Fortinet black logo

Administration Guide

Identification

Copy Link
Copy Doc ID 825689eb-200d-11e9-b6f6-f8bc1258b856:968689
Download PDF

Identification

Identification groups together methods of detecting and identifying rogue hosts. Options include:

Option

Definition

Device Types

Displays icons representing each device type in the system, and allows you to add, modify, and delete custom device type icons.

NAT Detection

Lists the IP ranges where FortiNAC will allow NAT'd hosts. IP addresses outside this range could be NAT'd hosts and can generate an event and an alarm to notify the network administrator.

See NAT detection.

Rogue DHCP Server Detection

Monitors approved DHCP servers operation and detects rogue DHCP servers on the network using a dedicated interface on the FortiNAC appliance. It defines a scheduled task to run and search specific VLANs and discover all active entities serving IP addresses. This task compares the discovered DHCP servers against a list of authorized DHCP servers and triggers corresponding events when there is no match.

See Rogue DHCP server detection.

Vendor OUIs

Allows you to modify the Vendor OUI database, which is used to determine whether or not a MAC address is valid or by Device Profiler to profile devices by OUI. The database is updated periodically through the Auto Definition update process.

See Vendor OUIs.

Identification

Identification groups together methods of detecting and identifying rogue hosts. Options include:

Option

Definition

Device Types

Displays icons representing each device type in the system, and allows you to add, modify, and delete custom device type icons.

NAT Detection

Lists the IP ranges where FortiNAC will allow NAT'd hosts. IP addresses outside this range could be NAT'd hosts and can generate an event and an alarm to notify the network administrator.

See NAT detection.

Rogue DHCP Server Detection

Monitors approved DHCP servers operation and detects rogue DHCP servers on the network using a dedicated interface on the FortiNAC appliance. It defines a scheduled task to run and search specific VLANs and discover all active entities serving IP addresses. This task compares the discovered DHCP servers against a list of authorized DHCP servers and triggers corresponding events when there is no match.

See Rogue DHCP server detection.

Vendor OUIs

Allows you to modify the Vendor OUI database, which is used to determine whether or not a MAC address is valid or by Device Profiler to profile devices by OUI. The database is updated periodically through the Auto Definition update process.

See Vendor OUIs.