Fortinet black logo

Administration Guide

Vendor OUIs

Copy Link
Copy Doc ID 1ce38eeb-8119-11eb-9995-00505692583a:674937
Download PDF

Vendor OUIs

Use the vendor OUI database to determine whether a particular MAC is valid. As new IEEE device information becomes available, the database needs to be updated to reflect the new codes. This prevents invalid physical address errors when devices with the new MACs are connected to the network. The AutoDef Synchronization scheduled task automatically updates the vendor OUI database. See Scheduler for additional information on scheduling tasks.

You can search the vendor OUI database, and add, modify, or remove vendor OUIs. Vendor OUI Added and vendor OUI Removed events are generated when you add or remove vendor OUIs.

The vendor name appears in the Host View unless you enter a vendor OUI alias. If you use a vendor OUI alias to identify the type of device, you can quickly filter all devices with a specific alias. For example, you can manage gaming devices by adding the vendor OUI to the database with the vendor OUI alias of Gaming Device. Then you can use the Host View filter to find these records by name, change them to registered, and assign them a role without requiring the device to be assigned to a user.

Vendor OUIs are also used with the device profiler feature. Device profiling rules can use the vendor OUI to help identify rogue devices connecting the network. Depending on the instructions associated with the rule, the device can be automatically assigned a device type and be placed in the Host View, the Inventory or both. See Device profiler for additional information.

To access the vendor OUI View select System > Settings > Identification > Vendor OUIs.

Add a vendor OUI

  1. Click System > Settings.
  2. Expand the Identification folder and click Vendor OUIs.
  3. Click Add at the bottom of the window.
  4. Use the table below to enter the vendor OUI information:

    Field

    Description

    Vendor OUI

    First 3 octets of a device’s Physical Address. Enter in the hexadecimal format ##:##:## (For example, 00:1D:09)

    Vendor Name

    Name of the vendor that owns the vendor OUI.

    Vendor Alias

    Value entered displays as the host name in the Host View. This field is optional when adding a vendor OUI.

    Role

    Role for devices associated with this vendor OUI. Roles assigned by device profiler take precedence.

    If a device is registered via the Portal Page, then the role associated with the vendor OUI is applied.

    See Role management.

    Registration Type

    Type of device registration that is specified through the AutoDef Synchronization update, such as a Camera, a Card Reader or a Gaming Device. In the Add/Modify vendor Code dialog the current setting for the vendor code Registration Type is displayed. Options include Manual or a specific device type.

    Registration Type
    Override

    Used to specify a Registration Type that is different from the default supplied by the AutoDef Synchronization update. Options include Manual or a specific device type.

    Description

    User specified description of the vendor OUI.

    Last Modified By

    User name of the last user to modify the vendor OUI.

    Last Modified Date

    Date and time of the last modification to this vendor OUI.

    Right click options

    Delete

    Deletes the selected vendor OUI.

    Modify

    Opens the Modify Vendor OUI dialog.

    Show Audit Log

    Opens the admin auditing log showing all changes made to the selected item.

    For information about the admin auditing log, see Audit Logs.

    Note

    You must have permission to view the admin auditing log. See Add an administrator profile.

    Buttons

    Export

    Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data.

  5. The Description field is optional and allows you to add notes about the OUI. This field is not displayed on the vendor OUIs view.
  6. Select the Registration Type Override for the device.
  7. Click OK.

Modify a vendor OUI

  1. Click System > Settings.
  2. Expand the Identification folder and click Vendor OUIs.
  3. Search for the appropriate vendor OUI and select it. Click Modify.
  4. Edit the vendor OUI information
  5. The Description field is optional.
  6. Click OK.

Modify multiple vendor OUIs

Multiple vendor OUIs can be modified at the same time to update fields such as Role or Description.

