Managing Active Devices

Important - This page is only relevant for versions up to R81.10.08. Starting in R81.10.10, Active Devices and Wireless Active Devices are replaced by the Home > Assets page.

The Active Devices page shows a list of the devices identified in internal networks. You can access this page from the Logs and Monitoring tab > Status section and from the Home tab > Monitoring section.

The table shows these columns:

  • Name - Hostname of the device.

  • IP address - IP address of the device.

    Note - If a device has both IPv4 and IPv6 addresses, there is a single entry in the table.

  • MAC Address - MAC Address of the device.

  • Device Details - Type of the device.

  • Blocked - Indicates whether the device is blocked from network activity.

  • Interface - Name of the appliance interface, to which the device is connected.

Blocking a Device Manually

Click the device to select it and click Block.

Toolbar Buttons

  • Filter - Filter the list by servers, active devices, or known devices.

  • Refresh - Refresh the information in the list.

  • Details - Select a row in the list and click Details to show additional properties of the device.

  • Save as - Save a selected device as a network object or server.

    When you select this option, the New Network Object (see Network Objects and Groups) window or New Server Wizard (see Defining Firewall Servers) opens.

    Enter the information in the fields and click Apply. Use these objects to reserve IP addresses to MAC addresses in the DHCP server and also add this object name as a device in the local DNS service. Network objects and server objects can be used in the security configurations, for example in the Access Policy and IPS exceptions

    A server object also allows you to configure access and NAT if applicable as part of the object. If access and/or NAT are configured, automatic access rules are created in the Access Policy Rule BaseClosed All rules configured in a given Security Policy. Synonym: Rulebase..

  • Start/Stop Traffic Monitor - Gather upload and download packet rates for active devices.

    This operation may affect performance. To stop, click Stop Traffic Monitoring.

  • Revoke Certificate - Revokes the certificate assigned to the device.

Revoking the Hotspot Access

The display shows the devices connected to the gateway through a HotspotClosed An area that offers a wireless local area network with Internet access, through a router connected to a link to an Internet service provider..

You can revoke the Hotspot access for one or more devices.

This disconnects the device from the gateway and requires the device to log in again through the Hotspot.

To revoke the Hotspot access:

  1. Click the record for the relevant device.

  2. Click Revoke Hotspot Access.

    The access for that device is revoked. You must log in again through the Hotspot to reconnect the device to the gateway.

Notes:

  • This page is available from the Home and Logs & Monitoring tabs.

  • If there is no IPv6 activity in a dual stack host, the Active devices do not show the IPv6 address.

Adding a New Network Object to Bypass SSL Inspection Based on the Host MAC Address

  1. Click the device to select it.

  2. From the toolbar, click Save as and select Device type Network Object.

  3. For Host MAC address, enter a custom value or select from the menu.

  4. Select Bypass host with this MAC by SSL inspection.

  5. In Object name, enter the applicable text.

  6. Click Apply

Note - You can also do this from the Users & Objects > Network Objects page. Click New, and then for Type, select Device.