Fortinet black logo

Administration Guide

Profiled devices

Copy Link
Copy Doc ID 825689eb-200d-11e9-b6f6-f8bc1258b856:412567
Download PDF

Profiled devices

The Profiled Devices view displays a list of devices that have been profiled using the Device Profiling Rules. Based on how closely each device matched a rule it was given a device type and placed either in the Topology View, the Host View or both. Devices placed in the Topology View do not display on the Profiled Devices tab. Devices placed in the Host View are shown on the Profiled Devices tab. When a device is registered and it has an associated user, it is removed from the Profiled Devices tab and displays only in the Host View.

Administrators and administrative users with a Device manager Admin Profile can access this list of devices. Device managers can only see those devices that match rules listed in the Device manager's profile.

Note

Only Administrative Users with additional permissions have access to the Views column, the Rule Settings, Confirm Rule and Details buttons on the Profiled Devices View. See Permissions list for additional information.

Entries in this window are devices that require network services. Typically they include things such as mobile devices, gaming devices or PCs. They are considered hosts on the network. Only those devices associated with a Device Profiling Rule are displayed.

Note

New devices are not displayed in Profiled Devices unless you click the Refresh button or close and reopen the tab.

Devices identified by a Device Profiling rule maintain their association with that rule. If rule confirmation is enabled, the associated rule and the device are checked periodically to see if the rule is still valid for the device. Rule confirmation can be enabled for a rule, which affects all devices associated with the rule, or it can be enabled for individual devices.

Settings

Field

Definition

Rogue Evaluation Queue Size

Indicates the number of Rogues waiting to be processed by the Device Profiling Rules. The queue is filled by Rogues as they connect to the network. If the Run button on the Device Profiling Rules window is clicked, any rogues that were not previously categorized are added to the queue immediately. This number will move up and down as the system processes rogues.

Name

Name of the user associated with this device or the name of the manufacturer.

For example, if a PC connects and has no associated user, you may see DELL, INC. in the name field. If the device is registered, but has no associated user the name field may be blank.

Devices that are registered and have an associated user display in the Host View but are removed from the Profiled Devices tab.

Rule Name

Name of the Device Profiling Rule that was a match for this device.

Type

Icon that represents the type of host, such as Mobile Device or Gaming System. This field is populated by the Device Profiling Rule. Device type can also be assigned by Vendor OUI, however, the type in the Device Profiling Rule takes precedence.

If this host is associated with a user, a host status icon is displayed. See Icons

Role

Role assigned to this host by the Device Profiling Rule. Roles can also be assigned by Vendor OUI, however, the role in the Device Profiling rule takes precedence.

IP Address

IP address of the device.

Physical Address

MAC address of the device.

Location

Location where the device connected to the network.

Notes

Indicates whether or not there are notes for this device.

Registered

Indicates whether or not the device is registered.

Views

Displays icons for the FortiNAC views that can be accessed for this device. Click an icon to go to the view.

Possible views include: Adapter, Group Membership, Port Properties and Device Properties.

Confirm Rule On
Connect

If enabled, Device Profiler confirms that previously profiled devices still match their associated rule the next time they connect to the network. A green check mark indicates that the option is enabled. A red circle indicates that the option is disabled.

Confirm Rule Interval

If enabled, displays the interval used to confirm device rules, such as, 2 Days. Indicates that Device Profiler will confirm that the associated rule matches the device every two days.

Last Confirmation Time

If Rule Confirmation is enabled, this column displays the last time this device had its associated rule confirmed.

Confirmation Failure Action

If Rule Confirmation is enabled, this column indicates the action to be taken if a device no longer matches its associated rule. Options are Disable Device or None.

Export

Exports data to a file in the default downloads location. File types include CSV, Excel, PDF or RTF. See Export data.

Right click options

Register As Device

Registers selected devices. If the device is not associated with a user, the name is blank or displays as ROGUE, ROGUE. If the device is associated with a user, it is removed from the Profiled Devices tab and displays in the Host View.

Delete

Deletes selected devices from the database. This deletes the hosts from both the Profiled Devices window and the Host View.

Rule Settings

Changes rule confirmation settings for the selected device.

Confirm Rule

Runs the rule confirmation process for the selected device. If the device does not match the rule an event is generated. See Device profiler events and alarms. The device must be online in order to confirm the associated rule.

Details

Allows you to modify the role of a single device. Only available for Administrators users.

Notes

Opens the Notes window for the selected device. Allows you to add a note and view previous notes. Notes include the date and time they were created.

Enable

Enables the selected device.

Disable

Disables the selected device.

Export profiled devices

This option on the Profiled Devices tab allows you to export the device data displayed in the tab.