  1. Click System > Settings.
  2. Expand the Identification folder and click Vendor OUIs.
  3. Search for the appropriate vendor OUIs. Select all of the affected vendor OUIs. If they are not part of a continuous list, hold down the CTRL key to select them.
  4. Click Modify.
  5. On the Modify dialog enable the check boxes next to the fields to be updated. Any field that is not enabled will not be affected.
  6. Modify the data in the selected fields.
  7. Click OK.

Delete a vendor OUI

  1. Click System > Settings.
  2. Expand the Identification folder and click Vendor OUIs.
  3. Search for the vendor OUI to be deleted and select it.
  4. Click Delete.
  5. A confirmation message is displayed. Click Yes to delete the OUI.

Register devices

To register devices, such as gaming devices, you must enter the vendor OUIs in the vendor OUI database. When the host connects the device to the network a rogue host record is created.

If you are using the device profiler feature, these devices may be processed by a Device Profiling Rule that registers them for you.

  1. Enter the vendor OUIs into the database.
  2. When entering the vendor OUI be sure to fill in the Vendor Alias field. This alias displays on the Host View when a device with this vendor OUI connects to the network.
  3. If this device requires a role, select a Role on the vendor OUI window. This role is only applied to devices registered manually through the Portal Page.

  4. In order to register a device you must make sure that the Registration Type Override field in the vendor OUI window is set to reflect the correct device type. For example, if this vendor OUI represents a gaming device, you would select Gaming Device from the list in this field.
  5. Once the device is connected to the network, click Users & Hosts > Hosts.
  6. Locate the record for the rogue device.
  7. Select the record. Then, right-click and select Register As Device.

Device registration after vendor OUI database update

Devices whose vendor OUIs are not in the database appear in the Host View as rogues when they connect to the network. Once you have entered the vendor OUI in the database, the information in the Host View displays the vendor OUI data as part of the rogue record. Use the vendor alias to identify the type of device, such as gaming device or security camera, for example. The vendor alias is displayed in the host name column of the Host View.

  1. Add the vendor OUI information to the database. Include the vendor alias to aid in grouping the devices.
  2. Go to Users & Hosts > Hosts and use the filter tabs or column sort features to locate the devices.
  3. Select the record(s) and change the device to Registered using the Register As Device option on the right-click menu.

Vendor OUIs

Use the vendor OUI database to determine whether a particular MAC is valid. As new IEEE device information becomes available, the database needs to be updated to reflect the new codes. This prevents invalid physical address errors when devices with the new MACs are connected to the network. The AutoDef Synchronization scheduled task automatically updates the vendor OUI database. See Scheduler for additional information on scheduling tasks.

You can search the vendor OUI database, and add, modify, or remove vendor OUIs. Vendor OUI Added and vendor OUI Removed events are generated when you add or remove vendor OUIs.

The vendor name appears in the Host View unless you enter a vendor OUI alias. If you use a vendor OUI alias to identify the type of device, you can quickly filter all devices with a specific alias. For example, you can manage gaming devices by adding the vendor OUI to the database with the vendor OUI alias of Gaming Device. Then you can use the Host View filter to find these records by name, change them to registered, and assign them a role without requiring the device to be assigned to a user.

Vendor OUIs are also used with the device profiler feature. Device profiling rules can use the vendor OUI to help identify rogue devices connecting the network. Depending on the instructions associated with the rule, the device can be automatically assigned a device type and be placed in the Host View, the Inventory or both. See Device profiler for additional information.

To access the vendor OUI View select System > Settings > Identification > Vendor OUIs.

Add a vendor OUI

  1. Click System > Settings.
  2. Expand the Identification folder and click Vendor OUIs.
  3. Click Add at the bottom of the window.
  4. Use the table below to enter the vendor OUI information:

    Field

    Description

    Vendor OUI

    First 3 octets of a device’s Physical Address. Enter in the hexadecimal format ##:##:## (For example, 00:1D:09)

    Vendor Name

    Name of the vendor that owns the vendor OUI.

    Vendor Alias

    Value entered displays as the host name in the Host View. This field is optional when adding a vendor OUI.

    Role

    Role for devices associated with this vendor OUI. Roles assigned by device profiler take precedence.

