Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

EMS Administration Guide

Left pane with multitenancy enabled

The left navigation pane displays content in the right pane. The following describes the left pane for the global site when multitenancy is enabled:

Option

Description

Dashboard

 

Status

Displays a dashboard of information about all managed endpoints.

Administration

 

Administrators

Add and manage FortiClient EMS administrators.

 

User Settings

Configure the inactivity timeout and other user settings.

 

Configure License

Upgrade or renew the FortiClient EMS license.

 

Configure Sites

Configure multitenancy sites.

 

Log Viewer

View log messages generated by FortiClient EMS and download raw logs.

System Settings

 

EMS Settings

Change the IP address and port and configure other EMS settings for FortiClient EMS, including enabling Chromebook management.

 

Log Settings

Specify what level of log messages to capture in FortiClient EMS logs and when to automatically delete logs and alerts.

 

FortiGuard Services

Configure the FortiGuard server location. Configure FortiManager to use for client software/signature updates and configure FortiCloud settings.

 

EMS Alerts

Enable alerts for FortiClient EMS events.

 

SMTP Server

Set up an SMTP server to enable email alerts.

The following describes the left pane at the site level when multitenancy is enabled. For all options at the site-level, you can only view and manage endpoints and settings for the current selected site:

Option

Description

Dashboard

 

Status

Displays a dashboard of information about all managed endpoints.

 

Vulnerability Scan

Displays the Current Vulnerabilities Summary chart that provides a centralized vulnerability summary for all managed endpoints. You can observe high-risk hosts and critical vulnerabilities existing on endpoints. You can also access links on how to fix or repair the vulnerabilities.

 

Chromebook Status

Displays a dashboard of information about all managed Chromebooks. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

Endpoints

 

All Endpoints

Manage all endpoints.

 

Manage Domains

Add and manage AD domains.

 

Domains

Manage endpoints from AD domains. You can also add an AD domain if none exist.

 

Workgroups

Manage endpoints from workgroups.

 

Group Assignment Rules

Configure rules to automatically place endpoints into custom groups based on their installer ID, IP address, or OS.

Google Domains

Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

 

All Users

Manage users from all Google domains.

 

Manage Domains

Add and manage Google domains.

 

Domains

Manage users from specific Google domains. You can also add a Google domain if none exist.

Deployment & Installers

 

Manage Deployment

Create deployment configurations to deploy FortiClient to endpoints.

 

FortiClient Installers

Add and manage FortiClient deployment packages.

Endpoint Policy & Components

 

Manage Policies

Create endpoint policies and manage policy updates for Windows, macOS, and Linux endpoints.

 

CA Certificates

Upload and import CA certificates into FortiClient EMS.

 

On-fabric Detection Rules

Configure on-fabric detection rules for endpoints.

Chromebook Policy

Create endpoint policies and manage policy updates for Chromebook endpoints. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

Endpoint Profiles

 

Manage Profiles

Create profiles and manage profile updates for all profiles.

 

Import from FortiGate/FortiManager

Import Web Filter profiles from FortiOS or FortiManager.

Zero Trust Tags

 

 

Zero Trust Tagging Rules

Define Zero Trust tagging rules.

 

Host Tag Monitor

View tagged endpoints.

 

Fabric Device Monitor

View all FortiGates connected to EMS for Zero Trust tagging and the list of tags that are shared with each FortiGate.

Software Inventory

 

Applications

View applications installed on endpoints. Display applications by application or application vendor name.

 

Hosts

View applications installed on endpoints, sorted by endpoint.

Quarantine Management

 

Files

View and allowlist files on endpoints that Sandbox or AV has quarantined.

 

Allowlist

View and delete allowlisted files from the Allowlist pane.

Administration

 

Administrators

Add and manage FortiClient EMS administrators.

 

Admin Roles

Add and manage FortiClient EMS admin roles and permissions.

 

Fabric Devices

View Fabric devices connected to EMS.

 

SAML SSO

Configure SAML SSO authentication.

 

Log Viewer

View log messages generated by FortiClient EMS and download raw logs.

System Settings

 

EMS Settings

Change the IP address and port and configure other EMS settings for FortiClient EMS, including enabling Chromebook management.

 

Log Settings

Specify what level of log messages to capture in FortiClient EMS logs and when to automatically delete logs and alerts.

 

FortiGuard Services

Configure the FortiGuard server location. Configure FortiManager to use for client software/signature updates and configure FortiCloud settings.

 

EMS Alerts

Enable alerts for FortiClient EMS events.

 

Endpoint Alerts

Enable alerts for endpoint events.

 

SMTP Server

Set up an SMTP server to enable email alerts.

 

Custom Messages

Customize the message that displays on an endpoint when it has been quarantined by FortiClient EMS

 

Feature Select

Choose which features to show and hide in EMS.

