Fortinet FortiNAC Lab Guide for FortiNAC 7.2

Network Topology
Lab 1: Initial FortiNAC Configuration
Exercise 1: Examining the Initial Configuration
Examine the Initial Configuration Views
Exercise 2: Creating an Administrative Account
Access the FortiNAC GUI and Create an Administrative User Account
Lab 2: Network Discovery and Group Creation
Exercise 1: Discovering Network Devices
Discover Network Devices
Configure Layer 3 Polling
Exercise 2: Creating and Populating Groups
Create and Populate Port Groups
Create and Populate Port Groups With SSIDs
Create Host Groups
Set Aging Host Records
Lab 3: Identification and Classification of Rogue Devices Using Device Profiling Rules
Exercise 1: Updating Vendor OUI Tables
Update Vendor OUI Aliases for Card Readers
Update Vendor OUI Aliases for IP Phones
Update Vendor OUI Aliases for Cameras
Exercise 2: Creating Device Profiling Rules
Create a Device Profiling Rule for IP Phones
Create a Device Profiling Rule for Card Readers
Create Device Profiling Rules for Cameras in the Manchester and Nashua Facili...
Create a Device Profiling Rule for Environmental Units
Create a Device Profiling Rule for Healthcare Devices
Profile Existing Rogues, Evaluate New Rogues, and View Results
Create a Backup of the FortiNAC Database
Lab 4: Visibility Views, Event Management, and Logging
Exercise 1: Creating Filters on the Hosts Page
Create a Filter on the Hosts Page
Use a Quick Filter
Exercise 2: Troubleshooting a Host Connectivity Issue
Determine if the Host Is in the Database
Test the Host Against the Card Readers Profiling Rule
Classify the Device as a Card Reader Manually
Exercise 3: Configuring Upstream Logging for FortiNAC Events
Configure an Upstream Log Receiver and Events for Upstream Logging
Create a Backup of the FortiNAC Database
Lab 5: Logical Networks and Security Fabric Integration
Exercise 1: Configuring Logical Networks and Creating a Firewall Tag
Create Logical Networks for Card Readers, Cameras, and Contractors
Define Logical Networks for Card Readers, Cameras, and Contractors by VLAN ID...
Create a Firewall Tag for Contractors
Exercise 2: Integrating FortiNAC Into the Security Fabric
Configure the FortiNAC Service Connector for Security Fabric Integration
Authorize the FortiNAC to Join the Security Fabric
Lab 6: Portal Configuration and Access Control Enforcement
Exercise 1: Customizing the Captive Portal Pages
Customize the Default Portal Page for the Registration Context
Exercise 2: Preparing Devices for Endpoint Isolation
Configure the Network Device Model Settings for State-Based Enforcement
Exercise 3: Enforcing Access Control
Configure FortiNAC to Enforce State-Based Access Control
Create a Backup of the FortiNAC Database (Optional)
Lab 7: Security Policies for Network Access Control and Endpoint Compliance
Exercise 1: Creating User/Host Profiles and Network Access Policies for Card Readers and Cameras
Create User/Host Profiles That Identify Card Readers and Cameras
Exercise 2: Creating User/Host Profiles and Network Access Policies for Contractors
Create User/Host Profiles That Identify Contractors
Create a Backup of the FortiNAC Database (Optional)
Lab 8: Guest and Contractor Services Configuration
Exercise 1: Creating a Contractor Template
Create a Contractor Template and an Administrative Sponsor
Exercise 2: Creating and Testing a Contractor Account
Create and Validate a Contractor Account
Create an IPv4 Policy That Uses Dynamic Group Memberships and a Test Policy
Create a Backup of the FortiNAC Database (Optional)
Lab 9: FortiNAC Integrations
Exercise 1: Creating an Integration Using SNMP Trap Input
Create a Third-Party Integration Using SNMP Traps
Exercise 2: Creating an Integration Using syslog Input
Create a Third-Party Integration Using Incoming syslog Information
Exercise 3: Creating an Administrative Group for Alarm Notification
Create an Administrative Group for the Automated Notification of Alarms
Exercise 4: Configuring FortiNAC to Process FortiGate syslog Messages for Automated Response
Configure FortiNAC to Process FortiGate syslog Messages
Exercise 5: Creating Security Rules for Automated Threat Response
Create Security Rules
Configure a Denied Category Web Filter Rule
Configure a Virus Infected File (EICAR Test File) Rule
Configure a General Security Risk Rule
Exercise 6: Creating a Custom Security Event Parser
Create a Customized Security Event Parser
Rank the Security Rules
Exercise 7: Validating Security Rules
Validate Security Events, Alarms, and Actions
Lab 10: FortiNAC High Availability and Control Manager
Exercise 1: Configuring FortiNAC for HA
Configure FortiNAC for HA
Exercise 2: Validating the HA Status and Successful Failover
Validate the HA Status on the GUI
Validate the HA Status on the CLI
Force an HA Failover, Validate It, and Recover
Exercise 3: Managing FortiNAC With FortiNAC Manager
Add a FortiNAC to FortiNAC Manager
Manage Device Classification and Global Provisioning
Examine the Global Visibility Views
Tips and Tricks
Log Files
L2 Poll
L3 Poll
Portal
Captive Portal
Device Profiler