    If a device is registered via the Portal Page, then the role associated with the vendor OUI is applied.

    See Role management.

    Registration Type

    Type of device registration that is specified through the AutoDef Synchronization update, such as a Camera, a Card Reader or a Gaming Device. In the Add/Modify vendor Code dialog the current setting for the vendor code Registration Type is displayed. Options include Manual or a specific device type.

    Registration Type
    Override

    Used to specify a Registration Type that is different from the default supplied by the AutoDef Synchronization update. Options include Manual or a specific device type.

    Description

    User specified description of the vendor OUI.

    Last Modified By

    User name of the last user to modify the vendor OUI.

    Last Modified Date

    Date and time of the last modification to this vendor OUI.

    Right click options

    Delete

    Deletes the selected vendor OUI.

    Modify

    Opens the Modify Vendor OUI dialog.

    Show Audit Log

    Opens the admin auditing log showing all changes made to the selected item.

    For information about the admin auditing log, see Audit Logs.

    Note

    You must have permission to view the admin auditing log. See Add an administrator profile.

    Buttons

    Export

    Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data.

  5. The Description field is optional and allows you to add notes about the OUI. This field is not displayed on the vendor OUIs view.
  6. Select the Registration Type Override for the device.
  7. Click OK.

Modify a vendor OUI

  1. Click System > Settings.
  2. Expand the Identification folder and click Vendor OUIs.
  3. Search for the appropriate vendor OUI and select it. Click Modify.
  4. Edit the vendor OUI information
  5. The Description field is optional.
  6. Click OK.

Modify multiple vendor OUIs

Multiple vendor OUIs can be modified at the same time to update fields such as Role or Description.

  1. Click System > Settings.
  2. Expand the Identification folder and click Vendor OUIs.
  3. Search for the appropriate vendor OUIs. Select all of the affected vendor OUIs. If they are not part of a continuous list, hold down the CTRL key to select them.
  4. Click Modify.
  5. On the Modify dialog enable the check boxes next to the fields to be updated. Any field that is not enabled will not be affected.
  6. Modify the data in the selected fields.
  7. Click OK.

Delete a vendor OUI

  1. Click System > Settings.
  2. Expand the Identification folder and click Vendor OUIs.
  3. Search for the vendor OUI to be deleted and select it.
  4. Click Delete.
  5. A confirmation message is displayed. Click Yes to delete the OUI.

Register devices

To register devices, such as gaming devices, you must enter the vendor OUIs in the vendor OUI database. When the host connects the device to the network a rogue host record is created.

If you are using the device profiler feature, these devices may be processed by a Device Profiling Rule that registers them for you.

  1. Enter the vendor OUIs into the database.
  2. When entering the vendor OUI be sure to fill in the Vendor Alias field. This alias displays on the Host View when a device with this vendor OUI connects to the network.
  3. If this device requires a role, select a Role on the vendor OUI window. This role is only applied to devices registered manually through the Portal Page.

  4. In order to register a device you must make sure that the Registration Type Override field in the vendor OUI window is set to reflect the correct device type. For example, if this vendor OUI represents a gaming device, you would select Gaming Device from the list in this field.
  5. Once the device is connected to the network, click Users & Hosts > Hosts.
  6. Locate the record for the rogue device.
  7. Select the record. Then, right-click and select Register As Device.

Device registration after vendor OUI database update

Devices whose vendor OUIs are not in the database appear in the Host View as rogues when they connect to the network. Once you have entered the vendor OUI in the database, the information in the Host View displays the vendor OUI data as part of the rogue record. Use the vendor alias to identify the type of device, such as gaming device or security camera, for example. The vendor alias is displayed in the host name column of the Host View.

  1. Add the vendor OUI information to the database. Include the vendor alias to aid in grouping the devices.
  2. Go to Users & Hosts > Hosts and use the filter tabs or column sort features to locate the devices.
  3. Select the record(s) and change the device to Registered using the Register As Device option on the right-click menu.