Fortinet black logo

Third Party MDM Device Integration

Home FortiNAC 9.4.0 Third Party MDM Device Integration
9.4.0
9.4.0
9.2.0
9.1.0
8.8.0
8.7.0
8.6.0
8.5.0
8.3.0

MaaS360 Host/Device Registration Process

MaaS360 Host/Device Registration Process

When MaaS360 and FortiNAC are integrated the registration process for hosts is as follows:

  1. A host connects to the network and is detected by FortiNAC.

  2. If the host is running an operating system that is not supported by MaaS360, it becomes a rogue and goes through the regular registration process, either through the captive portal or Device Profiler or any other registration method configured in FortiNAC.

  3. If the host is running one of the operating systems listed below, FortiNAC checks to see if the MaaS360 MDM Agent is installed. This requires that On-Demand registration be enabled in the MDM Service record for the MaaS360 integration with FortiNAC. See MDM Services below.

    • Apple iOS

    • Android

    • Samsung

    • BlackBerry

    • Windows Phone

    • Symbian

  4. Hosts without an MDM Agent are sent to the captive portal where the user is asked to download and install an MDM agent before connecting to the production network. Links to the sites where agents can be downloaded must be configured by an Admin user under Content Editor > Global > Settings > Use Configured MDM and Content Editor > Registration > MDM Registration.

  5. If the host has the MaaS360 MDM Agent installed, FortiNAC connects to MaaS360, retrieves the host data from the MaaS360 database and registers the host in FortiNAC.

    • If the host is associated with a user in MaaS360 that also exists in FortiNAC, then the host is registered to that user.

    • If the user is unknown in FortiNAC, the host is registered as a device.

  6. Based on the User/Host Profile that matches the host, a Network Access Policy is applied and the host is placed in the appropriate VLAN.

  7. Settings selected for the MDM Service that controls the connection between MaaS360 and FortiNAC determine when MaaS360 is polled for updated information.

Previous
Next

MaaS360 Host/Device Registration Process

When MaaS360 and FortiNAC are integrated the registration process for hosts is as follows:

  1. A host connects to the network and is detected by FortiNAC.

  2. If the host is running an operating system that is not supported by MaaS360, it becomes a rogue and goes through the regular registration process, either through the captive portal or Device Profiler or any other registration method configured in FortiNAC.

  3. If the host is running one of the operating systems listed below, FortiNAC checks to see if the MaaS360 MDM Agent is installed. This requires that On-Demand registration be enabled in the MDM Service record for the MaaS360 integration with FortiNAC. See MDM Services below.

    • Apple iOS

    • Android

    • Samsung

    • BlackBerry

    • Windows Phone

    • Symbian

  4. Hosts without an MDM Agent are sent to the captive portal where the user is asked to download and install an MDM agent before connecting to the production network. Links to the sites where agents can be downloaded must be configured by an Admin user under Content Editor > Global > Settings > Use Configured MDM and Content Editor > Registration > MDM Registration.

  5. If the host has the MaaS360 MDM Agent installed, FortiNAC connects to MaaS360, retrieves the host data from the MaaS360 database and registers the host in FortiNAC.

    • If the host is associated with a user in MaaS360 that also exists in FortiNAC, then the host is registered to that user.

    • If the user is unknown in FortiNAC, the host is registered as a device.

  6. Based on the User/Host Profile that matches the host, a Network Access Policy is applied and the host is placed in the appropriate VLAN.

  7. Settings selected for the MDM Service that controls the connection between MaaS360 and FortiNAC determine when MaaS360 is polled for updated information.

Previous
Next