Fortinet black logo

Security Fabric Access Deployment Guide

Home FortiPAM 1.3.0 Security Fabric Access Deployment Guide
1.3.0
1.3.0
1.2.0
1.1.0

Configuring FortiClient EMS connection

Configuring FortiClient EMS connection

To configure FortiClient EMS connection:
  1. Go to Network > Fabric Connectors.
  2. In the Core Network Security pane, select FortiClient EMS and then select Edit.

    Alternatively, double-click FortiClient EMS.

    The New Fabric Connector window opens.

  3. In the FortiClient EMS Settings pane:
    1. In Type, ensure that FortiClient EMS is selected.
    2. In Name, enter EMS.
    3. In IP/Domain name, enter the IP address for the FortiClient EMS, i.e., 10.100.88.5.
    4. In HTTPS port, ensure the default value is used, i.e., 443.
    5. Leave EMS Threat Feed and Synchronize firewall addresses as enabled.

      Enabling EMS Threat Feed allows FortiPAM to pull FortiClient malware hash from FortiClient EMS.

      Enabling Synchronize firewall addresses allows synhronizing firewall addresses for all EMS tags.

  4. Click OK.

  5. FortiPAM attempts to verify the EMS server certificate, but fails.

    Before FortiPAM can verify the EMS server certificate, you must authorize FortiPAM on the EMS server.

  6. Click OK.
  7. Click Cancel.
  8. Log in to the EMS server on: https://10.100.88.5.

    Fabric Device Authorization Requests prompt appears.

  9. Select View Detail.
  10. From the list, select the FortiPAM device authorization request and select Authorize from the top.
  11. In FortiPAM, go back to Network > Fabric Connectors.
  12. Double-click FortiClient EMS.
  13. In the Edit Fabric Connector window, click Authorize in FortiClient EMS Status.

    Verify EMS Server Certificate window appears.

  14. In the Verify EMS Server Certificate window, select Accept to accept the certificate from the EMS-side.

    FortiPAM is now successfully connected to the EMS server.

  15. Click Close.
Previous
Next

Configuring FortiClient EMS connection

To configure FortiClient EMS connection:
  1. Go to Network > Fabric Connectors.
  2. In the Core Network Security pane, select FortiClient EMS and then select Edit.

    Alternatively, double-click FortiClient EMS.

    The New Fabric Connector window opens.

  3. In the FortiClient EMS Settings pane:
    1. In Type, ensure that FortiClient EMS is selected.
    2. In Name, enter EMS.
    3. In IP/Domain name, enter the IP address for the FortiClient EMS, i.e., 10.100.88.5.
    4. In HTTPS port, ensure the default value is used, i.e., 443.
    5. Leave EMS Threat Feed and Synchronize firewall addresses as enabled.

      Enabling EMS Threat Feed allows FortiPAM to pull FortiClient malware hash from FortiClient EMS.

      Enabling Synchronize firewall addresses allows synhronizing firewall addresses for all EMS tags.

  4. Click OK.

  5. FortiPAM attempts to verify the EMS server certificate, but fails.

    Before FortiPAM can verify the EMS server certificate, you must authorize FortiPAM on the EMS server.

  6. Click OK.
  7. Click Cancel.
  8. Log in to the EMS server on: https://10.100.88.5.

    Fabric Device Authorization Requests prompt appears.

  9. Select View Detail.
  10. From the list, select the FortiPAM device authorization request and select Authorize from the top.
  11. In FortiPAM, go back to Network > Fabric Connectors.
  12. Double-click FortiClient EMS.
  13. In the Edit Fabric Connector window, click Authorize in FortiClient EMS Status.

    Verify EMS Server Certificate window appears.

  14. In the Verify EMS Server Certificate window, select Accept to accept the certificate from the EMS-side.

    FortiPAM is now successfully connected to the EMS server.

  15. Click Close.
Previous
Next