  1. Click Hosts > Profiled Devices.
  2. A list of devices is displayed.
  3. At the bottom of the window in the Export to: section select the file format for the export file.
  4. Either save or open the file created.

Profiled devices

The Profiled Devices view displays a list of devices that have been profiled using the Device Profiling Rules. Based on how closely each device matched a rule it was given a device type and placed either in the Topology View, the Host View or both. Devices placed in the Topology View do not display on the Profiled Devices tab. Devices placed in the Host View are shown on the Profiled Devices tab. When a device is registered and it has an associated user, it is removed from the Profiled Devices tab and displays only in the Host View.

Administrators and administrative users with a Device manager Admin Profile can access this list of devices. Device managers can only see those devices that match rules listed in the Device manager's profile.

Note

Only Administrative Users with additional permissions have access to the Views column, the Rule Settings, Confirm Rule and Details buttons on the Profiled Devices View. See Permissions list for additional information.

Entries in this window are devices that require network services. Typically they include things such as mobile devices, gaming devices or PCs. They are considered hosts on the network. Only those devices associated with a Device Profiling Rule are displayed.

Note

New devices are not displayed in Profiled Devices unless you click the Refresh button or close and reopen the tab.

Devices identified by a Device Profiling rule maintain their association with that rule. If rule confirmation is enabled, the associated rule and the device are checked periodically to see if the rule is still valid for the device. Rule confirmation can be enabled for a rule, which affects all devices associated with the rule, or it can be enabled for individual devices.

Settings

Field

Definition

Rogue Evaluation Queue Size

Indicates the number of Rogues waiting to be processed by the Device Profiling Rules. The queue is filled by Rogues as they connect to the network. If the Run button on the Device Profiling Rules window is clicked, any rogues that were not previously categorized are added to the queue immediately. This number will move up and down as the system processes rogues.

Name

Name of the user associated with this device or the name of the manufacturer.

For example, if a PC connects and has no associated user, you may see DELL, INC. in the name field. If the device is registered, but has no associated user the name field may be blank.

Devices that are registered and have an associated user display in the Host View but are removed from the Profiled Devices tab.

Rule Name

Name of the Device Profiling Rule that was a match for this device.

Type

Icon that represents the type of host, such as Mobile Device or Gaming System. This field is populated by the Device Profiling Rule. Device type can also be assigned by Vendor OUI, however, the type in the Device Profiling Rule takes precedence.

If this host is associated with a user, a host status icon is displayed. See Icons

Role

Role assigned to this host by the Device Profiling Rule. Roles can also be assigned by Vendor OUI, however, the role in the Device Profiling rule takes precedence.

IP Address

IP address of the device.

Physical Address

MAC address of the device.

Location

Location where the device connected to the network.

Notes

Indicates whether or not there are notes for this device.

Registered

Indicates whether or not the device is registered.

Views

Displays icons for the FortiNAC views that can be accessed for this device. Click an icon to go to the view.

Possible views include: Adapter, Group Membership, Port Properties and Device Properties.

Confirm Rule On
Connect

If enabled, Device Profiler confirms that previously profiled devices still match their associated rule the next time they connect to the network. A green check mark indicates that the option is enabled. A red circle indicates that the option is disabled.

Confirm Rule Interval

If enabled, displays the interval used to confirm device rules, such as, 2 Days. Indicates that Device Profiler will confirm that the associated rule matches the device every two days.

Last Confirmation Time

If Rule Confirmation is enabled, this column displays the last time this device had its associated rule confirmed.

Confirmation Failure Action

If Rule Confirmation is enabled, this column indicates the action to be taken if a device no longer matches its associated rule. Options are Disable Device or None.

Export

Exports data to a file in the default downloads location. File types include CSV, Excel, PDF or RTF. See Export data.

Right click options

Register As Device

Registers selected devices. If the device is not associated with a user, the name is blank or displays as ROGUE, ROGUE. If the device is associated with a user, it is removed from the Profiled Devices tab and displays in the Host View.

Delete

Deletes selected devices from the database. This deletes the hosts from both the Profiled Devices window and the Host View.

Rule Settings

Changes rule confirmation settings for the selected device.

Confirm Rule

Runs the rule confirmation process for the selected device. If the device does not match the rule an event is generated. See Device profiler events and alarms. The device must be online in order to confirm the associated rule.

Details

Allows you to modify the role of a single device. Only available for Administrators users.

Notes

Opens the Notes window for the selected device. Allows you to add a note and view previous notes. Notes include the date and time they were created.

Enable

Enables the selected device.

Disable

Disables the selected device.

Export profiled devices

This option on the Profiled Devices tab allows you to export the device data displayed in the tab.

  1. Click Hosts > Profiled Devices.
  2. A list of devices is displayed.
  3. At the bottom of the window in the Export to: section select the file format for the export file.
  4. Either save or open the file created.