NSE 5 FortiClient EMS 6.2
The new NSE 5 FortiClient EMS 6.2 course is now available.
FortiClient is a Fabric Agent that delivers protection, compliance, and secure access in a single, modular lightweight client. A Fabric Agent is a bit of endpoint software that runs on an endpoint, such as a laptop or mobile device and communicates with the Fortinet Security Fabric to provide information, visibility, and control to that device.
The Unified FortiClient agent enables remote workers to securely connect to the network using zero-trust principles. This edition enables both Universal ZTNA- and VPN-encrypted tunnels, as well as URL filtering and cloud access security broker (CASB). FortiSASE provides cloud-hosted Universal ZTNA, CASB, and SWG and includes the Unified FortiClient agent. Central management via FortiClient EMS is included.
The Unified FortiClient agent provides enhanced security capabilities by adding AI-based next-generation antivirus (NGAV), endpoint quarantine, and application firewall, as well as support for cloud sandbox, USB device control, and ransomware protection.
To simplify the initial deployment and offload ongoing monitoring, Fortinet offers Endpoint-focused managed services to provide complete operation of the FortiClient solution, providing set up, deployment, configuration, vulnerability monitoring, and overall endpoint security monitoring.
ZTNA
Delivers better remote access and consistent application access policies
Fabric Agent
Provides telemetry information and leverages integrations with the Fortinet Security Fabric
Web Filtering
Provides web security and content filtering
Software Inventory Management
Enables visibility and license management
Controls access to cloud-based applications, including visibility to shadow IT
Automated Response
Detects and isolates compromised endpoints
FortiGuard Labs - Fortinet’s elite cybersecurity threat intelligence and research organization comprised of experienced threat hunters, researchers, analysts, engineers, and data scientists - develops and enhances FortiGuard AI-powered Security Services as well as provides valuable expert help through FortiGuard Expert-driven Security Services.
Protects against the latest polymorphic attacks, viruses, malware (including ransomware), and other threats.
Performs AI-powered real-time inspection of files for protection against unknown threats, zero-days, and sophisticated file-based attacks.
Uses AI-powered behavior analysis and correlation to block unknown malicious URLs almost immediately, with near-zero false negatives.
FortiClient comes in several levels of capabilities, with increasing levels of protection. It integrates with many key components of the Fortinet Security Fabric and is centrally managed by the Endpoint Management Server (EMS).
See the product datasheet for more information.
Features include:
Zero Trust Agent with Multi-factor Authentication (MFA) | The Zero Trust Agent supports ZTNA tunnels, single sign-on (SSO), and device posture check to FortiOS access proxy |
Central Management via EMS or FortiClient Cloud | Centralized FortiClient deployment and provisioning that allows administrators to remotely deploy endpoint software and perform controlled upgrades. Makes deploying FortiClient configuration to thousands of clients an effortless task with the click of a button. Vulnerability dashboard helps manage an organization’s attack surface. All vulnerable endpoints are easily identified for administrative action. Windows AD integration helps sync an organization’s AD structure into EMS so the same organization units (OUs) can be used for endpoint management. Realtime Endpoint Status always provides current information on endpoint activity and security events. |
Central Logging and Reporting | Centralized logging simplifies compliance reporting and security analysis by ForiSIEM or other SIEM product |
Dynamic Security Fabric Connector | EMS creates virtual groups based on endpoint security posture. These virtual groups are then retrieved by FortiGate and used in firewall policy for dynamic access control. Dynamic groups help automate and simplify compliance for security policies. |
Vulnerability Agent and Remediation | Vulnerability agent and remediation ensures endpoint hygiene and hardens endpoints to reduce the attack surface. This identifies vulnerable endpoints and prioritizes unpatched OS and software vulnerabilities with flexible patching options including auto-patching. |
SSL VPN with MFA | Secure Socket Layer (SSL) Virtual Private Network (VPN) with MFA enables an easy-to-use encrypted tunnel that will traverse most any infrastructure. |
IPsec VPN with MFA | IP Secure (IPSec) VPN with MFA enables an easy-to-use encrypted tunnel that provides the highest VPN throughput. |
FortiGuard Web Filtering | Powered by FortiGuard Labs research, the web filtering function monitors all web browser activities to enforce web security and acceptable usage policy with 75+ categories. It works across all supported operating systems and works with Google SafeSearch. The endpoint web filtering profile can be synchronized from FortiGate for consistent policy enforcement. Administrators can set black/white lists, on-/off-net policies, and import FortiGate web filtering policies for consistent enforcement. FortiClient now supports a web filter plugin that improves detection and enforcement of web filter rules on HTTPS sites with encrypted traffic. |
