Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiNAC 9.4.0 Administration Guide
    9.4.0
    9.4.0
    9.2.0
    9.1.0
    8.8.0
    8.7.0
    8.6.0
    8.5.2
    8.3.0

    System communication

    System communication

    System Communication groups together features that allow FortiNAC to communicate with other devices or to send email and SMS messages to administrators and network users.

    Receive data from external devices

    FortiNAC can be configured to receive data or messages from other devices on the network, such as an IPS/IDS device. FortiNAC can accept data from a trap or Syslog message to add records to the database or trigger events and alarms. If events and alarms are triggered, alarms can be configured to take action on hosts or users and notify administrators via e-mail or SMS messages.

    There are several options that can be used to leverage data from other devices. Each of these options is independent of all of the others. They can be used simultaneously but they do not work together.

    Syslog management

    The Syslog Management feature in FortiNAC allows you to create specific configurations used to parse inbound syslog messages. Supported message formats include CSV, TAG/VALUE and CEF. New events and alarms are automatically created for each syslog configuration you create. When an inbound message is received, FortiNAC can react based on the event and alarm generated. See Syslog files.

    Trap MIB

    The Trap MIB feature allows you to configure FortiNAC to receive SNMPv1 and SNMPv2 traps from external devices that contain information about the connecting host. New events and alarms are created for these configurations and they display based on the OID of the sending device. When a trap is received FortiNAC can react based on the event and alarm generated. See Trap MIB files.

    SNMPv3

    SNMPv3 traps can be leveraged to populate the FortiNAC database with hosts and users as they connect to the network. When a trap is received from an external device, host and user records are added, modified or removed in the database. Events and alarms associated with these traps can be used to notify administrators or take actions on connecting hosts and users.

    MDM services

    MDM Services allows you to configure communication with one or more Mobile Device Management servers. Based on the information received from the MDM server you can take action on hosts, such as disabling them. See MDM services.

    Option

    Definition

    Addresses

    Configure a list of address and address group objects used in SSO and VPN configuration. See Addresses

    Email Settings

    Enter settings for your email server. This allows FortiNAC to send email to Administrators and network users.

    See Email settings.

    Log Receivers

    Configure a list of servers that to receive event and alarm messages from FortiNAC.

    See Log receivers.

    MDM Services

    Configure one or more Mobile Device Management (MDM) servers that integrate with FortiNAC.

    See MDM services.

    Mobile Providers

    Displays the default set of Mobile Providers included in the database. FortiNAC uses the Mobile Providers list to send SMS messages to guests and administrators . The list can be modified as needed.

    See Mobile providers.

    Patch Management

    The Patch Management feature allows integration with Patch servers such as BigFix or PatchLink.

    See Patch management.

    Proxy Settings

    Configure FortiNAC to direct web traffic to a proxy server in order to download OS updates and auto-definition updates.

    SNMP

    Set the SNMP protocol for devices that query FortiNAC for information. It is also used to set the SNMP protocol to accept SNMPv3 traps that register hosts and users.

    See SNMP.

    Syslog Files

    Syslog Files that you create and store are used by FortiNAC to parse the information received from these external devices and generate an event. The event can contain any or all of the fields contained in the syslog output and can be mapped to an Alarm and an Alarm action.

    See Syslog files and Map events to alarms.

    Security Event Parsers

    Customize parsing of syslog messages for generating security events.

    See Security event parsers

    Trap MIB Files

    Enter configurations to interpret SNMP trap MIB information sent from a device and associate it with events and alarms in FortiNAC.

    See Trap MIB files and Map events to alarms.

    Threat Analysis Engines

    Configure Threat Analysis Engines to be used when applications are submitted via an agent to FortiNAC.

    Vulnerability Scanners

    Configure and manage the connection to a vulnerability scanner, allowing FortiNAC to request and process scan results.

    See Vulnerability scanner.
    Security Fabric Connector

    Provides the ability to register FortiNAC in the Security Fabric Tree. Once registered, FortiNAC is visible in the Security Fabric Topology view on FortiOS products.

