Endpoint compliance configurations
Endpoint compliance configurations define agent and scan parameters for hosts and users. Hosts can be required to download an agent and undergo a scan, permitted access with no scan or denied access. The endpoint compliance configuration that is used for a particular host is determined by the pairing of an endpoint compliance configuration and a user/host profile within an endpoint compliance policy.
When a host is evaluated, the host, user and connection location are compared to each endpoint compliance policy starting with the first policy in the list. When a policy is found where the host and user data and the connection location match the user/host profile in the policy, that policy is assigned. The endpoint compliance configuration contained within that policy determines the security treatment received by the host.
Settings
An empty field in a column indicates that the option has not been set.
Field |
Definition |
||
---|---|---|---|
Name |
User defined name for the Configuration. |
||
Scan |
Name of the scan used to evaluate a connecting host. |
||
Note |
User specified note field. This field may contain notes regarding the conversion from a previous version of FortiNAC. |
||
Collect Applications |
If enabled, the agent assigned to the host will collect information about installed applications and add that information to the host record. An application inventory cannot be generated for a hosts unless an agent is in use. |
||
Last Modified By |
User name of the last user to modify the record. |
||
Last Modified Date |
Date and time of the last modification to this configuration. |
||
Agent - OS |
An Agent column is displayed for each operating system supported. The column contains the agent that will be used or treatment that applies to hosts with that operating system when the scan is applied. Some operating systems do not have agents and those hosts can only be allowed or denied access to the network. See Add or modify a configuration for information on the agent options for each operating system. |
||
Right click options |
|||
Delete |
Deletes the selected endpoint compliance configuration. |
||
In Use |
Indicates whether or not the selected configuration is currently being used by any other FortiNAC element. See Configurations in use. |
||
Modify |
Opens the Modify Endpoint Configuration window for the selected configuration. |
||
Show Audit Log |
Opens the admin auditing log showing all changes made to the selected item. For information about the admin auditing log, see Admin auditing
|
||
Buttons |
|||
Export |
Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data. |