Device enrollment is fully automated. Normally, no action is required as devices are listed automatically by its broadcast name, such as “ Johnny’s iPhone “.
Only when broadcast names are unable to be determined by the filtering service, does it fall back to the manufacturer of the MAC address. Here are some examples:
- MAC addresses starting with 00:00:00 are Xerox
- MAC addresses starting with A8:66:7F are Apple
- MAC addresses starting with 10:bf:48 are ASUS
Having the MAC address visible provides you with the best ability to control your Policies, which will follow the MAC address. In other words, if a device changes IP address, the Policy will still apply. If the MAC address listed on the dashboard does not match, that happens when OSI layer 2 visibility is not available. This nerdspeak means that the filtering service received a different MAC address then your actual device. This can happen in the following circumstances:
- A router is between your filtering service and the device
- A bridge is between your filtering service and the device
Furthermore, the following are conditions where the broadcast name (NetBIOS) name may be unavailable to the filtering service:
- Device has a firewall turned on
- Device has NetBIOS bindings disabled
- Filtering is run on a stand-alone device (such as ClearOS in stand-alone mode)
Enrollment happens automatically upon the first received DNS query. Devices remain in the list until they are deleted.