Device retention periods

In this topic, you will learn the retention periods for devices in Portnox™ Cloud.

When Portnox Cloud receives information about a new device, it creates a device entry, which then appears in the Devices menu. If the device does not connect for a retention period, it is first considered inactive and archived, and then removed from Portnox Cloud. Retention periods are different for different configurations:

Devices without Portnox AgentP

  • Portnox Cloud archives such devices if they had not accessed the network for the past 30 days.

  • Portnox Cloud removes such devices if they had not accessed the network for the past 90 days.

Devices without Portnox AgentP, authenticated using the MAC address

  • Portnox Cloud archives such devices if they had not accessed the network for the past 90 days.

  • Portnox Cloud removes such devices if they had not accessed the network for the past 150 days.

Devices with Portnox AgentP installed

For deactivated devices:

  • Portnox Cloud archives such devices immediately when they are deactivated in AgentP using the Deactivate button.

  • Portnox Cloud removes such devices after 90 days.

For inactive devices:

  • Portnox Cloud archives devices if they had not accessed the network for the past 90 days.

  • Portnox Cloud removes devices if they had not accessed the network for the past 150 days.

For unenrolled devices (when the user no longer exists in the directory):

  • Portnox Cloud archives such devices immediately when they are unenrolled due to their user no longer existing in the directory.

  • Portnox Cloud removes such devices after 60 days.

Notes

  • If you use Portnox Cloud with Azure Active Directory (Entra ID), you can turn on the Enable devices synchronization setting. If this setting is on and you use computer-based authentication, device entries will be archived after synchronization if they have been removed from the Azure Active Directory (Entra ID). Note that this slows down the synchronization process.

  • Portnox Cloud licensing costs depend on the number of active device entries. In the following situations, the devices do not count for licensing purposes:

    • If the device is archived

    • If the device tried to connect but failed

    • If the device is authenticated using the MAC address but it connects to a network that is not protected using the 802.1X protocol

    • If the device is manually removed by the administrator.

    For more information about when devices consume a license, see the following FAQ entry: When does Portnox Cloud consume a license?

  • If the administrator blocks an archived device, Portnox Cloud immediately removes it.