Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Monitoring currently tracked devices

To begin tracking a client device that triggered a security violation, FortiWeb generates a unique Client Device ID according to a set of its characteristics, including the time zone, source IP, operating system, browser, language, CPU, color depth, and screen size. When a Client Device ID is assigned to a device, FortiWeb also begins tracking that device's last access date and historical threat weight. It is possible to monitor each device that FortiWeb tracks in the web UI.

To manage the monitoring of currently tracked devices

Go to Monitor > Client Device Management.

Currently tracked client devices can be sorted and filtered according to the following characteristics:

(Refresh Button)

Click to update the page with any logs that have been recorded since you previously loaded the page

Delete Data Click to select a range of log data to permanently delete.
Add Filter

Click to create a filter among the following characteristics:

  • Browser Type
  • Client Device ID
  • Color Depth
  • CPU
  • Historical Threat Weight
  • Language
  • Last Access Date
  • OS Type
  • Screen Size
  • Source IP
  • Time Zone
(drag and drop column heading) Change the order in which columns are displayed.
(right-click column heading) Access settings that add or hide columns, reset to the default columns, or remove all filters.
Client Device ID The unique ID assigned to the device based on its physical characteristics when a device profile is created upon triggering a security violation.
Last Access Date The date of the most recent event triggered by the device. This is updated when:

 

  • A unique ID is assigned to the device when a device profile is created
  • FortiWeb periodically updates characteristics of the device based on its unique ID
  • The device triggers a security violation

 

Note: If the threat weight of a security violation is set to OFF, the last access date will not be updated when the device triggers that security violation.
Time Zone The time zone the device is set to at the time of the last access date.
Source IP The device's IP address at the time of the last access date.
OS Type The device's operating system at the time of the last access date.
Browser Type The browser the device used at the time of the last access date.
Language The device's language at the time of the last access date.
CPU The device's central processing unit at the time of the last access date.
Color Depth The number of bits the devices uses to indicate the color of individual pixels at the time of the last access date.
Screen Size The device's screen size at the time of the last access date.
Historical Threat Weight The sum of the threat weights of all the security violations launched by the device at the time of the last access date. This indicates the total risk of the device defined in the selected device reputation security policy.
Canvas The device's canvas fingerprinting digital token at the time of the last access date.
WebGL The device's WebGL fingerprinting digital token at the time of the last access date.

Monitoring currently tracked devices

To begin tracking a client device that triggered a security violation, FortiWeb generates a unique Client Device ID according to a set of its characteristics, including the time zone, source IP, operating system, browser, language, CPU, color depth, and screen size. When a Client Device ID is assigned to a device, FortiWeb also begins tracking that device's last access date and historical threat weight. It is possible to monitor each device that FortiWeb tracks in the web UI.

To manage the monitoring of currently tracked devices

Go to Monitor > Client Device Management.

Currently tracked client devices can be sorted and filtered according to the following characteristics:

(Refresh Button)

Click to update the page with any logs that have been recorded since you previously loaded the page

Delete Data Click to select a range of log data to permanently delete.
Add Filter

Click to create a filter among the following characteristics:

  • Browser Type
  • Client Device ID
  • Color Depth
  • CPU
  • Historical Threat Weight
  • Language
  • Last Access Date
  • OS Type
  • Screen Size
  • Source IP
  • Time Zone
(drag and drop column heading) Change the order in which columns are displayed.
(right-click column heading) Access settings that add or hide columns, reset to the default columns, or remove all filters.
Client Device ID The unique ID assigned to the device based on its physical characteristics when a device profile is created upon triggering a security violation.
Last Access Date The date of the most recent event triggered by the device. This is updated when:

 

  • A unique ID is assigned to the device when a device profile is created
  • FortiWeb periodically updates characteristics of the device based on its unique ID
  • The device triggers a security violation

 

Note: If the threat weight of a security violation is set to OFF, the last access date will not be updated when the device triggers that security violation.
Time Zone The time zone the device is set to at the time of the last access date.
Source IP The device's IP address at the time of the last access date.
OS Type The device's operating system at the time of the last access date.
Browser Type The browser the device used at the time of the last access date.
Language The device's language at the time of the last access date.
CPU The device's central processing unit at the time of the last access date.
Color Depth The number of bits the devices uses to indicate the color of individual pixels at the time of the last access date.
Screen Size The device's screen size at the time of the last access date.
Historical Threat Weight The sum of the threat weights of all the security violations launched by the device at the time of the last access date. This indicates the total risk of the device defined in the selected device reputation security policy.
Canvas The device's canvas fingerprinting digital token at the time of the last access date.
WebGL The device's WebGL fingerprinting digital token at the time of the last access date.