Thanks for your reply the mac based filtering is working fine but what my company wants is that blocking the device directly on wifi like android phone. So it is possible to do it without mac based filter ?
Then to do what you want you need FortiNAC. A NAC solution will actively profile every device that connects to your network and determine what kind of device it is. Using policies you can effectively block all Android devices from joining you network using NAC.
Simply go to the App info page of that particular app and select the Restrict Data Usage option. 2. A pop-up will open with Wi-Fi and Mobile Data options, you can disable both to completely block the app to use the internet.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.