Fortinet black logo

Administration Guide

Device profiler

Copy Link
Copy Doc ID 1ce38eeb-8119-11eb-9995-00505692583a:855329
Download PDF

Device profiler

Controls creation of rogue hosts from DHCP packets heard on the network.

Field

Definition

Create Rogues from DHCP packets

When enabled, rogues will be created from information learned from DHCP packets heard on the network. It helps to quickly learn about hosts communicating on the network, but in some network environments it can add a large number of rogues hosts from unmanaged areas of the network.

Default = true

Perform Active (NMAP) profiling without ICMP ping

When enabled, Active NMAP scans will not perform a ICMP ping of the host prior to initiating the NMAP scan. This allows networks where ICMP is blocked to still do NMAP scanning. This is disabled by default as it could be a considerable performance drain scanning a large number of uncontactable hosts.

Default = false

FortiGuard IoT Query URL

The URL for the API to which FortiNAC must connect to query IoT data from the FortiGuard IoT service. This information is used when profiling IoT devices using the Device Profiler method "FortiGuard". For a list of possible servers, click the "?" button next to the option.

Enable FortiGuard IoT Collect Service

When enabled, FortiNAC sends DHCP fingerprint information collected from IoT devices on the network to the FortiGuard IoT service. This improves the query results when profiling devices using the "FortiGuard" Device Profiler method.

FortiGuard Collect URL

The URL for the API to which FortiNAC must connect to send IoT data. For a list of possible servers, click the "?" button next to the option.

  1. Click System > Settings.
  2. Expand the User/Host Management folder.
  3. Select Device Profiler from the tree.
  4. Use the check boxes to enable or disable the desired functions.
  5. Enter into the field the desired URL for the FortiGuard IoT service. For a list of options, click to the "?" button next to the field.
  6. Click Save Settings.

Device profiler

Controls creation of rogue hosts from DHCP packets heard on the network.

Field

Definition

Create Rogues from DHCP packets

When enabled, rogues will be created from information learned from DHCP packets heard on the network. It helps to quickly learn about hosts communicating on the network, but in some network environments it can add a large number of rogues hosts from unmanaged areas of the network.

Default = true

Perform Active (NMAP) profiling without ICMP ping

When enabled, Active NMAP scans will not perform a ICMP ping of the host prior to initiating the NMAP scan. This allows networks where ICMP is blocked to still do NMAP scanning. This is disabled by default as it could be a considerable performance drain scanning a large number of uncontactable hosts.

Default = false

FortiGuard IoT Query URL

The URL for the API to which FortiNAC must connect to query IoT data from the FortiGuard IoT service. This information is used when profiling IoT devices using the Device Profiler method "FortiGuard". For a list of possible servers, click the "?" button next to the option.

Enable FortiGuard IoT Collect Service

When enabled, FortiNAC sends DHCP fingerprint information collected from IoT devices on the network to the FortiGuard IoT service. This improves the query results when profiling devices using the "FortiGuard" Device Profiler method.

FortiGuard Collect URL

The URL for the API to which FortiNAC must connect to send IoT data. For a list of possible servers, click the "?" button next to the option.

  1. Click System > Settings.
  2. Expand the User/Host Management folder.
  3. Select Device Profiler from the tree.
  4. Use the check boxes to enable or disable the desired functions.
  5. Enter into the field the desired URL for the FortiGuard IoT service. For a list of options, click to the "?" button next to the field.
  6. Click Save Settings.