FortiNAC Deployment Architecture and Communication Methods Quiz

Questions and Answers

Which method does FortiNAC commonly use to complete tasks related to the infrastructure?

SNMP for ongoing management

Syslog for security device integration

RADIUS for wired or wireless connection

SSH or Telnet through the CLI (correct)

What does FortiNAC use to discover the infrastructure, complete data collection, and perform ongoing management?

SSH

Syslog

SNMP (correct)

RADIUS

Which method does FortiNAC use to gather visibility information and control access across a wired or wireless connection?

Syslog

RADIUS (correct)

SNMP

SSH

What does FortiNAC use to stay up to date on visibility details, such as hosts going offline?

Syslog

Depending on the vendor of the infrastructure device, what may FortiNAC leverage to enhance visibility and enforce control?

Available API capabilities

How does FortiNAC identify connected devices and gain enhanced visibility?

DHCP, typically through fingerprinting

What is used by FortiNAC to gather Layer 2 Polling Data?

Polling, MAC notification, or RADIUS

Which method does FortiNAC use to issue commands to gather visibility information or execute control functions on a device?

SSH

What gives FortiNAC the ability to log and react, if configured to do so, when it receives a security alert?

Syslog

What determines the communication methods that FortiNAC uses?

The vendor and model of the infrastructure device

What does FortiNAC use to gather information and maintain control after knowing the type of device it is communicating with?

Appropriate methods and commands

What is used by FortiNAC to enhance visibility and enforce control depending on the vendor and model of the infrastructure device?

Available API capabilities

What triggers Layer 2 data polling in FortiNAC?

Receiving MAC notification traps from an edge device

How is endpoint visibility established in FortiNAC?

Through the physical address, time, and location information gathered from infrastructure devices

What is the preferred method for learning and updating Layer 2 information in FortiNAC?

Receiving and processing MAC notification traps

When does manual polling for Layer 2 information occur in FortiNAC?

When an administrative user right-clicks the switch in the inventory view and selects Poll for L2 (Hosts) info

What is the purpose of link traps received from an edge device in FortiNAC?

To trigger Layer 2 polling and update device awareness

What should not be configured on interfaces that are uplinks in FortiNAC?

MAC notification traps

Which method is less resource intensive for learning and updating Layer 2 information in FortiNAC?

Receiving and processing MAC notification traps

How can Layer 2 data be collected in FortiNAC?

Through MAC notification traps and link traps

What is triggered by linkup, linkdown, warmstart, and coldstart traps in FortiNAC?

Layer 2 polling to update device awareness

What information triggers the beginnings of endpoint visibility in FortiNAC?

Physical address, time, and location information

What is the purpose of MAC notification traps in FortiNAC?

To provide MAC address and port association information for updating the database

What should always be used for learning and updating Layer 2 information when it is an option in FortiNAC?

MAC notification traps

Study Notes

Infrastructure Management

• FortiNAC commonly uses SNMP to complete tasks related to the infrastructure.
• FortiNAC uses SNMP to discover the infrastructure, complete data collection, and perform ongoing management.
• SNMP is used to gather visibility information and control access across a wired or wireless connection.

Device Visibility

• FortiNAC uses SNMP and LLDP to stay up to date on visibility details, such as hosts going offline.
• FortiNAC may leverage vendor-specific APIs, such as Cisco's CLI or Juniper's Netconf, to enhance visibility and enforce control, depending on the vendor of the infrastructure device.

Device Identification

• FortiNAC identifies connected devices and gains enhanced visibility through LLDP and SNMP.

Data Collection

• FortiNAC uses LLDP to gather Layer 2 Polling Data.
• SNMP is used to issue commands to gather visibility information or execute control functions on a device.
• FortiNAC uses syslog to log and react to security alerts, if configured to do so.

Communication Methods

• The type of device FortiNAC is communicating with determines the communication methods used.
• FortiNAC uses SNMP and LLDP to gather information and maintain control after knowing the type of device it is communicating with.

Vendor-Specific Configuration

• FortiNAC uses vendor-specific APIs, such as Cisco's CLI or Juniper's Netconf, to enhance visibility and enforce control, depending on the vendor and model of the infrastructure device.

Layer 2 Data Polling

• Linkup, linkdown, warmstart, and coldstart traps trigger Layer 2 data polling in FortiNAC.
• Endpoint visibility is established in FortiNAC through the combination of SNMP and LLDP.
• The preferred method for learning and updating Layer 2 information in FortiNAC is through SNMP and LLDP.
• Manual polling for Layer 2 information occurs in FortiNAC when the device is not sending traps or notifications.

Link Traps

• The purpose of link traps received from an edge device in FortiNAC is to trigger Layer 2 data polling.
• MAC notification traps in FortiNAC trigger the beginning of endpoint visibility.

Best Practices

• SNMP and LLDP should always be used for learning and updating Layer 2 information when it is an option in FortiNAC.
• Manual polling should not be configured on interfaces that are uplinks in FortiNAC.

Description

Test your knowledge of deployment architecture and communication methods used by FortiNAC in this quiz. Explore how FortiNAC uses SNMP for infrastructure discovery and data collection, as well as SSH or Telnet for CLI tasks.