FortiClient Cloud

Endpoint telemetry for visibility

FortiClient shares endpoint telemetry with the Security Fabric to ensure unified endpoint awareness and deliver integrated endpoint and network security. Endpoint information shared includes device information, OS, security status, vulnerabilities, events, and user ID.

Automation/host quarantine

Automates policy-based response when triggered by security events. For example, automatically quarantine a suspicious or compromised endpoint to contain incidents and prevent outbreaks.

Vulnerability scanning and patching

Ensures endpoint hygiene and hardens endpoints to reduce the attack surface. Identifies vulnerable endpoints and prioritizes unpatched OS and software vulnerabilities with flexible patching options including auto-patching.

Software inventory

Provides visibility of installed software. In addition to managing licenses, software inventory can improve security hygiene. When software installed is not required for business purposes, it unnecessarily introduces potential vulnerabilities, and thereby increases the likelihood of compromise.

Administrators can leverage inventory information to detect and remove unnecessary or outdated applications that are potentially vulnerable to reduce the attack surface.

Anti-malware

Anti-malware leverages FortiGuard Content Pattern Recognition Language (CPRL), machine learning, and AI to protect endpoint against malware. The pattern-based CPRL is highly effective in detecting and blocking polymorphic malware. It also blocks attack channels and malicious websites.

Anti-exploit

Protects against advanced threats exploiting zero-day and unpatched vulnerabilities. This signature-less and behavioral-based technology detects and blocks memory violation techniques. It shields web browsers, java/flash plug-ins, office applications, PDF readers, load library, and script interpreters from exploit-based attacks.

Web filtering

Powered by FortiGuard research, the web filtering function monitors all web browser activities to enforce web security and acceptable usage policy with 75+ categories. It works across all supported operating systems and works with Google SafeSearch. The endpoint web filtering profile can be synchronized from FortiGate for consistent policy enforcement. Admins can set black/white lists, on-/off-net policies, and import FortiGate web filtering policies for consistent enforcement. 

FortiClient now supports a web filter plugin that improves detection and enforcement of web filter rules on HTTPS sites with encrypted traffic.

Application firewall

Provides the ability to monitor, allow, or block application traffic by categories. It uses the same categories as FortiGate, enabling consistent application traffic control. It leverages FortiGuard anti-botnet, IPS, and application control intelligence and can prevent the use of unwanted applications including proxy apps and HTTPS messaging apps.

FortiSandbox Cloud integration

The optional add-on subscription of FortiSandbox Cloud, allows FortiClient automatically submits files to FortiSandbox Cloud for real-time analysis and deep inspection of zero-day threats. 

Cloud-based threat detection

Protects against emerging threats with real-time threat intelligence powered by FortiGuard.

FortiClient leverages the Security Fabric Architecture and integrates with many Security Fabric components:

FortiGate

FortiClient shares endpoint telemetry with FortiGate firewalls to enforce endpoint security compliance. FortiClient telemetry also contributes to the security rating. The diverse VPN client provides secure remote access.

FortiClient web filtering policy can be automatically synchronized with the FortiGate Web Filter profile.

FortiSandbox Cloud

FortiClient offers an optional FortiSandbox Cloud subscription. Licensed endpoints running FortiClient 6.2.0 can now use the FortiSandbox Cloud service for deep inspection of zero-day threats.

FortiSandbox

FortiClient natively integrates with FortiSandbox. FortiClient automatically submits files to the sandbox for real-time analysis. Real-time threat intelligence from FortiSandbox is instantly shared across the enterprise.  

FortiAnalyzer/FortiManager/FortiSIEM

In addition to endpoint telemetry, FortiClient sends logs including traffic, vulnerability, software inventory, and events for the network operation center (NOC) and security operation center (SOC) for threat analysis and forensic investigation. 

FortiAuthenticator

Enables secure sign-on (SSO) and two-factor authentication.

VPN

FortiClient uses SSL and IPsec VPN to provide secure and reliable access to the corporate network. Two-factor authentication can also be leveraged for additional security. Features such as always-on, auto-connect, dynamic VPN gateway selection and split-tunneling, result in optimized user experience and security. 

Single sign-on

It integrates with FortiAuthenticator identity and access management service to provide single sign-on. 

FortiClient Cloud is cloud managed. The central management system is hosted by Fortinet and provides central management of Windows, Mac, Linux, iOS, Android, and Chromebook devices.

Centralized FortiClient deployment and provisioning that allows administrators to remotely deploy endpoint software and perform controlled upgrades. Makes deploying FortiClient configuration to thousands of clients an effortless task with a click of a button.

Features include:

• Configure, deploy and manage FortiClient
  • Auto tagging/virtual group management
• Real-time endpoint monitoring
• Threat summary, alert and notification
• Remote actions
  • Anti-malware scanning
  • Vulnerability scanning
  • Endpoint quarantine
• File quarantine management
• Software inventory
• Vulnerability scanning and patching