- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can fortigate Firewall add a feature? A map of Specify MAC Network access actions
Hi
Can fortigate firewall add a feature?
A map of Specify MAC Network access actions and analyze the status of work
for example
【MAC XXXXX】
7:00 XXXX
7:15 XXXX
【analyze the status】
HTTPS 3H
Game online 2H
Shopping online 2H
From China Jiangsu
Thanks
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Apologies but the query is a bit unclear. Please help provide some more info about this.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You want to create a list of services usage over a period of time for a specific device, identified by it's MAC address - is that right?
If that is the case, then
1- you can set up a preconfigured (included) report on FortiAnalyzer, "usage by application", filter by the device's IP address and a time range of your choice.
Prerequisites:
- all policies you want to monitor need to have logging enabled, and for traffic data, at most "information" level
- a FortiAnalyzer where the FGT sends logging data to
Filtering by MAC is very uncommon. The firewall operates at a higher OSI level, namely on IP addresses. If you really want to identify a device (not: a user) by hardware address, you would need to get the "arp" data from the FGT periodically, correlate MAC and current IP address and modify the filter on the FortiAnalyzer if necessary. This can be done by scripting.
But - this is a lot of effort. Maybe have a different plan.
As for your request, I don't think the FGT is the right tool for this. The FortiAnalyzer is.
@Atul_S: to me, this seems to be a NFR (new feature request).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@ede_pfau Thanks for your replay
Your explanation is what I mean
My company wants to know the general status of the employees through the firewall. So there was such an idea.
Thanks
![](/skins/images/314F488D15A2016126B094729A0E57E8/responsive_peak/images/icon_anonymous_message.png)