Left pane with multitenancy enabled

The left navigation pane displays content in the right pane. The following describes the left pane for the global site when multitenancy is enabled:

Option

Description

Dashboard

 

Status

Displays a dashboard of information about all managed endpoints.

Administration

 

Administrators

Add and manage FortiClient EMS administrators.

 

User Settings

Configure the inactivity timeout and other user settings.

 

Configure License

Upgrade or renew the FortiClient EMS license.

 

Configure Sites

Configure multitenancy sites.

 

Log Viewer

View log messages generated by FortiClient EMS and download raw logs.

System Settings

 

EMS Settings

Change the IP address and port and configure other EMS settings for FortiClient EMS, including enabling Chromebook management.

 

Log Settings

Specify what level of log messages to capture in FortiClient EMS logs and when to automatically delete logs and alerts.

 

FortiGuard Services

Configure the FortiGuard server location. Configure FortiManager to use for client software/signature updates and configure FortiCloud settings.

 

EMS Alerts

Enable alerts for FortiClient EMS events.

 

SMTP Server

Set up an SMTP server to enable email alerts.

The following describes the left pane at the site level when multitenancy is enabled. For all options at the site-level, you can only view and manage endpoints and settings for the current selected site:

Option

Description

Dashboard

 

Status

Displays a dashboard of information about all managed endpoints.

 

Vulnerability Scan

Displays the Current Vulnerabilities Summary chart that provides a centralized vulnerability summary for all managed endpoints. You can observe high-risk hosts and critical vulnerabilities existing on endpoints. You can also access links on how to fix or repair the vulnerabilities.

 

Chromebook Status

Displays a dashboard of information about all managed Chromebooks. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

Endpoints

 

All Endpoints

Manage all endpoints.

 

Manage Domains

Add and manage AD domains.

 

Domains

Manage endpoints from AD domains. You can also add an AD domain if none exist.

 

Workgroups

Manage endpoints from workgroups.

 

Group Assignment Rules

Configure rules to automatically place endpoints into custom groups based on their installer ID, IP address, or OS.

Google Domains

Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

 

All Users

Manage users from all Google domains.

 

Manage Domains

Add and manage Google domains.

 

Domains

Manage users from specific Google domains. You can also add a Google domain if none exist.

Deployment & Installers

 

Manage Deployment

Create deployment configurations to deploy FortiClient to endpoints.

 

FortiClient Installers

Add and manage FortiClient deployment packages.

Endpoint Policy & Components

 

Manage Policies

Create endpoint policies and manage policy updates for Windows, macOS, and Linux endpoints.

 

CA Certificates

Upload and import CA certificates into FortiClient EMS.

 

On-fabric Detection Rules

Configure on-fabric detection rules for endpoints.

Chromebook Policy

Create endpoint policies and manage policy updates for Chromebook endpoints. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

Endpoint Profiles

 

Manage Profiles

Create profiles and manage profile updates for all profiles.

 

Import from FortiGate/FortiManager

Import Web Filter profiles from FortiOS or FortiManager.

Zero Trust Tags

 

 

Zero Trust Tagging Rules

Define Zero Trust tagging rules.

 

Host Tag Monitor

View tagged endpoints.

 

Fabric Device Monitor

View all FortiGates connected to EMS for Zero Trust tagging and the list of tags that are shared with each FortiGate.

Software Inventory

 

Applications

View applications installed on endpoints. Display applications by application or application vendor name.

 

Hosts

View applications installed on endpoints, sorted by endpoint.

Quarantine Management

 

Files

View and allowlist files on endpoints that Sandbox or AV has quarantined.

 

Allowlist

View and delete allowlisted files from the Allowlist pane.

Administration

 

Administrators

Add and manage FortiClient EMS administrators.

 

Admin Roles

Add and manage FortiClient EMS admin roles and permissions.

 

Fabric Devices

View Fabric devices connected to EMS.

 

SAML SSO

Configure SAML SSO authentication.

 

Log Viewer

View log messages generated by FortiClient EMS and download raw logs.

System Settings

 

EMS Settings

Change the IP address and port and configure other EMS settings for FortiClient EMS, including enabling Chromebook management.

 

Log Settings

Specify what level of log messages to capture in FortiClient EMS logs and when to automatically delete logs and alerts.

 

FortiGuard Services

Configure the FortiGuard server location. Configure FortiManager to use for client software/signature updates and configure FortiCloud settings.

 

EMS Alerts

Enable alerts for FortiClient EMS events.

 

Endpoint Alerts

Enable alerts for endpoint events.

 

SMTP Server

Set up an SMTP server to enable email alerts.

 

Custom Messages

Customize the message that displays on an endpoint when it has been quarantined by FortiClient EMS

 

Feature Select

Choose which features to show and hide in EMS.