Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Forticlient PDF

Download as pdf or txt
Download as pdf or txt
You are on page 1of 4

DATA SHEET

FortiClient
Lock down visibility and control of your software and hardware inventory across the entire security fabric.
Identify vulnerable or compromised hosts and track all details of systems and user profiles across your
attack surface.

FortiClient’s Security Fabric Integration, ensures FortiAnalyzer


Centralized Logging
that all fabric components – FortiGate, FortiAnalyzer, and Reporting

EMS, Managed AP, Managed Switches, Sandbox – Web


FortiSandbox
have a unified view of endpoints in order to provide Or FortiSandbox
Cloud FortiGate
tracking & awareness, compliance enforcement and Physical or virtual
FortiClient
reporting. Advanced Threat Protection automates Endpoint Protection

prevention of known and unknown threats through FortiManager


Centralized Device and
Policy Management
built-in host-based security stack and integration with
FortiSandbox and FortiSandbox Cloud. Easy to use
Secure Remote Access & Mobility via SSL and FortiClient
EMS
IPsec VPN. FortiClient connects every endpoint to Endpoint Management

form a cohesive security fabric.

EMS for Central


Management
§§ Simple & User Friendly UI
§§ Remote FortiClient Deployment
§§ Real-time Dashboard
§§ Software Inventory Management
§§ Active Directory Integration
§§ Central Quarantine Management
§§ Automatic Group Assignment
§§ Dynamic Access Control
§§ Automatic Email Alerts
§§ Supports Custom Groups
§§ Remote Triggers

FortiGuard Security
Services
www.fortiguard.com

FortiCare Worldwide
24/7 support
support.fortinet.com
DATA SHEET | FortiClient

FortiClient Benefits
Unified endpoint features including compliance, protection, Secure Remote Access & Mobility Dashboard
and secure access into a single, modular lightweight client. for Ease of Management
FortiClient uses SSL and IPSec VPN to provide secure, reliable
End-to-end threat visibility and control by natively
access to corporate networks and applications from virtually any
integrating endpoint into the Security Fabric architecture.
internet connected remote location. FortiClient simplifies remote
Advanced threat protection against exploits and advanced user experience with built-in auto-connect and always-up VPN
malware, powered by FortiGuard along with FortiSandbox features. Two-Factor authentication can also be used to provide
integration. additional layer of security. Feature like, VPN auto-connect, Always

Integrated patch management and vulnerability shielding to up, Dynamic VPN Gateway Selection and split-tunneling ensures

harden all endpoints. smooth user experience on all device types connecting from home
or public places.
Simplified management and policy enforcement with
Enterprise Management Server (EMS) and FortiGate,
respectively. Anti-Exploit
This behavioral-based detection technology
protects against zero-day file-less
Advanced Threat Protection attacks that target applications with zero-
As a next-generation endpoint protection solution, FortiClient day or un-patched vulnerabilities.
helps connect endpoints to FortiSandbox, which uses
behavior-based analysis to automatically analyze in real-
Protects against zero-day attacks targeting undiscovered or
time all files downloaded to FortiClient endpoints. Millions of
un-patched application vulnerabilities
FortiClient and FortiSandbox users worldwide share information
about known and unknown, malware with cloud-based Detects various memory techniques used in an exploit, such
FortiGuard. FortiGuard automatically shares the intelligence as ROP, HeapSpray, buffer overflow
with other FortiSandbox units and FortiClient endpoints to
Shields web browsers, Java/Flash plug-ins, Microsoft Office
prevent attacks from known and unknown malware.
applications, and PDF Reader

Security Fabric Integration


As a key piece of the Fortinet Security Fabric, FortiClient Cloud-Based Threat Detection
integrates the endpoints into the Fabric for early detection and Protects against emerging threats with real-time threat intelligence
prevention of advanced threats and delivers endpoint visibility, powered by FortiGuard.
compliance control, vulnerability management and automation.
With 6.0, FortiOS & FortiAnalyzer leverages FortiClient
endpoint telemetry intelligence to identify Indicator of
Compromise (IoC). With the Automation capability, admins
can investigate real-time and set policies to automate
responses including quarantining suspicious or compromised
endpoints to contain incidents and stem outbreaks. Fortinet’s
endpoint compliance & vulnerability management features
simplifies the enforcement of enterprise security policies
preventing endpoints from becoming easy attack targets.

2
DATA SHEET | FortiClient

Feature Highlights

EMS provides ability to centrally EMS FortiGate provides


FortiGate
manage Windows, Mac, Linux, awareness and control
Chrome, iOS and Android endpoints over all your endpoints

Software Inventory Management provides Telemetry provides real-time endpoint visibility (including user avatar)
visibility into installed software applications and licence management to on FortiGate console so administrators can get a comprehensive view of the
improve security hygiene. You can use inventory information to detect and whole network. Telemetry also ensures that all fabric components have a
remove unnecessary or outdated applications that might have vulnerabilities unified view of the endpoints.
to reduce your attack surface.
Dynamic Access Control for Compliance Enforcement
Windows AD Integration helps sync organizations AD structure into requires EMS to create virtual groups based on endpoint security posture.
EMS so same OUs can be used for endpoint management. These virtual groups are then retrieved by FortiGate and used in firewall
policy for dynamic access control. Dynamic groups help automate & simplify
Real-time Endpoint Status always provides current information on compliance to security policies.
endpoint activity & security events.
Endpoint Quarantine helps to quickly disconnect a compromised
Vulnerability Dashboard helps manage organizations attack surface. endpoint from the network and stop it from infecting other assets.
All vulnerable endpoints are easily identified for administrative action.
Automated Response helps detect and isolate suspicious or
Centralized FortiClient Deployment & Provisioning that compromised endpoints without manual intervention
allows administrators to remotely deploy endpoint software and perform
controlled upgrades. Makes deploying FortiClient configuration to thousands of
clients an effortless task with a click of a button.