    See Security Fabric Connection
    Previous
    Next

    System communication

    System communication

    System Communication groups together features that allow FortiNAC to communicate with other devices or to send email and SMS messages to administrators and network users.

    Receive data from external devices

    FortiNAC can be configured to receive data or messages from other devices on the network, such as an IPS/IDS device. FortiNAC can accept data from a trap or Syslog message to add records to the database or trigger events and alarms. If events and alarms are triggered, alarms can be configured to take action on hosts or users and notify administrators via e-mail or SMS messages.

    There are several options that can be used to leverage data from other devices. Each of these options is independent of all of the others. They can be used simultaneously but they do not work together.

    Syslog management

    The Syslog Management feature in FortiNAC allows you to create specific configurations used to parse inbound syslog messages. Supported message formats include CSV, TAG/VALUE and CEF. New events and alarms are automatically created for each syslog configuration you create. When an inbound message is received, FortiNAC can react based on the event and alarm generated. See Syslog files.

    Trap MIB

    The Trap MIB feature allows you to configure FortiNAC to receive SNMPv1 and SNMPv2 traps from external devices that contain information about the connecting host. New events and alarms are created for these configurations and they display based on the OID of the sending device. When a trap is received FortiNAC can react based on the event and alarm generated. See Trap MIB files.

    SNMPv3

    SNMPv3 traps can be leveraged to populate the FortiNAC database with hosts and users as they connect to the network. When a trap is received from an external device, host and user records are added, modified or removed in the database. Events and alarms associated with these traps can be used to notify administrators or take actions on connecting hosts and users.

    MDM services

    MDM Services allows you to configure communication with one or more Mobile Device Management servers. Based on the information received from the MDM server you can take action on hosts, such as disabling them. See MDM services.

    Option

    Definition

    Addresses

    Configure a list of address and address group objects used in SSO and VPN configuration. See Addresses

    Email Settings

    Enter settings for your email server. This allows FortiNAC to send email to Administrators and network users.

    See Email settings.

    Log Receivers

    Configure a list of servers that to receive event and alarm messages from FortiNAC.

    See Log receivers.

    MDM Services

    Configure one or more Mobile Device Management (MDM) servers that integrate with FortiNAC.

    See MDM services.

    Mobile Providers

    Displays the default set of Mobile Providers included in the database. FortiNAC uses the Mobile Providers list to send SMS messages to guests and administrators . The list can be modified as needed.

    See Mobile providers.

    Patch Management

    The Patch Management feature allows integration with Patch servers such as BigFix or PatchLink.

    See Patch management.

    Proxy Settings

    Configure FortiNAC to direct web traffic to a proxy server in order to download OS updates and auto-definition updates.

    SNMP

    Set the SNMP protocol for devices that query FortiNAC for information. It is also used to set the SNMP protocol to accept SNMPv3 traps that register hosts and users.

    See SNMP.

    Syslog Files

    Syslog Files that you create and store are used by FortiNAC to parse the information received from these external devices and generate an event. The event can contain any or all of the fields contained in the syslog output and can be mapped to an Alarm and an Alarm action.

    See Syslog files and Map events to alarms.

    Security Event Parsers

    Customize parsing of syslog messages for generating security events.

    See Security event parsers

    Trap MIB Files

    Enter configurations to interpret SNMP trap MIB information sent from a device and associate it with events and alarms in FortiNAC.

    See Trap MIB files and Map events to alarms.

    Threat Analysis Engines

    Configure Threat Analysis Engines to be used when applications are submitted via an agent to FortiNAC.

    Vulnerability Scanners

    Configure and manage the connection to a vulnerability scanner, allowing FortiNAC to request and process scan results.

    See Vulnerability scanner.
    Security Fabric Connector

    Provides the ability to register FortiNAC in the Security Fabric Tree. Once registered, FortiNAC is visible in the Security Fabric Topology view on FortiOS products.

    See Security Fabric Connection
    Previous
    Next