate-6000
FortiGate-7000
FortiGate-as-a-Service
FortiGSLB
FortiGuard Advanced Bot Protection
FortiGuest
FortiHypervisor
FortiInsight
FortiInsight Cloud
FortiIPAM
FortiIsolator
FortiIsolator Public Cloud
FortiLAN Cloud
FortiMail
FortiMail Cloud
FortiManager
FortiManager Cloud
FortiManager Private Cloud
FortiManager Public Cloud
FortiMonitor
FortiNAC
FortiNAC-F
FortiNDR
FortiNDR (on-premise) Private Cloud
FortiNDR (on-premise) Public Cloud
FortiNDR Cloud
FortiNDR Cloud Sensors
FortiPAM
FortiPAM Private Cloud
FortiPAM Public Cloud
FortiPhish
FortiPlanner
FortiPolicy
FortiPortal
FortiPortal Public Cloud
FortiPresence
FortiPresence VM
FortiProxy
FortiProxy Private Cloud
FortiProxy Public Cloud
FortiRecon
FortiRecorder
FortiRPS
FortiSandbox
FortiSandbox Cloud
FortiSandbox Private Cloud
FortiSandbox Public Cloud
FortiSASE
FortiScanner
FortiSIEM
FortiSIEM Cloud
FortiSOAR
FortiSOAR Cloud
FortiSRA
FortiSwitch
FortiSwitch Manager
FortiTap
FortiTester
FortiTester Private Cloud
FortiTester Public Cloud
FortiToken
FortiToken Cloud
FortiTrust Identity
FortiVoice
FortiVoice Cloud
FortiVoice Private Cloud
FortiVoice Public Cloud
FortiWAN
FortiWAN Controller
FortiWeb
FortiWeb Cloud
FortiWeb Manager Private Cloud
FortiWeb Manager Public Cloud
FortiWeb Private Cloud
FortiWeb Public Cloud
FortiWLM
FortiZTP
IPS Engine
Lacework FortiCNAPP
Managed FortiGate Service
Overlay-as-a-Service
Security Awareness and Training
SOCaaS
Wireless Controller
Ordering Guides
Download PDF
Table of Contents
What's new in FortiNAC 8.3
Introduction
Additional help
Requirements
DNS configuration for administrators
IPv6 support
Login to FortiNAC
Admin user interface connection errors
Licensing
Events and alarms
FortiNAC Control Manager
Evaluation license keys
Navigation
Filters
Search
Search and filter options
Find containers or devices
Menus
Manage bookmarks
Admin user preferences
Software properties
Passwords
Time stamps and time zones
Accessing analytics
Icons
Certificates
Dashboard
Add a panel
Alarm
Host summary
Network device summary
Details list view
License information
Performance
Persistent Agent summary
Scans
Summary
Security summary
User summary
Views
Manage hosts and ports
Locate
Guest accounts
Send messages to hosts
Quick start
Guest/contractor templates
Visitor types
Create templates
Endpoint compliance policies for guests
Guest or contractor accounts
Create guest/contractor accounts
Provide login information
Containers
Configure container for devices
Discover devices
Discovery results
Network devices
Wireless security
Auto-configured data
SSIDĀ mappings
Secure SSID for guest management
Open SSID for guest management
Secure SSID for device onboarding
Open SSID for device onboarding
L2 polling (resync hosts)
L3 polling (IP address to MAC address)
Learning about hosts on the network
Network device groups
Portal configuration
Splash page
Portal content editor
Edit style sheets
Export portal page content
Import portal page content
Portal page images
Sample portal page change
Using special or foreign characters
Portal configuration process
Host inventory
Multiple portals
Create a portal
Copy a portal
Select a default portal
Edit portal settings
Delete a portal
Configure authentication credentials
Portal configuration - version 1 settings
Content fields
Global properties
Registration
Authentication
Remediation
VPN portal
Isolation portal
Dead end portal
Policy failure portal
Agent portal
EasyConnect portal
Host inventory portal
Settings
Authentication
Automatic authentication
Google account authentication
Using the Google Developer's Console
Add/modify account settings
Enable push notifications from Google Cloud Messaging
Authentication directories
Requirements
Directory structure and synchronization
Directory configuration
Delete directory
Schedule directory synchronization
Preview directory
Create a keystore for SSL or TLS
Passive registration
Customize login and logout scripts
Active Directory setup
Novell setup for passive registration
RADIUS settings
Manage settings
RADIUS and 802.1x environments
Order of precedence
Configure profiles
Set defaults
Set domain mappings
Configure local domain list
Failover process
Validate redundant RADIUS
Roaming guests
Control
Access point management
Allowed domains
Web proxy integration
Quarantine
Identification
NAT detection
Rogue DHCP server detection
Vendor OUIs
Network device
Persistent Agent settings
Global updates
Credential configuration
Security management
Status notifications
Transport configurations
USB detection
Reports settings
Security settings
Portal SSL
Certificate management
System communication
Email settings
Log receivers
MDM services
Mobile providers
Patch management
Proxy settings
SNMP
Syslog management
Security event parsers
Trap MIB files
Vulnerability scanner
System management
Database archive
Database backup/restore
License management
NTP and time zone
High availability
Power management
Backup to a remote server
System backups
Updates
Agent packages
Updating CentOS
System update
User/host management
Aging
Allowed hosts
Device profiler
MACĀ address exclusion
Device profiler
Device profiling process
Device profiler implementation
Device profiling rules
Manage rules
Best practices
Add or modify rules
Delete a device profiling rule
Copy a device profiling rule
Evaluate rogue hosts with device profiling rules
Administrative user profiles for device managers
