SlideShare a Scribd company logo

Device identity

Download as PPTX, PDF
Lan & Wan Solutions
Lan & Wan Solutions

Device Identity

Software
1 of 12
© Copyright Fortinet Inc. All rights reserved. Inside FortiOS Device Identity Versione 5.2.4 – Mar 2015 Lan & Wan Solutions – Soluzioni Informatiche per Reti Locali e Geografiche
2 FortiOS Features
3 Overview Device Identity Device Identification  Device & OS Fingerprinting  Device Classification & Management  Contextual Device Information Device Based Policies  Policies using Device/Device Group  Identify device type to add into contextual information for better visibility  Enforce policies based on device types or devices  Allow organization to embrace BYOD environment securely Device Group List
4 Overview Securing BYOD environment  Identifying device/device types to apply appropriate policy enforcements  Additional control beyond traditional Windows AD environment Device Identity Identity Policies Device Identification Access Control Security Application UTM Profiles Awareness Agentless Agent based
5 Identification Techniques  Agentless » TCP Fingerprinting » MAC address vendor codes » Network discovery protocols, DHCPv6 etc » Requires “direct” connectivity to FortiGate  Agent Based » Uses FortiClient » Location & Infrastructure Independent Device Identification Device Identity INTERNETDMZ FC FC Agentless with Agent
6 • Based on regularly updated device/OS signatures and MAC address vendor lists DB • Automatic detection & categorization into predefined device groups • Enabled per Device- based Policy • Force detect device by HTTP communication (HTTP User-Agent) • Email collection/ Endpoint compliance portal • Agent captures systems information and relay to FortiGate, 100% Accurate • Allow device identification on remote networks TCP Fingerprinting, Network Discovery & MAC Address Vendor Code Captive Portal Endpoint Agent Device Identification Device Identity
7 Additional device information detection  Hostname: Internal DHCP server, traffic scan  Email address: Email collection Captive portal  Username: Authentication services or “device-user-identification enable” which extracts info via traffic scanning (enable default) Device Identification Device Identity
8 Device Detection  A webpage that should let the user send some traffic in order to detect the device type  No replacement message when successful, user have to reload the webpage  If failed, a replacement message will be present Email Collection  Collect an email address as a means of identifying the device user  When the email address has been verified, the device is added to the Collected Emails device group Endpoint Compliance  Acts as a quarantine for devices that are not protected by FortiClient  Provides links to obtain the FortiClient software Device Captive Portals Device Identity
9 Device Management Device Identity Device Group Management Manual add/edit Devices Status Connection Information User Information Device Definition Multiple MAC address merge
10 Device Management Device Identity Device Groups Device Group Drill-down Predefined group for auto categorization Manual defined Custom group
11 Visibility Device contextual Information available on widgets, logs & reports Device Identity
12 Contattaci Gratuitamente … Certified experts in Fortimail and email security Certified experts in Fortiweb and web application firewall protection Certified experts in FortiAp, FortiWifi and wireless security CONTACTS Tel. +39 049 8843198 DIGIT (5) contacts@lanewan.it www.lanewan.it In questi anni di partnership con la casa madre, Lan & Wan Solutions ha ottenuto tutte le specializzazioni previste nei vari iter di certifica- zione, raggiungendo la qualifica di Partner Of Excellence.

Recommended

Fortinet av
Fortinet avFortinet av
Fortinet av
Lan & Wan Solutions
 
Firewall
FirewallFirewall
Firewall
Lan & Wan Solutions
 
Vpn
VpnVpn
Vpn
Lan & Wan Solutions
 
Forti cloud
Forti cloudForti cloud
Forti cloud
Lan & Wan Solutions
 
Fortinet FortiGate 100D
Fortinet FortiGate 100DFortinet FortiGate 100D
Fortinet FortiGate 100D
Hoai Duyen
 
Sandboxing
SandboxingSandboxing
Sandboxing
Lan & Wan Solutions
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate Training
NCS Computech Ltd.
 
