In addition to compliance rules, the FortiClient profile also defines how FortiGate handles non-compliant endpoints. FortiGate can block and quarantine endpoints, or FortiGate can warn endpoints about the non-compliance but allow network access. Administrators set the rules and non-compliance action using FortiOS, and FortiGate enforces the rules.
FortiOS 5.6.0 and later versions allow FortiGate to enforce compliance rules for FortiClient endpoints.
FortiClient displays compliant and non-compliant status and information about how endpoint users can return non-compliant endpoints to a compliant state. The administrator or endpoint user is responsible for reading the information in FortiClient and updating FortiClient software on the endpoint to adhere to the compliance rules. Endpoint users can edit settings in FortiClient not controlled by the compliance rules or EMS.