Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiNAC 9.4.0 Administration Guide
    9.4.0
    9.4.0
    9.2.0
    9.1.0
    8.8.0
    8.7.0
    8.6.0
    8.5.2
    8.3.0

    Manage configurations

    Manage configurations

    The Passive Agent Configurations window displays the set of configurations you have created. Use this window to add, modify or delete configurations. Disabled configurations are ignored when users log in.

    Settings

    Field

    Definition

    Table configuration

    Rank Buttons

    Moves the selected configuration up or down in the list. If a user matches more than one configuration based on the selected directory group, the configuration with the higher rank is used. One is the highest rank.

    Enable Buttons

    Enables or disables the selected configuration. Disabled configurations are ignored when a user logs onto the network.

    Table columns

    Enabled

    A green check mark indicates that the configuration is enabled. A red circle indicates that the configuration is disabled.

    Rank

    Configuration's rank in the list of configurations. Rank controls the configuration used if a user matches more than one configuration based on the selected directory group.

    Name

    Name for the configuration.

    Register As

    Indicates whether the host will be registered based on the login name of the user as a host or based on hostname as a device.

    Applied Group

    Directory group to which this configuration will be applied. Users within this group are registered in FortiNAC and scanned based on the rules in the associated configuration.

    If this is not enabled in the configuration, the word Any is displayed, indicating that directory group is not used to select the appropriate configuration. It is recommended that such a configuration be placed at the end of the list as a catch all because it could apply to a large group of users.

    Scan

    Indicates whether scanning is enabled or disabled. When scanning is enabled, the scan can be repeated the next time the user logs in or out if the time interval shown has been exceeded.

    Scan Policy

    Scan used to evaluate the host when this configuration is applied. Either a specific scan or the scan contained in the endpoint compliance policy selected by FortiNAC based on the user/host profile.

    Add To Groups

    FortiNAC groups where hosts are added as they log in.

    Last Modified By

    User name of the last user to modify the configuration.

    Last Modified Date

    Date and time of the last modification to this configuration.

    Right click options

    Export

    Exports data to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data.

    Copy

    Copy the selected Configuration to create a new record.

    Delete

    Deletes the selected Configuration.

    Show Audit Log

    Opens the admin auditing log showing all changes made to the selected item.

    For information about the admin auditing log, see Audit Logs.

    Note

    You must have permission to view the admin auditing log. See Add an administrator profile.

    Modify

    Opens the Modify Configuration window for the selected configuration.

    IP Ranges Button

    Configures the host IP addresses that this FortiNAC server will respond to when a host logs on to or off of the network. If this is not configured, requests are accepted from all hosts.

    Test Button

    Allows you to test a single directory user, based on user name to determine which configuration would apply to that user on login or logout.

    Previous
    Next

    Manage configurations

    Manage configurations

    The Passive Agent Configurations window displays the set of configurations you have created. Use this window to add, modify or delete configurations. Disabled configurations are ignored when users log in.

    Settings

    Field

    Definition

    Table configuration

    Rank Buttons

    Moves the selected configuration up or down in the list. If a user matches more than one configuration based on the selected directory group, the configuration with the higher rank is used. One is the highest rank.

    Enable Buttons

    Enables or disables the selected configuration. Disabled configurations are ignored when a user logs onto the network.

    Table columns

    Enabled

    A green check mark indicates that the configuration is enabled. A red circle indicates that the configuration is disabled.

    Rank

    Configuration's rank in the list of configurations. Rank controls the configuration used if a user matches more than one configuration based on the selected directory group.

    Name

    Name for the configuration.

    Register As

    Indicates whether the host will be registered based on the login name of the user as a host or based on hostname as a device.

    Applied Group

    Directory group to which this configuration will be applied. Users within this group are registered in FortiNAC and scanned based on the rules in the associated configuration.

    If this is not enabled in the configuration, the word Any is displayed, indicating that directory group is not used to select the appropriate configuration. It is recommended that such a configuration be placed at the end of the list as a catch all because it could apply to a large group of users.

    Scan

    Indicates whether scanning is enabled or disabled. When scanning is enabled, the scan can be repeated the next time the user logs in or out if the time interval shown has been exceeded.

    Scan Policy

    Scan used to evaluate the host when this configuration is applied. Either a specific scan or the scan contained in the endpoint compliance policy selected by FortiNAC based on the user/host profile.

    Add To Groups

    FortiNAC groups where hosts are added as they log in.

    Last Modified By

    User name of the last user to modify the configuration.

    Last Modified Date

    Date and time of the last modification to this configuration.

    Right click options

    Export

    Exports data to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data.

    Copy

    Copy the selected Configuration to create a new record.

    Delete

    Deletes the selected Configuration.

    Show Audit Log

    Opens the admin auditing log showing all changes made to the selected item.

    For information about the admin auditing log, see Audit Logs.

    Note

    You must have permission to view the admin auditing log. See Add an administrator profile.

    Modify

    Opens the Modify Configuration window for the selected configuration.

    IP Ranges Button

    Configures the host IP addresses that this FortiNAC server will respond to when a host logs on to or off of the network. If this is not configured, requests are accepted from all hosts.

    Test Button

    Allows you to test a single directory user, based on user name to determine which configuration would apply to that user on login or logout.

    Previous
    Next