Fortinet black logo

EMS Administration Guide

Home FortiClient 6.4.0 EMS Administration Guide

Adding an endpoint policy

6.4.0
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.9
6.4.8
6.4.7
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.9
6.2.8
6.2.7
6.2.6
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.8
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
Copy Link
Copy Doc ID 7557264a-859c-11ea-9384-00505692583a:519742
Download PDF

Adding an endpoint policy

To add an endpoint policy:
  1. Go to Endpoint Policy > Manage Policies.
  2. Click Add.
  3. Complete the following fields:

    Endpoint Policy Name

    Enter the desired name for the endpoint policy.

    Endpoint Groups

    Select the device and/or user group to apply the policy to. You can select a group from all imported domains and workgroups.

    Users

    Search for and select desired domain users to apply the policy to.

    Profile

    Include an endpoint profile in the policy. From the dropdown list, select the desired endpoint profile.

    Profile (Off-Net)

    Include an endpoint profile in the policy to apply to the endpoint when it is off-net according to the on-net detection rules configured in this policy. For example, you may want to apply a more restrictive profile to the endpoint when it is determined to be off-net. From the dropdown list, select the desired endpoint profile.

    If including an off-net profile in a policy, it is highly recommended to also include on-net detection rules in the policy. Otherwise, EMS may not apply on-net and off-net profiles as desired.

    On-Net Detection Rules

    Select the on-net detection rules to include in the policy. You can select multiple rules.

    You must have already created on-net detection rules to include them in an endpoint policy. See On-net Detection Rules.

    Telemetry Server List

    Include a Telemetry server list in the policy. From the dropdown list, select the desired Telemetry server list.

    You must have already created a Telemetry server list to include one in an endpoint policy. See Creating a Telemetry server list.

    Comments

    Enter any comments desired for the endpoint policy.

    Enable the Policy

    Toggle to enable or disable the endpoint policy. You can enable or disable the policy at a later time from Endpoint Policy > Manage Policies.
  4. Click Save. You can view the newly created policy on the Endpoint Policy > Manage Policies page.

    EMS pushes these settings to the endpoint with the next Telemetry communication.

Previous
Next

Adding an endpoint policy

To add an endpoint policy:
  1. Go to Endpoint Policy > Manage Policies.
  2. Click Add.
  3. Complete the following fields:

    Endpoint Policy Name

    Enter the desired name for the endpoint policy.

    Endpoint Groups

    Select the device and/or user group to apply the policy to. You can select a group from all imported domains and workgroups.

    Users

    Search for and select desired domain users to apply the policy to.

    Profile

    Include an endpoint profile in the policy. From the dropdown list, select the desired endpoint profile.

    Profile (Off-Net)

    Include an endpoint profile in the policy to apply to the endpoint when it is off-net according to the on-net detection rules configured in this policy. For example, you may want to apply a more restrictive profile to the endpoint when it is determined to be off-net. From the dropdown list, select the desired endpoint profile.

    If including an off-net profile in a policy, it is highly recommended to also include on-net detection rules in the policy. Otherwise, EMS may not apply on-net and off-net profiles as desired.

    On-Net Detection Rules

    Select the on-net detection rules to include in the policy. You can select multiple rules.

    You must have already created on-net detection rules to include them in an endpoint policy. See On-net Detection Rules.

    Telemetry Server List

    Include a Telemetry server list in the policy. From the dropdown list, select the desired Telemetry server list.

    You must have already created a Telemetry server list to include one in an endpoint policy. See Creating a Telemetry server list.

    Comments

    Enter any comments desired for the endpoint policy.

    Enable the Policy

    Toggle to enable or disable the endpoint policy. You can enable or disable the policy at a later time from Endpoint Policy > Manage Policies.
  4. Click Save. You can view the newly created policy on the Endpoint Policy > Manage Policies page.

    EMS pushes these settings to the endpoint with the next Telemetry communication.

Previous
Next