DescriptionFortiNAC shows in the 'Security Alarms' that some action has been performed for example 'Disable port' or 'Disable Host' but nothing actually happens with the host or the switchport.
Related document.https://docs.fortinet.com/document/fortinac/8.6.0/administration-guide/328047/automated-threat-respo...
External resource.https://www.youtube.com/watch?v=S2C44BFVlAw SolutionMake sure the unit where the host is connected is a member of 'Physical Address Filtering' group.1) Go to 'Topology' view.2) Select the unit where hosts are connected.3) Select 'Group Membership'.4) Make sure 'Physical Address Filtering' group is selected (see example):
Related Articles
Technical Note: Disabled wired hosts not isolated