Hello Fortinet Community, I’ve deployed the FortiNAC Persistent Agent
and implemented compliance scans to ensure our systems are secure. Our
policy is to delay operating system updates by one month, but we want
antivirus signatures to always be up-to...
Hello Fortinet Community, I'm seeking advice on the best approach to
secure our network. Our goal is to allow access only to domain-joined
PCs and implement compliance checks.We currently have FortiClient
installed on all user devices, and I’m trying...
Hello Fortinet Community,I’m seeking advice on configuring the network
setup shown in the attached image. Here’s the scenario: Two large sites
(HQ1 and HQ2) and several small sites, all with FortiGate firewalls,
connected in a Security Fabric. HQ1’s ...
Hello Fortinet Community, I've been reading
https://community.fortinet.com/t5/FortiNAC/Technical-Tip-Configure-FortiNAC-Tags-with-FortiOS-7-2-4-GA/ta-p/255138
on configuring FSSO tags with FortiOS 7.2.4 and
https://community.fortinet.com/t5/FortiNAC-...
@ebilcari wrote:Another possible "trick" could be to include one of the
"test/admin" hosts to all the groups and tags. After it will hit the
policy all that information should be sent to the FGT (just an idea,
haven't tested it).Your idea is perfect....
Thank you very much @ebilcari for the clarification!I now understand
that each CA needs to connect to the Fabric Root, moreover as I see only
the CAs have this setting enabled.Regarding AD, EMS, and FAZ, I see that
both the Manager and CAs have confi...
Thank you @ebilcari for your detailed response. I have verified the
functionality, and it works as described. However, I noticed that tags
need to be pushed by "Network Access" or another event, and only tags
related to that event appear in FortiGate...