I wanted to check with the community whether this statement is technically and officially correct as per Fortinet product design. During a recent discussion with Fortinet TAC, we were informed of the following: “ FortiClient EMS does not disable any third-party or running antivirus software by default. If required, the third-party antivirus must be disabled manually or via Active Directory Group Policy.” Specifically, I am looking for help to understand: As per Microsoft documentation, when a supported third-party antivirus is installed and registered correctly, Defender should automatically move to Passive mode. Is this the expected behavior with FortiClient? If Defender is manually disabled via GPO and FortiClient is not installed properly or becomes unhealthy, would that leave the endpoint without active AV protection? Can anyone please share official Fortinet documentation or KB links that describe the supported and recommended approach? Any guidance, experience, or official references would be really helpful.#FortiClient #EndpointSecurity #Windows

New Member

Question

Does FortiClient Automatically Disable Microsoft Defender or Is GPO Required?

Forum|Forum|5 months ago
December 29, 2025
1 reply
768 views

I wanted to check with the community whether this statement is technically and officially correct as per Fortinet product design.

During a recent discussion with Fortinet TAC, we were informed of the following:

“ FortiClient EMS does not disable any third-party or running antivirus software by default. If required, the third-party antivirus must be disabled manually or via Active Directory Group Policy.”

Specifically, I am looking for help to understand:

As per Microsoft documentation, when a supported third-party antivirus is installed and registered correctly, Defender should automatically move to Passive mode. Is this the expected behavior with FortiClient?

If Defender is manually disabled via GPO and FortiClient is not installed properly or becomes unhealthy, would that leave the endpoint without active AV protection?

Can anyone please share official Fortinet documentation or KB links that describe the supported and recommended approach?

Any guidance, experience, or official references would be really helpful.

#FortiClient #EndpointSecurity #Windows

adambomb1219

SuperUser

This depends 100% on how you have your GPOs / MDM setup today. Are you disabling Windows defender at all?

Why not run both?

Also what's up with the hashtags?

adarshkottayiAuthor

New Member

Are you disabling Windows Defender at all?
No, we are not disabling Windows Defender via GPO or MDM.

Why not run both?

Running both FortiClient and Windows Defender Firewall is causing high disk usage (90–100%) and system slowness.

On some endpoints, Defender moves to Passive mode as expected, but on other systems both remain active, which causes the performance issue.

We are trying to confirm the supported Fortinet approach and check if any official documentation is available.

(Hashtags were only for product tagging :))

adambomb1219

SuperUser

This sounds like a question from Microsoft

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded