Fortinet white logo
Fortinet white logo

Administration Guide

Installation for Windows

Installation for Windows

When a new host connects to the network, it is directed to a special web page that allows the user to download the Persistent Agent. Once the Persistent Agent has been downloaded, it must be installed on the host.

The Persistent Agent can also be delivered as an .msi file. This allows it to be pushed automatically from Active Directory.

Install
  1. On the host, locate Persistent Agent.exe file that was downloaded. Double-click the to begin the installation process.
  2. The Welcome window displays. Click Next to continue.
  3. A progress window appears showing the status of the installation. The Installation Complete window displays.
  4. Click Finish.
  5. The Agent Icon appears in the system tray on the right.

    Several right click options are available:

    Option

    Description

    About

    Displays the agent version, copyright, and other information.

    Show
    Messages

    Displays the list of the messages sent through the Persistent Agent that have been received by the host.

    If any URLs have been sent separate from a message, a list of these are also be displayed.

    Login

    Appears when host is in isolation requiring registration or authentication. When selected, opens a login dialog.

    Log off the Network

    Appears when host is logged in and authenticated. When selected, the host is logged off the network and is placed into isolation requiring authentication.

    Show Network Access Status

    Appears when the host is isolated for remediation or being disabled. When selected, the user is sent to either the remediation page for rescan or the dead end page if disabled.

  6. The Agent automatically communicates with the FortiNAC Application Server to authenticate the user credentials.
  7. Enter User Name and Password, then click OK. The user is authenticated and registered.
Host firewall

When a host is running a Windows Firewall, the Persistent Agent automatically adds a program exception for itself to the Windows Firewall configuration. This is added to the currently active user profile, unless the "Domain" profile is active. For hosts using a different firewall you must meet the following requirements:

  • An exception for the Persistent Agent must be added to the firewall
  • UPD/TCP ports 4567 and 4568 must be available for agent communication

Installation for Windows

Installation for Windows

When a new host connects to the network, it is directed to a special web page that allows the user to download the Persistent Agent. Once the Persistent Agent has been downloaded, it must be installed on the host.

The Persistent Agent can also be delivered as an .msi file. This allows it to be pushed automatically from Active Directory.

Install
  1. On the host, locate Persistent Agent.exe file that was downloaded. Double-click the to begin the installation process.
  2. The Welcome window displays. Click Next to continue.
  3. A progress window appears showing the status of the installation. The Installation Complete window displays.
  4. Click Finish.
  5. The Agent Icon appears in the system tray on the right.

    Several right click options are available:

    Option

    Description

    About

    Displays the agent version, copyright, and other information.

    Show
    Messages

    Displays the list of the messages sent through the Persistent Agent that have been received by the host.

    If any URLs have been sent separate from a message, a list of these are also be displayed.

    Login

    Appears when host is in isolation requiring registration or authentication. When selected, opens a login dialog.

    Log off the Network

    Appears when host is logged in and authenticated. When selected, the host is logged off the network and is placed into isolation requiring authentication.

    Show Network Access Status

    Appears when the host is isolated for remediation or being disabled. When selected, the user is sent to either the remediation page for rescan or the dead end page if disabled.

  6. The Agent automatically communicates with the FortiNAC Application Server to authenticate the user credentials.
  7. Enter User Name and Password, then click OK. The user is authenticated and registered.
Host firewall

When a host is running a Windows Firewall, the Persistent Agent automatically adds a program exception for itself to the Windows Firewall configuration. This is added to the currently active user profile, unless the "Domain" profile is active. For hosts using a different firewall you must meet the following requirements:

  • An exception for the Persistent Agent must be added to the firewall
  • UPD/TCP ports 4567 and 4568 must be available for agent communication