Fortinet black logo

Administration Guide

Host inventory

Copy Link
Copy Doc ID 1ce38eeb-8119-11eb-9995-00505692583a:297569
Download PDF

Host inventory

Host inventory provides a way for end-users to manage which of their hosts are registered on the network without requiring assistance from an administrator. This is useful when there is a limit on the number of hosts that each user can have simultaneously registered.

The host inventory is an alternate success page. After authentication, if the user's device is already registered and doesn't require remediation they are brought to the host inventory.

Implementation

After the end user is registered and successfully authenticated, the portal advances to the host inventory page, where other hosts can be registered and/or existing registered hosts can be deleted.

The registration is conceptually similar to the gaming registration portal pages, but host inventory is not restricted to Vendor OUIs which are identified as gaming. Any host of any valid vendor OUI can be registered. There is also a control setting that even allows non-valid vendor OUIs to be registered.

In order to register a host using host inventory, the host must be online. This is to ensure that the host does not match an endpoint compliance policy that requires an agent. If the host matches an endpoint compliance policy, the host cannot be registered using the host inventory portal page.

If your policies are configured to bypass the agent, the hosts cannot register in host inventory. As long as FortiNAC supports an agent for the particular operating system, host inventory will identify the host as requiring an agent, independent of whether the host (and user) would match a policy that has the endpoint compliance policy set to None-Bypass.

Configuration

  1. Click System > Portal Configuration.
  2. Expand Global and click Settings.
  3. Select Host Inventory from the Success Page Type drop-down list.

To configure the content that is displayed in the page and the messages that convey the status, use the options under the "Host Inventory" category in the Content Editor of the Portal Configuration. The controls for which capabilities to make available (Register Host, Delete Host, Require Valid Vendor OUI and Show Registration Counts) as well as other settings (for example, the Host Role to use) are also configured under "Host Inventory."

Accessing the host inventory portal page

To access the host inventory pages from a host that's already registered, navigate to this URL in a browser window:

https://<IP or hostname of FortiNAC appliance>/registration/DeviceInventory.jsp

Host inventory

Host inventory provides a way for end-users to manage which of their hosts are registered on the network without requiring assistance from an administrator. This is useful when there is a limit on the number of hosts that each user can have simultaneously registered.

The host inventory is an alternate success page. After authentication, if the user's device is already registered and doesn't require remediation they are brought to the host inventory.

Implementation

After the end user is registered and successfully authenticated, the portal advances to the host inventory page, where other hosts can be registered and/or existing registered hosts can be deleted.

The registration is conceptually similar to the gaming registration portal pages, but host inventory is not restricted to Vendor OUIs which are identified as gaming. Any host of any valid vendor OUI can be registered. There is also a control setting that even allows non-valid vendor OUIs to be registered.

In order to register a host using host inventory, the host must be online. This is to ensure that the host does not match an endpoint compliance policy that requires an agent. If the host matches an endpoint compliance policy, the host cannot be registered using the host inventory portal page.

If your policies are configured to bypass the agent, the hosts cannot register in host inventory. As long as FortiNAC supports an agent for the particular operating system, host inventory will identify the host as requiring an agent, independent of whether the host (and user) would match a policy that has the endpoint compliance policy set to None-Bypass.

Configuration

  1. Click System > Portal Configuration.
  2. Expand Global and click Settings.
  3. Select Host Inventory from the Success Page Type drop-down list.

To configure the content that is displayed in the page and the messages that convey the status, use the options under the "Host Inventory" category in the Content Editor of the Portal Configuration. The controls for which capabilities to make available (Register Host, Delete Host, Require Valid Vendor OUI and Show Registration Counts) as well as other settings (for example, the Host Role to use) are also configured under "Host Inventory."

Accessing the host inventory portal page

To access the host inventory pages from a host that's already registered, navigate to this URL in a browser window:

https://<IP or hostname of FortiNAC appliance>/registration/DeviceInventory.jsp