Fortigate class1
Fortigate class1Fortigate class1
Fortigate class1
RanjithKumar428
 

Recommended

Fortinet av
Fortinet avFortinet av
Fortinet av
Lan & Wan Solutions
 
Firewall
FirewallFirewall
Firewall
Lan & Wan Solutions
 
Vpn
VpnVpn
Vpn
Lan & Wan Solutions
 
Forti cloud
Forti cloudForti cloud
Forti cloud
Lan & Wan Solutions
 
Fortinet FortiGate 100D
Fortinet FortiGate 100DFortinet FortiGate 100D
Fortinet FortiGate 100D
Hoai Duyen
 
Sandboxing
SandboxingSandboxing
Sandboxing
Lan & Wan Solutions
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate Training
NCS Computech Ltd.
 
Fortigate class1
Fortigate class1Fortigate class1
Fortigate class1
RanjithKumar428
 
Fortinet sandboxing
Fortinet sandboxingFortinet sandboxing
Fortinet sandboxing
Nick Straughan
 
Firewalls
FirewallsFirewalls
Firewalls
vaishnavi
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
rahul kundu
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-series
Julian Ernesto Martinez Oliva
 
OWASP zabezpieczenia aplikacji - Top 10 ASR
OWASP zabezpieczenia aplikacji - Top 10 ASROWASP zabezpieczenia aplikacji - Top 10 ASR
OWASP zabezpieczenia aplikacji - Top 10 ASR
Laravel Poland MeetUp
 
Fortinet security fabric
Fortinet security fabricFortinet security fabric
Fortinet security fabric
ANSItunCERT
 
001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration Introduction001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration Introduction
Mohamed Sana
 
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept XThis is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept X
Sophos Benelux
 
Basic security and Barracuda VRS
Basic security and Barracuda VRSBasic security and Barracuda VRS
Basic security and Barracuda VRS
Aravindan A
 
Retail
RetailRetail
Retail
Lan & Wan Solutions
 
PCI 3.0 and penetration testing
PCI 3.0 and penetration testingPCI 3.0 and penetration testing
PCI 3.0 and penetration testing
Marcus Dempsey
 
Ids & ips
Ids & ipsIds & ips
Ids & ips
Lan & Wan Solutions
 
Firewall
FirewallFirewall
Firewall
Saurabh Chauhan
 
Product Overview Nov 2010 V1
Product Overview Nov 2010 V1Product Overview Nov 2010 V1
Product Overview Nov 2010 V1
Alvaro Roldan Peral
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewalls
kkkseld
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
Anthony Daniel
 
Firewall
FirewallFirewall
Firewall
Apo
 
F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0
MarketingArrowECS_CZ
 
CNIT 128 6. Analyzing Android Applications (Part 2 of 3)
CNIT 128 6. Analyzing Android Applications (Part 2 of 3)CNIT 128 6. Analyzing Android Applications (Part 2 of 3)
CNIT 128 6. Analyzing Android Applications (Part 2 of 3)
Sam Bowne
 
Web attacks
Web attacksWeb attacks
Web attacks
husnara mohammad
 
ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy Enforcement
John Rhoton
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
Guido Marchetti
 

More Related Content

What's hot

Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
rahul kundu
 
001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration Introduction001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration Introduction
Mohamed Sana
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewalls
kkkseld
 
Firewall
FirewallFirewall
Firewall
Apo
 

What's hot (20)

Fortinet sandboxing
Fortinet sandboxingFortinet sandboxing
Fortinet sandboxing
 
Firewalls
FirewallsFirewalls
Firewalls
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-series
 
OWASP zabezpieczenia aplikacji - Top 10 ASR
OWASP zabezpieczenia aplikacji - Top 10 ASROWASP zabezpieczenia aplikacji - Top 10 ASR
OWASP zabezpieczenia aplikacji - Top 10 ASR
 
Fortinet security fabric
Fortinet security fabricFortinet security fabric
Fortinet security fabric
 
001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration Introduction001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration Introduction
 
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept XThis is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept X
 
Basic security and Barracuda VRS
Basic security and Barracuda VRSBasic security and Barracuda VRS
Basic security and Barracuda VRS
 
Retail
RetailRetail
Retail
 
PCI 3.0 and penetration testing
PCI 3.0 and penetration testingPCI 3.0 and penetration testing
PCI 3.0 and penetration testing
 
Ids & ips
Ids & ipsIds & ips
Ids & ips
 
Firewall
FirewallFirewall
Firewall
 
Product Overview Nov 2010 V1
Product Overview Nov 2010 V1Product Overview Nov 2010 V1
Product Overview Nov 2010 V1
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewalls
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
 