Split-tunneling | Supported on ZTNA and VPN tunnels, split-tunneling enables optimized user experience |
Single Sign-on (SSO) | SSO integrates with FortiAuthenticator identity and access management to provide single sign-on. |
ZTNA Edition Features | This edition includes all the features in the ZTNA Edition plus the following: |
---|---|
AI-powered Next-Generation Antivirus (NGAV) | Anti-malware leverages FortiGuard Content Pattern Recognition Language (CPRL), machine learning, and AI to protect endpoints against malware. The pattern-based CPRL is highly effective in detecting and blocking polymorphic malware. It also blocks attack channels and malicious websites. |
FortiClient Cloud Sandbox | FortiClient natively integrates with FortiSandbox. FortiClient automatically submits files to the connected FortiSandbox for real-time analysis. Sandbox analysis results are automatically synchronized with EMS. Administrators can see detailed information and behavior activities of submitted objects including graphic visualization of the full process tree. |
Automated Endpoint Quarantine | When triggered by security events, automated endpoint quarantine automates policy-based response. For example, it can automatically quarantine a suspicious or compromised endpoint to contain incidents and prevent outbreaks. |
Application Firewall | The application firewall provides the ability to monitor, allow, or block application traffic by categories. It uses the same categories as FortiGate, enabling consistent application traffic control. It leverages FortiGuard anti-botnet, IPS, and application control intelligence and can prevent the use of unwanted applications including proxy apps and HTTPS messaging apps. |
Application Inventory | Application inventory provides visibility of installed software. In addition to managing licenses, software inventory can improve security hygiene. When software installed is not required for business purposes, it unnecessarily introduces potential vulnerabilities, and thereby increases the likelihood of compromise. Administrators can reduce the attack surface by leveraging inventory information to detect and remove unnecessary or outdated applications that are potentially vulnerable. |
USB Device Control | This capability prevents unauthorized USB devices from accessing the host. |
Schools continue to enhance their technologies in the curriculum and the adoption of personal devices such as Chromebooks are increasingly commonplace. School districts are required to be in compliance with Children’s Internet Protection Act (CIPA) and protect students from harmful content while browsing the internet.
Powered by FortiGuard Labs research, the web filtering function monitors all web browser activities to enforce web security and acceptable usage policy with 75+ categories. It also supports Google SafeSearch.
Windows | MAC OS | ANDROID | IOS | Chromebook | Linux | |
---|---|---|---|---|---|---|
Zero Trust Security | ||||||
Endpoint Telemetry | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
Compliance Enforcement Using Dynamic Access Control | ✔ | ✔ | ✔ | ✔ | ✔ | |
Endpoint Audit and Remediation with Vulnerability Scanning | ✔ | ✔ | ✔ | |||
Remote Logging and Reporting | ✔ | ✔ | ✔ | ✔ | ✔ | |
IPSec VPN | ✔ | ✔ | ✔ | |||
SSL VPN | ✔ | ✔ | ✔ | ✔ | ✔ | |
ZTNA Remote Access | ✔ | ✔ | ✔ | ✔ | ||
Windows AD SSO Agent | ✔ | ✔ | ||||
USB Device Control | ✔ | ✔ | ✔ | |||
Endpoint Security | ||||||
Antivirus | ✔ | ✔ | ✔ | |||
Cloud-based Threat Detection | ✔ | ✔ | ||||
Sandbox (on-prem) | ✔ | ✔ | ✔ | |||
Sandbox (cloud-based) | ✔ | ✔ | ||||
Automated Endpoint Quarantine | ✔ | ✔ | ||||
Web Filter | ✔ | ✔ | ✔ | ✔ | ✔ | |
AntiExploit | ✔ | |||||
Application Firewall | ✔ | ✔ |
VPN/ZTNA | EPP/APT | MANAGED | |
---|---|---|---|
Zero Trust Agent | |||
Zero Trust Network Access (ZTNA) | ✔ | ✔ | ✔ |
Central Management using FortiClient Cloud | ✔ | ✔ | ✔ |
Central Logging and Reporting | ✔ | ✔ | ✔ |
SSL VPN with MFA* | ✔ | ✔ | ✔ |
IPsec VPN with MFA* | ✔ | ✔ | ✔ |
SSO Mobillity Agent | ✔ | ✔ | ✔ |
CASB (Inline and API) | ✔ | ✔ | ✔ |
IT Hygience | |||
Vulnerability Agent and Remediation | ✔ | ✔ | ✔ |
FortiGuard Web Filtering | ✔ | ✔ | ✔ |
USB Device Control | ✔ | ✔ | |
Endpoint Security (EPP) | |||
FortiSandbox (On Premise or PaaS) | ✔ | ✔ | |
FortiClient Cloud Sandbox | ✔ | ✔ | |
AI-powered NGAV | ✔ | ✔ | |
Automated Endpoint Quarantine | ✔ | ✔ | |
Ransomware Protection | ✔ | ✔ | |
Managed FortiClient Service | |||
Endpoint On-boarding | ✔ | ||
Initial Provisioning | ✔ | ||
Security Fabric Setup/ Integration | ✔ | ||
Vulnerability Monitoring | ✔ | ||
Endpoint Security Monitoring | ✔ | ||
Additional Services | |||
Best Practice Service (BPS) Consultation | Account Add-on | Account Add-on | N/A |
Forensic Analysis Service (FAS) | Account Add-on | Account Add-on | Account Add-on |
24x7 Support | ✔ | ✔ | ✔ |
On-Premise/ Air Gap Option | ✔ | ✔ |
Fortinet offers professional services specifically focused on FortiClient. These services can help you get the most out of your FortiClient solution, assisting with basic set up as well as optimizing competed solutions.
