Fortinet black logo

Control Manager

Add/modify a user or host profile

Copy Link
Copy Doc ID c0e495af-7299-11e9-81a4-00505692583a:207910
Download PDF

Add/modify a user or host profile

You are not required to complete all of the fields when creating a User/Host Profile. If you leave a field blank, it is set to Any or is left blank. When set to Any or blank, the field is a match for all hosts or users. You can create a profile with only location, only a group, only an attribute filter, only a time range or any combination of those options.

  1. Select Policy > Policy Configuration.

  2. In the menu on the left, User/Host Profiles should be selected.

  3. Click the Add button or select an existing Profile and click Modify.

  4. Click in the Name field and enter a name for this Profile.

  5. Click the Select button next to the Where (Location) field. This opens the Select Location window.

    Choose one or more device, port, or SSID groups by clicking on the names in the All Groups column and clicking the right arrow to move them to the Selected Groups column.

    In the Select Location window, you can click Add Group to create a group, or click Modify Group to modify the selected group.

    Click OK to continue.

  6. Click the Select button next to the Who/What by Group field. This opens the Select Groups window.

    Choose one or more Host, User, or Administrator groups by clicking on the names in the All Groups column and clicking the right arrow to move them to the Selected Groups column.

    In the Select Groups window, you can click Add Group to create a group, or click Modify Group to modify the selected group.

    Click OK to continue.

  7. To add a filter, click the Add button next to the Who/What by Attribute field. These filters narrow the number of hosts to which this Profile applies.

    The Adapter, Host, User, Application Filter window displays allowing you to select one or more pieces of data to use as a filter. See Host view and search field definitions, Adapter view and search field definitions, User view and search field definitions, and Application view for detailed descriptions of the fields on the Filter window.

  8. Click in the drop-down menu next to the When field. Select either Always or select Specify Time. Always indicates that there is no time criteria to match this Profile. Specify Time allows you to choose days and times to be used as criteria for connecting hosts. Hosts must connect to the network during the selected times to match this profile.

  9. To specify a time, select Specify Time in the drop-down to display the Specify Time dialog.

    In the Time Range section enter the From and To times for the time of day that devices should be able to access the network.

    In the Days of the Week section select the days during which these devices should be allowed to access the network.

    Click OK.

  10. Click OK to save your data.

Add/modify a user or host profile

You are not required to complete all of the fields when creating a User/Host Profile. If you leave a field blank, it is set to Any or is left blank. When set to Any or blank, the field is a match for all hosts or users. You can create a profile with only location, only a group, only an attribute filter, only a time range or any combination of those options.

  1. Select Policy > Policy Configuration.

  2. In the menu on the left, User/Host Profiles should be selected.

  3. Click the Add button or select an existing Profile and click Modify.

  4. Click in the Name field and enter a name for this Profile.

  5. Click the Select button next to the Where (Location) field. This opens the Select Location window.

    Choose one or more device, port, or SSID groups by clicking on the names in the All Groups column and clicking the right arrow to move them to the Selected Groups column.

    In the Select Location window, you can click Add Group to create a group, or click Modify Group to modify the selected group.

    Click OK to continue.

  6. Click the Select button next to the Who/What by Group field. This opens the Select Groups window.

    Choose one or more Host, User, or Administrator groups by clicking on the names in the All Groups column and clicking the right arrow to move them to the Selected Groups column.

    In the Select Groups window, you can click Add Group to create a group, or click Modify Group to modify the selected group.

    Click OK to continue.

  7. To add a filter, click the Add button next to the Who/What by Attribute field. These filters narrow the number of hosts to which this Profile applies.

    The Adapter, Host, User, Application Filter window displays allowing you to select one or more pieces of data to use as a filter. See Host view and search field definitions, Adapter view and search field definitions, User view and search field definitions, and Application view for detailed descriptions of the fields on the Filter window.

  8. Click in the drop-down menu next to the When field. Select either Always or select Specify Time. Always indicates that there is no time criteria to match this Profile. Specify Time allows you to choose days and times to be used as criteria for connecting hosts. Hosts must connect to the network during the selected times to match this profile.

  9. To specify a time, select Specify Time in the drop-down to display the Specify Time dialog.

    In the Time Range section enter the From and To times for the time of day that devices should be able to access the network.

    In the Days of the Week section select the days during which these devices should be allowed to access the network.

    Click OK.

  10. Click OK to save your data.