Firewall
FirewallFirewall
Firewall
 
F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0
 
CNIT 128 6. Analyzing Android Applications (Part 2 of 3)
CNIT 128 6. Analyzing Android Applications (Part 2 of 3)CNIT 128 6. Analyzing Android Applications (Part 2 of 3)
CNIT 128 6. Analyzing Android Applications (Part 2 of 3)
 
Web attacks
Web attacksWeb attacks
Web attacks
 

Similar to Device identity

Microsoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - AtidanMicrosoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
David J Rosenthal
 
IoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentationIoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentation
AuliaArifWardana
 
Useridentity 150909123719-lva1-app6891
Useridentity 150909123719-lva1-app6891Useridentity 150909123719-lva1-app6891
Useridentity 150909123719-lva1-app6891
Lan & Wan Solutions
 

Similar to Device identity (20)

ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy Enforcement
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
Enterprise Mobility (Admin)
Enterprise Mobility (Admin)Enterprise Mobility (Admin)
Enterprise Mobility (Admin)
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
 
Week Topic Code Access vs Event Based.pptx
Week Topic Code Access vs Event Based.pptxWeek Topic Code Access vs Event Based.pptx
Week Topic Code Access vs Event Based.pptx
 
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
 
How to deploy Windows Mobile to 40,000 users
How to deploy Windows Mobile to 40,000 usersHow to deploy Windows Mobile to 40,000 users
How to deploy Windows Mobile to 40,000 users
 
IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015
 
#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck
 
Global Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterGlobal Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security Center
 
Sybase - Afaria 6.6 fp1 more detail
Sybase - Afaria 6.6 fp1 more detailSybase - Afaria 6.6 fp1 more detail
Sybase - Afaria 6.6 fp1 more detail
 
ClearPass_Customer_Presentation
ClearPass_Customer_PresentationClearPass_Customer_Presentation
ClearPass_Customer_Presentation
 
IoT-Device-Security.pptx
IoT-Device-Security.pptxIoT-Device-Security.pptx
IoT-Device-Security.pptx
 
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - AtidanMicrosoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best Practices
 
Chapter006
Chapter006Chapter006
Chapter006
 
IoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentationIoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentation
 
Useridentity 150909123719-lva1-app6891
Useridentity 150909123719-lva1-app6891Useridentity 150909123719-lva1-app6891
Useridentity 150909123719-lva1-app6891
 
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
 
Aca presentation arm_
Aca presentation arm_Aca presentation arm_
Aca presentation arm_
 

More from Lan & Wan Solutions

160415 lan and-wan-secure-access-architecture
160415 lan and-wan-secure-access-architecture160415 lan and-wan-secure-access-architecture
160415 lan and-wan-secure-access-architecture
Lan & Wan Solutions
 

More from Lan & Wan Solutions (20)

CYBER THREAT ASSESSMENT
CYBER THREAT ASSESSMENTCYBER THREAT ASSESSMENT
CYBER THREAT ASSESSMENT
 
Nuova presentazione Lan & Wan Solutions Fortinet Partner
Nuova presentazione Lan & Wan Solutions Fortinet PartnerNuova presentazione Lan & Wan Solutions Fortinet Partner
Nuova presentazione Lan & Wan Solutions Fortinet Partner
 
Nuova presentazione Lan & Wan Solutions
Nuova presentazione Lan & Wan SolutionsNuova presentazione Lan & Wan Solutions
Nuova presentazione Lan & Wan Solutions
 
CTAP
CTAPCTAP
CTAP
 
Mc business solutions set
Mc business solutions setMc business solutions set
Mc business solutions set
 
Mc partner playbook
Mc partner playbookMc partner playbook
Mc partner playbook
 
160415 lan and-wan-secure-access-architecture
160415 lan and-wan-secure-access-architecture160415 lan and-wan-secure-access-architecture
160415 lan and-wan-secure-access-architecture
 
160415 lan and-wan-ctap
160415 lan and-wan-ctap160415 lan and-wan-ctap
160415 lan and-wan-ctap
 
