Device retention periods

In this topic, you will learn the retention periods for devices in Portnox™ Cloud.

When Portnox Cloud receives information about a new device, it creates a device entry, which then appears in the Devices menu. If the device does not connect for a retention period, it is first considered inactive and archived, and then removed from Portnox Cloud. Retention periods are different for different configurations:

Devices without Portnox AgentP

  • Portnox Cloud archives such devices if they had not accessed the network for the past 30 days.

  • Portnox Cloud removes such devices if they had not accessed the network for the past 90 days.

Devices without Portnox AgentP, authenticated using the MAC address

  • Portnox Cloud archives such devices if they had not accessed the network for the past 90 days.

  • Portnox Cloud removes such devices if they had not accessed the network for the past 150 days.

Devices with Portnox AgentP installed

For deactivated devices:

  • Portnox Cloud archives such devices immediately when they are deactivated in AgentP using the Deactivate button.

  • Portnox Cloud removes such devices after 90 days.

For inactive devices:

  • Portnox Cloud archives devices if they had not accessed the network for the past 90 days.

  • Portnox Cloud removes devices if they had not accessed the network for the past 150 days.

For unenrolled devices (when the user no longer exists in the directory):

  • Portnox Cloud archives such devices immediately when they are unenrolled due to their user no longer existing in the directory.

  • Portnox Cloud removes such devices after 60 days.

Notes

  • If you use Portnox Cloud with Azure Active Directory (Entra ID), you can turn on the Enable devices synchronization setting. If this setting is on, device entries will be archived after synchronization if they have been removed from the Azure Active Directory (Entra ID). Note that this slows down the synchronization process.

  • Portnox Cloud licensing costs depend on the number of active device entries. In the following situations, the devices do not count for licensing purposes:

    • If the device is archived

    • If the device tried to connect but failed

    • If the device is authenticated using the MAC address but it connects to a network that is not protected using the 802.1X protocol

    • If the device is manually removed by the administrator.

  • If the administrator blocks an archived device, Portnox Cloud immediately removes it.