The following Fortinet products work together to support FortiClient in managed mode:
- FortiClient EMS
FortiClient EMS runs on a Windows server. EMS can manage FortiClient endpoints by deploying FortiClient (Windows) and profiles to endpoints, and the endpoints can connect FortiClient Telemetry to FortiGate or EMS. FortiClient endpoints connect to FortiGate to participate in the Security Fabric or compliance enforcement. FortiClient endpoints connect to EMS to be managed in real time.
For information on EMS, see the FortiClient EMS Administration Guide.
FortiManager provides central FortiClient management for FortiGate devices managed by FortiManager. In FortiManager, you can create one or more FortiClient Compliance profiles to assign to multiple FortiGate devices. You can also import FortiClient Compliance profiles from one FortiGate device and assign the FortiClient Compliance profile to other FortiGate devices. When endpoints are connected to managed FortiGate devices, you can use FortiManager to monitor endpoints from multiple FortiGate devices.
For information on FortiManager, see the FortiManager Administration Guide.
FortiGate provides network security. FortiGate devices define compliance rules for NAC (network access control) for connected endpoints, and FortiClient communicates the compliance rules from FortiGate to endpoints. When FortiManager is used, FortiGate devices communicate between endpoints, EMS, and FortiManager.
When FortiClient Telemetry is connected to FortiGate, endpoints can participate in the Security Fabric or compliance enforcement.
For information on FortiGate, see the FortiOS Handbook.
FortiAnalyzer can receive logs from endpoints connected to FortiGate or EMS, and you can use FortiAnalyzer to analyze the logs and run reports. FortiAnalyzer receives logs directly from FortiClient.
For information on FortiAnalyzer, see the FortiAnalyzer Administration Guide.
FortiSandbox offers the capabilities to analyze new, previously unknown, and undetected virus samples in real time. Files sent to it are scanned first, using similar AV engine and signatures as are available on FortiOS and FortiClient. If the file is not detected but is an executable file, it is run in a Microsoft Windows virtual machine (VM) and monitored. The file is given a rating or score based on its activities and behavior in the VM.
As FortiSandbox receives files for scanning from various sources, it collects and generates AV signatures for such samples. FortiClient periodically downloads the latest AV signatures from the FortiSandbox, and applies them locally to all realtime and on-demand AV scanning.
For more information, see the FortiSandbox Administration Guide.
This feature requires FortiSandbox 2.1 or a later version and is only available on FortiClient (Windows).