Lan & Wan
Lan & WanLan & Wan
Lan & Wan
 
Lan & Wan
Lan & WanLan & Wan
Lan & Wan
 
Evento 15 aprile
Evento 15 aprileEvento 15 aprile
Evento 15 aprile
 
Secure Access Architecture
Secure Access ArchitectureSecure Access Architecture
Secure Access Architecture
 
CTAP
CTAPCTAP
CTAP
 
ATP
ATPATP
ATP
 
Advanced Threat Protection
Advanced Threat ProtectionAdvanced Threat Protection
Advanced Threat Protection
 
scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22
 
scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22
 
Scheda tecnica hspa 08
Scheda tecnica hspa 08Scheda tecnica hspa 08
Scheda tecnica hspa 08
 
Vmware
VmwareVmware
Vmware
 
Antenne filari
Antenne filariAntenne filari
Antenne filari
 

Recently uploaded

Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 

Recently uploaded (20)

The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Pharm-D Biostatistics and Research methodology
Pharm-D Biostatistics and Research methodologyPharm-D Biostatistics and Research methodology
Pharm-D Biostatistics and Research methodology
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
ManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide Deck
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 

Device identity

  • 1. © Copyright Fortinet Inc. All rights reserved. Inside FortiOS Device Identity Versione 5.2.4 – Mar 2015 Lan & Wan Solutions – Soluzioni Informatiche per Reti Locali e Geografiche
  • 3. 3 Overview Device Identity Device Identification  Device & OS Fingerprinting  Device Classification & Management  Contextual Device Information Device Based Policies  Policies using Device/Device Group  Identify device type to add into contextual information for better visibility  Enforce policies based on device types or devices  Allow organization to embrace BYOD environment securely Device Group List
  • 4. 4 Overview Securing BYOD environment  Identifying device/device types to apply appropriate policy enforcements  Additional control beyond traditional Windows AD environment Device Identity Identity Policies Device Identification Access Control Security Application UTM Profiles Awareness Agentless Agent based
  • 5. 5 Identification Techniques  Agentless » TCP Fingerprinting » MAC address vendor codes » Network discovery protocols, DHCPv6 etc » Requires “direct” connectivity to FortiGate  Agent Based » Uses FortiClient » Location & Infrastructure Independent Device Identification Device Identity INTERNETDMZ FC FC Agentless with Agent
  • 6. 6 • Based on regularly updated device/OS signatures and MAC address vendor lists DB • Automatic detection & categorization into predefined device groups • Enabled per Device- based Policy • Force detect device by HTTP communication (HTTP User-Agent) • Email collection/ Endpoint compliance portal • Agent captures systems information and relay to FortiGate, 100% Accurate • Allow device identification on remote networks TCP Fingerprinting, Network Discovery & MAC Address Vendor Code Captive Portal Endpoint Agent Device Identification Device Identity
  • 7. 7 Additional device information detection  Hostname: Internal DHCP server, traffic scan  Email address: Email collection Captive portal  Username: Authentication services or “device-user-identification enable” which extracts info via traffic scanning (enable default) Device Identification Device Identity
  • 8. 8 Device Detection  A webpage that should let the user send some traffic in order to detect the device type  No replacement message when successful, user have to reload the webpage  If failed, a replacement message will be present Email Collection  Collect an email address as a means of identifying the device user  When the email address has been verified, the device is added to the Collected Emails device group Endpoint Compliance  Acts as a quarantine for devices that are not protected by FortiClient  Provides links to obtain the FortiClient software Device Captive Portals Device Identity
  • 9. 9 Device Management Device Identity Device Group Management Manual add/edit Devices Status Connection Information User Information Device Definition Multiple MAC address merge
  • 10. 10 Device Management Device Identity Device Groups Device Group Drill-down Predefined group for auto categorization Manual defined Custom group
  • 11. 11 Visibility Device contextual Information available on widgets, logs & reports Device Identity
  • 12. 12 Contattaci Gratuitamente … Certified experts in Fortimail and email security Certified experts in Fortiweb and web application firewall protection Certified experts in FortiAp, FortiWifi and wireless security CONTACTS Tel. +39 049 8843198 DIGIT (5) contacts@lanewan.it www.lanewan.it In questi anni di partnership con la casa madre, Lan & Wan Solutions ha ottenuto tutte le specializzazioni previste nei vari iter di certifica- zione, raggiungendo la qualifica di Partner Of Excellence.