The policies and configurations we have explained for the FortiClient software can be seen as a part of a larger management scope, dedicated to controls on personal mobile devices connected to our network. The full list of controls includes:
Identifying and monitoring the devices
Using the MAC address to control access
Creating policies based on device type
Enforcing endpoint control using the FortiClient software
We have already seen the option (inside the interface configuration) to enable device monitoring. The resulting data is included in the Device definition menu under the Device tab in the User & Device option. In the following screenshot, we have an Android tablet and a Windows laptop connected to our FortiGate unit:
MAC filtering is useful to limit access to our Wi-Fi network. If we enable a DHCP server on our interface, the default value is to assign an IP address to any MAC. We are able to apply a stricter control changing the option for Unknown MAC...