Fortinet black logo

Use Cases

6.0.3
6.0.3

Use Case: Fortinet Security Fabric Agent for Your Security Fabric

Use Case: Fortinet Security Fabric Agent for Your Security Fabric

This use case describes how to deploy Security Fabric Agent (SFA), a key module within FortiClient that integrates endpoints with FortiGate and the Security Fabric. SFA strengthens enterprise security through enhanced endpoint visibility, compliance control, vulnerability scanning, and automated response.

SFA is enabled by default when installing FortiClient and includes components to support the Security Fabric available with FortiGate, such as the following:

Component

Description
FortiClient Telemetry

FortiClient can connect Telemetry to FortiGate and/or EMS. EMS uses the FortiClient Telemetry connection to manage FortiClient endpoints. FortiClient connects Telemetry to FortiGate to participate in the Security Fabric or compliance enforcement.
Vulnerability scanning

Check endpoints for known vulnerabilities. The vulnerability scan results can include:

  • List of vulnerabilities detected
  • How many detected vulnerabilities are rated as critical, high, medium, or low threats
  • Links to more information, including links to the FortiGuard Center

FortiClient can detect vulnerabilities for many software.
Vulnerability remediation After detecting vulnerabilities, FortiClient provides a one-click link to immediately install patches and resolve as many identified vulnerabilities as possible. It also displays a list of patches that require the endpoint user to manually install to resolve outstanding vulnerabilities.

You can use EMS to deploy SFA to endpoints. This scenario requires the following steps:

  1. Create a gateway list with the FortiGate IP address. See Creating a gateway list.
  2. Create a FortiClient installer. Specify the gateway list in the installer. See Creating a FortiClient installer.
  3. Create a profile, select the FortiClient installer package, and configure FortiClient features in the profile. See Creating a deployment profile.
  4. Assign the profile to the desired endpoints to push the FortiClient installation process on the endpoints. See Assigning the profile to endpoints.
  5. Verify the endpoints have connected Telemetry to the Security Fabric and to EMS. See Verifying Telemetry connection.
note icon

The procedure above assumes that all desired endpoints have already been imported into EMS. For instructions on how to import endpoints into EMS, see the FortiClient EMS Administration Guide.
Previous
Next

Use Case: Fortinet Security Fabric Agent for Your Security Fabric

This use case describes how to deploy Security Fabric Agent (SFA), a key module within FortiClient that integrates endpoints with FortiGate and the Security Fabric. SFA strengthens enterprise security through enhanced endpoint visibility, compliance control, vulnerability scanning, and automated response.

SFA is enabled by default when installing FortiClient and includes components to support the Security Fabric available with FortiGate, such as the following:

Component

Description
FortiClient Telemetry

FortiClient can connect Telemetry to FortiGate and/or EMS. EMS uses the FortiClient Telemetry connection to manage FortiClient endpoints. FortiClient connects Telemetry to FortiGate to participate in the Security Fabric or compliance enforcement.
Vulnerability scanning

Check endpoints for known vulnerabilities. The vulnerability scan results can include:

  • List of vulnerabilities detected
  • How many detected vulnerabilities are rated as critical, high, medium, or low threats
  • Links to more information, including links to the FortiGuard Center

FortiClient can detect vulnerabilities for many software.
Vulnerability remediation After detecting vulnerabilities, FortiClient provides a one-click link to immediately install patches and resolve as many identified vulnerabilities as possible. It also displays a list of patches that require the endpoint user to manually install to resolve outstanding vulnerabilities.

You can use EMS to deploy SFA to endpoints. This scenario requires the following steps:

  1. Create a gateway list with the FortiGate IP address. See Creating a gateway list.
  2. Create a FortiClient installer. Specify the gateway list in the installer. See Creating a FortiClient installer.
  3. Create a profile, select the FortiClient installer package, and configure FortiClient features in the profile. See Creating a deployment profile.
  4. Assign the profile to the desired endpoints to push the FortiClient installation process on the endpoints. See Assigning the profile to endpoints.
  5. Verify the endpoints have connected Telemetry to the Security Fabric and to EMS. See Verifying Telemetry connection.
note icon

The procedure above assumes that all desired endpoints have already been imported into EMS. For instructions on how to import endpoints into EMS, see the FortiClient EMS Administration Guide.
Previous
Next