Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-30-2018 11:55 PM Edited on ‎08-08-2024 06:06 AM By Community Manager

Article Id 194319

Technical Tip: What consumes endpoint licenses and tracking it through Dashboards

Description

 

This article discusses what type of endpoints consume a license in FortiNAC. Administrators can leverage Dashboards in order to properly visualize and keep track of concurrent licenses.

 

Scope


FortiNAC v8.x and above.

 

Solution

 

The following endpoint state will consume a License:

  • Online hosts in the Host view( including registered hosts and IP Phones).
  • Online, non-infrastructure devices in Topology View (servers, printers, IP Phones).

 

This count includes hosts, servers, or devices that are online on the network at any given time. When a host, server, or device disconnects from the network, the license is released and can be used for another connection.

 

The following endpoint state will not Consume a License:

  • Rogues.
  • Switches, routers, wireless controllers, and wireless access points in Topology View.

 

It is important for administrators to always keep track of the current endpoint license pool. The best tool for this is to leverage the Dashboard.

Go to Dashboard -> Main and select '+Add Widget' on the top left.

 

Add widget.png

In the System Category, select 'License Information' and Visualization select 'Pie Chart' or 'Table' depending on preference.

Additionally, add the 'Host information' widget in parallel with this since it will give more information on the number of different host states and if they are online or offline.

Widgets.png

It is possible to see the License Information in the Pie Chart and the Host Summary in the Table Format below.

 

  • It is important to note that if all licenses are consumed, new rogues will not be able to register and users will be impacted. When endpoint licenses are consumed at 75%, 95%, and 100% there is an Alarm generated by default to notify the FortiNAC administrator. These are default values but can be changed in the [Event Thresholds] button found in the view of Logs -> Events & Alarms -> Management.

    event-threshold.PNG

  • On the top right, the setting 'Manual' means that the Vizualized data shown will be updated only if manually selecting the Refresh icon right next to it. This setting can be changed to refresh automatically every X minutes or hours.
  • Currently, there is only one Registered host and there is 1 License in use (consumed) and 99,999 licenses available. In such cases, it is useful to establish a baseline of concurrent online registered hosts that are expected to have on the environment. If the environment size increases an evaluation will be needed to add additional Endpoint Licenses.

 

Related documents:

Licenses 7.2.0

Event thresholds 7.2.0

Technical Note: List devices that are currently consuming licenses

1522
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.