FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff
Article Id 197420
Description
The below methods update Host Name and Operating System (OS) information in order to provide enhanced endpoint visibility.  Host record information can be viewed by navigating to Hosts > Host View in the Administration UI. 


Rogue Hosts
  • DHCP Fingerprint:   When a DHCP packet (discover, request or inform) is heard on the network, OS and host name information is updated for the existing rogue record.  If the host record does not already exist, it is created (regardless of online status).  Note the following:
    • In order to listen for DHCP Fingerprints, IP Address Helpers for production networks must be configured to point at the eth0 interface of the Server/ Application Server.
    • Not all DHCP fingerprints provide host name.
    • OS is not always able to be determined for all DHCP packets.  The device’s DHCP fingerprint may be unknown or too similar to other devices to name an OS.
    • Learned fingerprint information can be viewed in the Administration UI under Hosts > Device Identity.
  • FortiGate firewall sessions (Version 8.6.2 and above):  When a firewall session is read from a modeled FortiGate, OS and host name information is updated for the existing rogue record.  If the host record does not already exist, it is created (regardless of online status).  Note the following:
    • FortiGate must be modeled in Topology and Firewall session polling enabled.
    • Learned session information can be viewed in the Administration UI under Hosts > FortiGate Sessions
    • For more information, see sections FortiGate Sessions and Firewall session polling in the Administration Guide in the Fortinet Document Library.


Registered Hosts

Agent:  Dissolvable or Persistent Agent needs to be installed on the end station in order to update information.  Registered host records will not be updated from information obtained from DHCP Fingerprints or firewall sessions.



Solution


Contributors