Add an administrative user for device profiler
Device profiler events and alarms
Profiled devices
Monitor devices
View and register known devices
Isolate unknown devices
Control access based on device types
View logs and reports
Policies
Policy assignment
User/host profiles
Filter example
Profile example
Profiles in use
Delete a profile
Portal policies
Implementation
Manage policies
Add/modify a policy
Delete a policy
Authentication policies
Manage policies
Add/modify a policy
Delete a policy
When no profile or policy exists
Authentication configuration
Add/modify a policy
Delete a configuration
Network access policies
Implementation
Manage policies
Add/modify a policy
Delete a policy
Network access configurations
Add/modify a configuration
Configurations in use
Delete a configuration
Endpoint compliance policies
Determining host operating system
Add/modify a policy
Delete a policy
Endpoint compliance configurations
Add/modify a configuration
Configurations in use
Delete a configuration
Chaining configuration scans
Scans
Scan on connect
Scan hosts without enforcing remediation
Delayed remediation for scanned hosts
Add/modify a scan
Delete a scan
Scans in use
Schedule a scan
Custom scans
Custom scan options - scan level
Custom scans options within a category level
Windows
macOS
Linux
Severity level
Use case
Supplicant EasyConnect policies
Requirements
Manage policies
Add/modify a policy
Delete a policy
Supplicant configurations
Add/modify a configuration
Configurations in use
Delete a configuration
Policy details
Remediation configuration
Add a scan
View scan status
Clear scanned hosts list
Modify/remove a scan
Policy simulator
Endpoint compliance
Implementation
Agent overview
Dissolvable Agent
Passive Agent
Registration
Manage configurations
Add/modify configuration
Delete configuration
Copy configuration
IP ranges
Test a directory user
Administrative templates for GPO
CLI arguments
Persistent Agent
Installion for Windows
Installation for macOS
Installation for Linux
Using the Persistent Agent
Using Windows domain logon credentials
GPO settings for high availability
Persistent Agent certificate validation
Upgrade the Persistent Agent
Logging
Mobile Agent
Agent server communications
SSL certificates
DNS server configuration
Agent server discovery
Persistent Agent on Windows
Persistent Agent on macOS
Persistent Agent on Linux
Host logging for agent security
Auto-Definition updates
Send a message to group/all hosts
Role management
Configuration
Assigning roles
Roles
Add a role
Modify/delete roles
Role in use
Network device roles
Add a role
Modify/delete a role
Guest manager
Implementation
Guest/contractor templates
Visitor types
Create templates
Endpoint compliance policies for guests
Modify templates
Copy templates
Delete templates
Admin profiles
Add a guest manager profile
Add a guest kiosk profile
Add a guest self registration profile
Administrative users
Portal page setup for version 1
Portal page setup for version 2
Printer settings for guest badges
Events and alarms
Sponsors
Guest or contractor accounts
Create guest/contractor accounts
Create bulk or multiple accounts
Bulk guest import
Provide login information
Conference accounts
Guest account details
Guest/contractor login
Using a kiosk
Kiosk browser
Log into a kiosk
Account creation
Account activation
Kiosk shut down
Guest self-registration
Requesting an account
Approve or deny a request
Configure the email link
Self-registration requests
Automated Threat Response (ATR)
Implementation
Security rules
Add/modify a rule
Delete a rule
Triggers
Add a trigger
Delete a trigger
Add/modify filters
Delete a filter
Security actions
Add/modify an action
Delete an action
Add/modify activities
Delete activities
Security alarms
Security events
User view
Configure table columns and tooltips
Search and filter options
User view and search settings
User drill-down
User properties
Add/modify a user
Delete a user
Add users to groups
User group membership
Policy details
Policy simulator
Guest account details
Set user expiration date
Admin profiles and permissions
Default administrator profiles
Permissions list
Add an admin profile
Modify admin profiles
Modify admin profiles for administrator users
Delete an admin profile
Copy an admin profile
Admin profile mappings
Mappings process
Add/modify a mapping
Delete a mapping
Admin users
Add an admin user
Modify an admin user
Delete an admin user
Copy an admin user
Modify a user's admin profile
User theme
Limit admin access with groups
Set admin privileges based on directory groups
Add admin users to groups
Admin user group membership
Configure secure mode
Import and export data
Import archived data
Import hosts, users or devices
Sample import files
Import from a .csv file.csv File
Import from a previous version
Import admin users
Import IP ranges
CLI import tool
Create .csv files for device import
Import devices with the CLI tool
Import port descriptions
Export data
Topology view
Topology tree contact status
Find containers or devices
Control access
Containers
Network summary
Customer icon
Configure container for devices
Forced registration group
Control access
Rename customer icon
Container icon
Add/modify a device
Add/modify a pingable device
Add/modify the Palo Alto User-ID agent as a pingable
Control access on devices in a container
Convert all pingables to hosts
