Skip to content Skip to navigation Skip to footer

FortiClient Cloud

Cloud-managed advanced endpoint protection with Security Fabric Integration

FortiClient Cloud banner background banner dots


Endpoints are popular attack targets—a recent study found that 30% of breaches involved malware being installed on endpoints. FortiClient helps you take a proactive endpoint security stance with integrated visibility and control, so you can quickly mitigate risk, save time, and focus on growing your business.


Fortinet Endpoint-IoT Solution

Monitor, control, and protect the expanding digital attack surface.


FortiClient Cloud contains the following key modules: Fabric Agent for Security Fabric connectivity, the endpoint security modules, and the secure remote access modules. FortiClient Cloud integrates with many key components of the Fortinet Security Fabric and is cloud-managed. The central management system is hosted by Fortinet.


Endpoint telemetry for visibility

FortiClient shares endpoint telemetry with the Security Fabric to ensure unified endpoint awareness and deliver integrated endpoint and network security. Endpoint information shared includes device information, OS, security status, vulnerabilities, events, and user ID.

FortiClient Endpoint telemetry for visibility

Automation/host quarantine

Automates policy-based response when triggered by security events. For example, automatically quarantine a suspicious or compromised endpoint to contain incidents and prevent outbreaks.

FortiClient automates policy-based response

Vulnerability scanning and patching

Ensures endpoint hygiene and hardens endpoints to reduce the attack surface. Identifies vulnerable endpoints and prioritizes unpatched OS and software vulnerabilities with flexible patching options including auto-patching.

FortiClient ensures endpoint hygiene and hardens endpoints to reduce the attack surface.

Software inventory

Provides visibility of installed software. In addition to managing licenses, software inventory can improve security hygiene. When software installed is not required for business purposes, it unnecessarily introduces potential vulnerabilities, and thereby increases the likelihood of compromise.

Administrators can leverage inventory information to detect and remove unnecessary or outdated applications that are potentially vulnerable to reduce the attack surface.


Anti-malware leverages FortiGuard Content Pattern Recognition Language (CPRL), machine learning, and AI to protect endpoint against malware. The pattern-based CPRL is highly effective in detecting and blocking polymorphic malware. It also blocks attack channels and malicious websites.


Protects against advanced threats exploiting zero-day and unpatched vulnerabilities. This signature-less and behavioral-based technology detects and blocks memory violation techniques. It shields web browsers, java/flash plug-ins, office applications, PDF readers, load library, and script interpreters from exploit-based attacks.

Web filtering

Powered by FortiGuard research, the web filtering function monitors all web browser activities to enforce web security and acceptable usage policy with 75+ categories. It works across all supported operating systems and works with Google SafeSearch. The endpoint web filtering profile can be synchronized from FortiGate for consistent policy enforcement. Admins can set black/white lists, on-/off-net policies, and import FortiGate web filtering policies for consistent enforcement. 

FortiClient now supports a web filter plugin that improves detection and enforcement of web filter rules on HTTPS sites with encrypted traffic.

Application firewall

Provides the ability to monitor, allow, or block application traffic by categories. It uses the same categories as FortiGate, enabling consistent application traffic control. It leverages FortiGuard anti-botnet, IPS, and application control intelligence and can prevent the use of unwanted applications including proxy apps and HTTPS messaging apps.

FortiSandbox Cloud integration

The optional add-on subscription of FortiSandbox Cloud, allows FortiClient automatically submits files to FortiSandbox Cloud for real-time analysis and deep inspection of zero-day threats. 

Cloud-based threat detection

Protects against emerging threats with real-time threat intelligence powered by FortiGuard.

FortiClient leverages the Security Fabric Architecture and integrates with many Security Fabric components:


FortiClient shares endpoint telemetry with FortiGate firewalls to enforce endpoint security compliance. FortiClient telemetry also contributes to the security rating. The diverse VPN client provides secure remote access.

FortiClient web filtering policy can be automatically synchronized with the FortiGate Web Filter profile.

FortiSandbox Cloud

FortiClient offers an optional FortiSandbox Cloud subscription. Licensed endpoints running FortiClient 6.2.0 can now use the FortiSandbox Cloud service for deep inspection of zero-day threats.


FortiClient natively integrates with FortiSandbox. FortiClient automatically submits files to the sandbox for real-time analysis. Real-time threat intelligence from FortiSandbox is instantly shared across the enterprise.  


In addition to endpoint telemetry, FortiClient sends logs including traffic, vulnerability, software inventory, and events for the network operation center (NOC) and security operation center (SOC) for threat analysis and forensic investigation. 


Enables secure sign-on (SSO) and two-factor authentication.


FortiClient uses SSL and IPsec VPN to provide secure and reliable access to the corporate network. Two-factor authentication can also be leveraged for additional security. Features such as always-on, auto-connect, dynamic VPN gateway selection and split-tunneling, result in optimized user experience and security. 

Single sign-on

It integrates with FortiAuthenticator identity and access management service to provide single sign-on. 

FortiClient Cloud is cloud managed. The central management system is hosted by Fortinet and provides central management of Windows, Mac, Linux, iOS, Android, and Chromebook devices.

Centralized FortiClient deployment and provisioning that allows administrators to remotely deploy endpoint software and perform controlled upgrades. Makes deploying FortiClient configuration to thousands of clients an effortless task with a click of a button.

Features include:

  • Configure, deploy and manage FortiClient
    • Auto tagging/virtual group management
  • Real-time endpoint monitoring
  • Threat summary, alert and notification
  • Remote actions
    • Anti-malware scanning
    • Vulnerability scanning
    • Endpoint quarantine
  • File quarantine management
  • Software inventory
  • Vulnerability scanning and patching    



Deep Visibility

Integration with the Security Fabric provides real-time endpoint telemetry along with endpoint risk status, including unpatched vulnerabilities.    

Integrated and Automated

Integrated and Automated

FortiClient Cloud contains threats automatically by mitigating risky or compromised endpoints and alerting users.


Secure Remote Access

Allow employees to log in remotely with always-on secure VPN. Two-factor authentication adds an extra layer of security.    


Simple Deployment

Get up and running fast with cloud-based central management via a single, integrated, and customizable endpoint agent.

Boost Security Hygiene

Harden endpoints and reduce the attack surface with vulnerability scanning, patching, and software inventory.

Proactive Protection

Stay ahead of the latest threats with machine learning anti-malware, and integrated sandbox services to detect and block advanced threats.