Device monitoring

The FortiGate unit can monitor your networks and gather information about the devices operating on those networks. Collected information includes:

  • MAC address
  • IP address
  • operating system
  • hostname
  • user name
  • how long ago the device was detected and on which FortiGate interface

You can go to User & Device > Device Inventory to view this information. Mouse-over the Device column for more details.

Depending on the information available, the Device column lists the Alias or the MAC address of the device. For ease in identifying devices, Fortinet recommends that you assign each device an Alias.

Device monitoring is enabled separately on each interface. Device detection is intended for devices directly connected to your LAN ports. If enabled on a WAN port, device detection may be unable to determine the operating system on some devices. Hosts whose device type cannot be determined passively can be found by enabling active scanning on the interface.

You can also manually add devices. This enables you to ensure that a device with multiple interfaces is displayed as a single device.

To configure device monitoring
  1. Go to Network > Interfaces.
  2. Edit the interface that you want to monitor devices on.
  3. In Networked Devices, turn on Device Detection and optionally turn on Active Scanning.
  4. Select OK.
  5. Repeat steps 2 through 4 for each interface that will monitor devices.
To assign an alias to a detected device or change device information
  1. Go to User & Device > Device Inventory and edit the device entry.
  2. Enter an Alias such as the user’s name to identify the device.
  3. Change other information as needed.
  4. Select OK.
To add a device manually
  1. Go to User & Device > Custom Devices & Groups.
  2. Select Create New > Device.
  3. Enter the following information:
  • Alias (required)
  • MAC address
  • Additional MACs (other interfaces of this device)
  • Device Type
  • Optionally, add the device to Custom Groups.
  • Optionally, enter Comments.
  1. Select OK.

Custom avatars for custom devices

You can upload an avatar for a custom device. The avatar is then displayed in the GUI wherever the device is listed, such as FortiView, log viewer, or policy configuration. To upload an avatar image,click Upload Image on the New Device or Edit Device page of User & Device > Custom Devices & Groups. The image can be in any format your browser supports and will be automatically sized to 36 x 36 pixels for use in the FortiGate GUI.

Device offline timeout

A device is considered offline if it has not sent any packets during the timeout period. The timeout can be set to any value from 30 to 31 536 000 seconds (365 days). The default value is 300 seconds (5 minutes). The timer is configurable in the CLI:

config system global

set device-idle-timeout 300

end