Endpoint Protection

Expand all | Collapse all

FortiClient EMS

  • 1.  FortiClient EMS

    Posted Aug 24, 2016 09:24 AM

    Hey,

    Is it possible to write compliance rules with the FortiClient / FortiClient EMS endpoint control that requires certain 3rd party applications be installed?  I know it can require anti-virus and windows updates, but I'm specifically looking for other software be installed on the endpoints.

    Thanks,

    Chris



  • 2.  FortiClient EMS

    Posted Aug 24, 2016 09:41 AM
    It’s actually a function of the FortiGate in 5.4.1 since it is considered the Compliance Enforcer in the solution. You actually configure this in the CLI of the FortiGate and then FortiClient will take the instruction from there. For more information, see the FortiOS CLI guide.

    The answer to your question though is yes, this is supported. You will take the hash of the executable of your application and require that the application be present before endpoint is considered compliant.


    Joe Martins
    Product Specialist, CISSP, APT Solutions

    [Fortinet]
    ________________________________
    E: jmartins@...<jmartins@...
    M: 925.389.8345

    899 Kifer Road | Sunnyvale, CA 94086
    ________________________________

    www.fortinet.comhttp://www.fortinet.com [Twitter] <http://www.twitter.com/fortinet> [LinkedIn] <http://www.linkedin.com/company/fortinet> [Facebook] <http://www.facebook.com/fortinet> [YouTube] <http://www.youtube.com/user/SecureNetworks> [Google+] <https://plus.google.com/+fortinet>


    From: "Chris Friesen via forticlient.public"


  • 3.  RE: FortiClient EMS

    Posted Aug 25, 2016 06:40 AM

    Hey Joe,

    Thanks for getting back to me.  If it's a function of the FortiGate, is the process the same in 5.2.3?

    Chris



  • 4.  RE: FortiClient EMS

    Posted Aug 25, 2016 06:48 AM

    In FortiOS 5.2.3 it is limited to Host Check over SSL VPN. If you search the FortiOS 5.2.x guide (or CLI Reference Guide) for 'Host Check' you will see what sort of options you have for posture checking. I do not think that in 5.2.x we have the ability to look for a specific application by hash value, but there might be the ability to look for a registry key.