Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Persistent Agent Deployment and Configuration

    Home FortiNAC 9.4.0 Persistent Agent Deployment and Configuration
    9.4.0
    9.4.0
    9.2.0
    9.1.0
    8.8.0
    8.7.0
    8.6.0
    8.5.0
    8.3.0

    How it Works

    How it Works

    In order to utilize the Persistent Agent, it must be installed on the end machine. Once the agent is installed and its service is started, the agent will attempt to communicate with FortiNAC. The general process the Persistent Agent uses to communicate is as follows:

    1. Identify the name of the FortiNAC Agent Server with which the agent should communicate. This information can be provided to the agent in two ways:

      • Persistent Agent settings configured via…

        • Software distribution

        • Last successful communication with FortiNAC

      • Discovery process - lookup for DNS SRV records from…

        • Production DNS server

        • FortiNAC Captive Portal

          Agent 5.3 and greater: Option available to disable SRV lookups (are enabled by default)

    2. Attempt to establish communication to the server over SSL/TLS using TCP port 4568 (requires SSL certificates installed on FortiNAC).

    3. Once SSL/TLS communication is established, the agent uses TCP port 4568 for most all other agent/server communication. See Persistent Agent Server Discovery Process in the Appendix for port and version information.

    Previous
    Next

    How it Works

    How it Works

    In order to utilize the Persistent Agent, it must be installed on the end machine. Once the agent is installed and its service is started, the agent will attempt to communicate with FortiNAC. The general process the Persistent Agent uses to communicate is as follows:

    1. Identify the name of the FortiNAC Agent Server with which the agent should communicate. This information can be provided to the agent in two ways:

      • Persistent Agent settings configured via…

        • Software distribution

        • Last successful communication with FortiNAC

      • Discovery process - lookup for DNS SRV records from…

        • Production DNS server

        • FortiNAC Captive Portal

          Agent 5.3 and greater: Option available to disable SRV lookups (are enabled by default)

    2. Attempt to establish communication to the server over SSL/TLS using TCP port 4568 (requires SSL certificates installed on FortiNAC).

    3. Once SSL/TLS communication is established, the agent uses TCP port 4568 for most all other agent/server communication. See Persistent Agent Server Discovery Process in the Appendix for port and version information.

    Previous
    Next