For FortiClient in managed mode, when FortiClient Telemetry is connected to FortiGate or EMS, an administrator may enable, configure, and lock RTP. You can enable RTP if EMS has not locked FortiClient and RTP is excluded from FortiGate compliance rules.
If registered to EMS, FortiClient automatically disables RTP until it receives a profile from EMS. Standalone FortiClient automatically disables RTP when one of the following is true:
- The OS is a server
- Exchange Server is detected
- SQL Server is detected
To enable RTP:
- On the Malware Protection tab, click the Settings icon.
The settings page opens.
- Select the Scan files as they are downloaded or copied to my system checkbox.
- (Optional) Set the following options:
Dynamic threat detection using threat intelligence data
Use threat intelligence data to provide dynamic threat detection. The Scan files as they are downloaded or copied to my system checkbox must be selected to enable dynamic threat detection.
Clear to disable dynamic threat detection.
Block malicious websites
Block all access to malicious websites. Clear to allow access to malicious websites. You can configure an action for all websites categorized as security risks, or configure individual actions for each subcategory. See Blocking malicious websites.
Block known attack communication channels
Block known communication channels used by attackers. Clear to allow access to known communication channels used by attackers. See Blocking known attack communication channels.
- Click OK.
If your system has another AV program installed, FortiClient displays a warning that your system may lock up due to conflicts between different AV products. See Third party AV software and RTP.