Fortinet black logo

Devices Managed by FortiOS

Configuring IoT detection

Copy Link
Copy Doc ID b66bd869-148d-11eb-96b9-00505692583a:173261
Download PDF

Configuring IoT detection

NOTE: This feature requires an IoT Detection Service license.

Starting in FortiOS 6.4, FortiSwitch units can use a new FortiGuard service to identify Internet of things (IoT) devices. FortiOS can use the identified devices for storage and display. You can use the FortiOS CLI to configure IoT detection.

Each detected MAC address of an IoT device has a confidence level assigned to it. If the confidence level is less than the iot-weight-threshold value, the MAC address is scanned. The default value is 1. Set the iot-weight-threshold value to 0 to disable IoT detection.

You can control how often a FortiSwitch unit scans for IoT devices. The range of values is 2 to 10,080 minutes. By default, the scan interval is 60 minutes. Every MAC address will be scanned for a time interval of 60 minutes followed by 60 minutes when it will not be scanned. The start time of every MAC addressʼs 60-minute scan interval is unique. Set the iot-scan-interval value to 0 to disable IoT detection.

A MAC address of an IoT device must be detected by the FortiSwitch unit for more than a specified number of minutes before the MAC address is passed along to the FortiGuard service for IoT identification. The default number of minutes is 5. The range of values is 0 to 10,080 minutes. Set the iot-holdoff value to 0 to disable this setting.

If a MAC address entryʼs last-seen time is greater than the iot-mac-idle value, the MAC address entry is not considered for IoT detection. By default, the iot-mac-idle value is 1,440 minutes. The range of values is 0 to 10,080 minutes.

To configure system-wide settings for IoT detection:

config switch-controller system

set iot-weight-threshold <0-255>

set iot-scan-interval <2-10080>

set iot-holdoff <0-10080>

set iot-mac-idle <0-10080>

end

Starting in FortiOS 6.4.3, IoT detection can be managed per FortiLink interface as well. IoT detection is disabled by default on the FortiLink interface. Use the FortiOS CLI or GUI to enable IoT detection on the FortiLink interface so that the FortiSwitch unit starts scanning for IoT devices.

Using the GUI:
  1. Go to WiFi & Switch Controller > FortiLink Interface.
  2. Enable IoT scanning.
Using the CLI:

config system interface

edit <FortiLink_interface>

set switch-controller-iot-scanning enable

end

Configuring IoT detection

NOTE: This feature requires an IoT Detection Service license.

Starting in FortiOS 6.4, FortiSwitch units can use a new FortiGuard service to identify Internet of things (IoT) devices. FortiOS can use the identified devices for storage and display. You can use the FortiOS CLI to configure IoT detection.

Each detected MAC address of an IoT device has a confidence level assigned to it. If the confidence level is less than the iot-weight-threshold value, the MAC address is scanned. The default value is 1. Set the iot-weight-threshold value to 0 to disable IoT detection.

You can control how often a FortiSwitch unit scans for IoT devices. The range of values is 2 to 10,080 minutes. By default, the scan interval is 60 minutes. Every MAC address will be scanned for a time interval of 60 minutes followed by 60 minutes when it will not be scanned. The start time of every MAC addressʼs 60-minute scan interval is unique. Set the iot-scan-interval value to 0 to disable IoT detection.

A MAC address of an IoT device must be detected by the FortiSwitch unit for more than a specified number of minutes before the MAC address is passed along to the FortiGuard service for IoT identification. The default number of minutes is 5. The range of values is 0 to 10,080 minutes. Set the iot-holdoff value to 0 to disable this setting.

If a MAC address entryʼs last-seen time is greater than the iot-mac-idle value, the MAC address entry is not considered for IoT detection. By default, the iot-mac-idle value is 1,440 minutes. The range of values is 0 to 10,080 minutes.

To configure system-wide settings for IoT detection:

config switch-controller system

set iot-weight-threshold <0-255>

set iot-scan-interval <2-10080>

set iot-holdoff <0-10080>

set iot-mac-idle <0-10080>

end

Starting in FortiOS 6.4.3, IoT detection can be managed per FortiLink interface as well. IoT detection is disabled by default on the FortiLink interface. Use the FortiOS CLI or GUI to enable IoT detection on the FortiLink interface so that the FortiSwitch unit starts scanning for IoT devices.

Using the GUI:
  1. Go to WiFi & Switch Controller > FortiLink Interface.
  2. Enable IoT scanning.
Using the CLI:

config system interface

edit <FortiLink_interface>

set switch-controller-iot-scanning enable

end