Discover devices
Discovery results
Device view
Control access on a device
Delete a device
Convert devices to hosts
Device group membership
Local management (HTTP)
Move a device to a different container
Network access/VLANs
Poll for contact status
Poll for L2 (hosts) information
Ports and hosts
Device properties
Modify multiple device properties
Pingable device properties
Resync interfaces
View role membership
Set device mapping for unknown SNMP devices
Update device mapping
Device configuration
Add/modify a device
Delete a device
Resync interfaces
Model configuration
Global model configuration
Move a device to a different container
Convert all pingables to hosts
Set CDP polling
Wired devices and 802.1X
Secure port/static port overview
Ports view
Update ports view
View connection details
Add ports to groups
Modify multiple ports
View port group membership
Remove ports from multiple groups
Port properties
Port uplink types
SSID view
SSID configuration
Modify multiple SSIDs
Hosts, adapters, and applications
USB/Thunderbolt external Ethernet adapters
Host view
Settings
Drill-down
Properties
Host health and scanning
Application inventory
Add/modify a host
Delete a host
Enable or disable hosts
Add IP phones
Add hosts to groups
Host group membership
Register a host as a device
Run the agentless scanner
Set host expiration date
Send a message to a host
Host registration and user authentication
Adapter view
View and search settings
Properties
Device identity
Enable or disable an adapter
Modify an adapter
Aging out host or user records
Application view
Device identity
Groups view
Add groups
Copy a group
Delete a group
Limit user access with groups
Modify a group
Display group membership
Show group members
Group in use
Aging hosts in a group
System groups
Customer defined groups
Admin auditing
Configuration
Accessing the auditing log
Scheduler view
Add a task
Add other scheduled tasks
Copy a task
Delete a task
Modify a task
Run task now
Event management
Enable and disable events
Event thresholds
Log events to an external log host
Examples of syslog messages
View events currently mapped to alarms
Events view
Event notes
Events and alarms list
Alarms view
Show/hide alarm details
Map events to alarms
Add or modify alarm mapping
Bulk modify alarm mappings
Delete alarm mapping
Reports view
Standard report templates
Preview standard report templates
Guest registrations report
Registrations report
Scan results report
Custom reports
Add a custom report
Preview a custom report
Modify a custom report
Remove a custom report
Schedule reports
Archived reports
Compliance reports
PCI reports
Agent versions
Guest registrations
Network device count
Network devices by type
Ports by VLAN
Daily network access by role
Historical scans
Registration failures
Host registrations
Scans by operating system
Scans by policy
Users by role
Download or run compliance report templates
Crystal reports
Configure a database password
Install and configure MySQL ODBC connector
Configure the database connection
Scan results view
Show details
Archive and clear all scans
Archive and clear selected scans
Connections view
CLI configuration
Configuration in use
Show configuration
Port based and host based configurations
Add/modify a configuration
Sample configurations
Implement configurations
Apply a port based configuration via the model configuration
Apply a host based configuration via the model configuration
Apply a CLI configuration using a role
Apply a CLI configuration using a network access policy
Apply a CLI configuration using a scheduled task
Port changes view
Requirements for ACL based configurations
Create the Cisco extended ACL
Apply the ACL to the physical interface
Poll the switch/router
High availability
Server communication
Using a shared IP Address (Layer 2)
Servers on different subnets (Layer 3)
Connectivity configuration
Primary and secondary configuration
Update software
High availability concepts
Startup
Monitor
Control sequence
Recovery
Stop the primary server
Troubleshooting tips
Determine which appliance has the shared IP
Determine appliance status
ConfirmĀ database replication
Verify license key
Configure the email link
Receive data from external devices
Send SMS messages
RESTĀ API
API URLs
Alarms
Specific alarm
Acknowledge alarm
Containers - bulk
Specific container
Control tasks
Control task items
Control task - scan by endpoint ID
Device identities
Specific device identity
Profiled devices
Specific profiled devices
Register a profiled device
Device profiling rules
Specific device profiling rule
Endpoint
Specific endpoint
Endpoints - bulk
Specific endpoint adapter
Add or update an endpoint - FORM
Add or update an dndpoint - JSON/XML
Bulk add or update endpoints - JSON/XML
Events
Specific event
Group
Specific group
Add or update a group
Delete a group
Specific network device
Network devices - bulk
Specific network port
Service
Scheduled tasks
Run a scheduled task
Specific scheduled task
Users
Add or update a user
Add or update a user - FORM
Add or update a user - JSON/XML
Vendor OUIs
Specific vendor OUI
Troubleshooting REST API
Appendix A: Scan parameters
Anti-Virus parameters - Windows
Anti-Virus parameters - macOS
Operating system parameters - Windows
Operating systems parameters - macOS
Appendix B: Portal page contents fields
Appendix C: Security event severity level mappings