Sandbox settings are automatically synchronized with


EMS and detailed analysis of FortiClient submitted files for behavior based
detection is accessible in EMS. Administrators can see all behavior activity of
a file including graphic visualization of full process tree.

SECURITY FABRIC AGENT


Provisioning
Centralized Client Provisioning
Client Software Updates
Windows AD Integration
FortiTelemetry Gateway IP List
Software Inventory
Automatic Group Assignment

Compliance Enforcement and Security Fabric Integration


Fortinet Security Fabric Integration
Security Posture Check
Vulnerability Compliance Check
Dynamic Access Control
Authorized Device Detection
Automated Endpoint Quarantine

Remote Control
On-demand Antivirus Scan
On-demand Vulnerability Scan
Host Quarantine

Telemetry and Monitoring


Client Information (client version, OS IP/MAC address,
profile assigned, user avatar)
Client Status
Reporting (to FortiAnalyzer)

PLUS - Add Sandbox Cloud Subscription for Proactive Advanced Threat Detection as well as other upcoming add-ons in the future.

3
DATA SHEET | FortiClient

WINDOWS MAC OS X ANDROID iOS CHROMEBOOK LINUX FORTICLIENT


Security Fabric Components
Operating System Supported:
Endpoint Telemetry1 Microsoft Windows 7 (32-bit and 64-bit
Compliance Enforcement using Dynamic Microsoft Windows 8, 8.1 (32-bit and 64-bit
Access Control1 Microsoft Windows 10 (32-bit and 64-bit
Endpoint Audit and Remediation with FortiClient 6.2.0 does not support Windows XP or
Vulnerability Scanning1 Windows Vista
Windows Server 2008 or newer
Automated Endpoint Quarantine Mac OS X v10.13 , v10.12, v10.11,
Host Security and VPN Components iOS 5.1 or later (iPhone, iPad, iPod Touch
Android OS 4.4.4 or later (phone and tablet
Antivirus Linux OS, Ubuntu 16.04 and later, Red Hat 7.4 and
Cloud-based Threat Detection later, CentOS 7.4 and later with KDE or GNOME
Anti-Exploit Authentication Options
Sandbox Detection (on-prem) * RADIUS, LDAP, Local Database, xAuth, TACACS+,
Sandbox Cloud Detection Digital Certificate (X509 format), FortiToken
Web Filtering2
Connection Options
Application Firewall1 Auto Connect VPN before Windows logon,
IPsec VPN IKE Mode config for FortiClient VPN IPsec tunnel
SSL VPN3
Note: All specifcations are based on FortiClient 6.2.
Others
Remote Logging and Reporting4
Windows AD SSO Agent FORTICLIENT EMS
USB Device Control
Operating System Supported
PLUS - Add Sandbox Cloud Subscription for Proactive Advanced Threat Detection Microsoft Windows Server 2008 or newer
1
Requires FortiClient to be managed by EMS
Endpoint Requirement
2
Also compatible in Chrome OS
FortiClient version 6.0 or newer, FortiClient for
3
Also compatible in Windows Mobile.
Microsoft Windows and Mac OS X, 6.0 for iOS and
The list above is based on the latest OS for each platform.
Android
4
Requires FortiAnalyzer
* No file submission
System Requirements
2.0 GHz 64-bit processor, dual core (or two virtual
CPUs), 4 GB RAM, 40 GB free hard disk, Gigabit
(10/100/1000BaseT)
Ethernet adapter, Internet access

Order Information
Product SKU Description

FortiClient Security Fabric Agent FC1-15-EMS01-299-02-DD Security Fabric Agent with EPP license subscription for 25 endpoints.
with FortiSandbox Cloud Includes Fabric Agent, Anti-Malware, Remote Access, Web Filter,
Vulnerability Scan, Software Inventory, Application Firewall, SSOMA,
Threat Outbreak Detection, Sandbox Agent with Cloud Sandbox
CERTIFIED
subscription, Central Management and 24x7 Support

FortiClient Security Fabric Agent FC1-15-EMS01-297-02-DD Security Fabric Agent with EPP license subscription for 25 endpoints.
for 25 Clients Includes Fabric Agent, Anti-Malware, Remote Access, Web Filter,
Vulnerability Scan, Software Inventory, Application Firewall, SSOMA,
Threat Outbreak Detection, Sandbox Agent (On-Prem), Central
Management and 24x7 Support

FortiClient Chromebook for 25 FC1-15-EMS01-403-02-DD FortiClient Chromebook license subscription for 25 Chrome OS users.
Clients Includes Web Filter, Central Management and 24x7 Support.

www.fortinet.com

Copyright © 2019 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law
trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results
may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to
the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event,
only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests.
Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version
of the publication shall be applicable. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without
notice, and the most current version of the publication shall be applicable.
FST-PROD-DS-FCT FCT-DAT-R21-201906

You might also like