FortiClient Best Practices Service
This service delivers guidance on deployment, upgrades, and operations. The BPS team will provide advice over the phone or email, but will not directly configure or manage the product.
This service provides analysis to help you respond to and recover from cyber incidents. Forensic analysts will assist in the collection, examination, and presentation of digital evidence.
FortiClient Managed Services
This service streamlines the configuration, deployment, and ongoing monitoring of FortiClient agents managed by FortiClient Cloud.
FortiCare provides 24x7 support options to help keep your Fortinet deployment up and running smoothly. We also have services such as our Premium RMA options with 4-hour replacements, to make sure you’re covered in case of an extreme event.
Technical Support Services
Various per-device options are available for efficient operations. FortiCare Elite option provides a 15-minute response time for critical products.
Advanced Support
Various per-account white glove services are available to reduce disruption and increase productivity with operational reviews by designated experts.
Professional Services
Our multi-vendor experts can design and deploy a complete best practice-based solution to help you meet your network or security objectives and adopt new capabilities.
FortiClient Ordering Guide
Fortinet Product Matrix
FortiClient Datasheet
Take advantage of FortiClient Managed Services to design, configure, streamline and help deploy your remote access and endpoint protection software.
FortiClient Forensic Service Datasheet
FortiTrust Ordering Guide
Fortinet’s FortiClient Chromebook extension protects students from harmful content, inherently secures Chrome OS, and ensures CIPA and BECTA compliance.
FortiClient integrates endpoint security with the broader network security architecture of the Fortinet Security Fabric
Read this white paper to learn how to leverage FortiClient Fabric Agent and integrate endpoint security with the Fortinet Security Fabric
Fortinet Accessibility Conformance Report Revised Section 508 Edition
Read this white paper to learn what obstacles IT Infrastructure Leaders must face in securing modern endpoints and how to balance security and user productivity
FortiClient provides integration with many leading IT vendors as part of the Fortinet Security Fabric. Below is a list of current FortiClient Alliance Partners:
AppNeta Performance Manager is the only network performance monitoring platform that delivers actionable, end-to-end insights from the end-user perspective. Together with Fortinet, AppNeta's SaaS-based solution enables IT to baseline performance before rollout, demonstrate achievable value during pilot-phase testing, and continuously validate end-to-end network performance.
D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.
DefendEdge’s SiON, an Employee Threat Management platform, delivers machine learning intelligence to empower customers with enhanced protection against advanced persistent threats in today’s ever-evolving cybersecurity landscape. Together with Fortinet’s Security Fabric, SiON can detect, prevent, respond, and predict end user anomalous or malicious activities.
Together with Fortinet, Idaptive delivers Next-Gen Access through a zero trust approach. Idaptive secures access everywhere by verifying every user, validating their devices, and intelligently limiting their access.
Infoblox is leading the way to next-level DDI with its Secure Cloud-Managed Network Services. Infoblox brings next-level security, reliability and automation to cloud and hybrid systems, setting customers on a path to a single pane of glass for network management. Infoblox is a recognized leader with 50 percent market share comprised of 8,000 customers, including 350 of the Fortune 500.
METTCARE leads with a unified and secure digital identity engine, making edge-to-cloud computing impenetrable to intruders. Cybersecurity and privacy are built into the fabric of METTCARE and Fortinet digital transformation with device-IoT-user authentication, business intelligence and risk mitigation. Cyber-resilient organizations depend on METTCARE intelligent-data access, consented-data management and quantum-ready data storage.
SentinelOne is shaping the future of endpoint security with an integrated platform that unifies the detection, prevention and remediation of threats initiated by nation states, terrorists, and organized crime. SentinelOne’s unique approach is based on deep inspection of all system processes combined with innovative machine learning to quickly isolate malicious behaviors, protecting devices against advanced, targeted threats in real time.
Symantec Corporation (NASDAQ:SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. The partnership with Fortinet combines Symantec’s endpoint protection leadership with Fortinet’s best-in-class network security and Fabric integration to deliver unparalleled security protection.
Securing your endpoints against today’s threats on a myriad of devices can be quite a challenge for a number of reasons. Managing separate endpoint features is complex and time-consuming. Disparate security products don’t share intelligence, resulting in slow threat response. And, lack of IT expertise to effectively administer endpoint security can let threats into your network. FortiClient delivers easy-to-manage, automated, fully customizable endpoint security for a broad set of devices, removing those challenges.