Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
bstefanovski
Staff
Staff

Created on ‎11-13-2024 03:27 AM Edited on ‎11-13-2024 07:00 AM By Moderator

Article Id 357404

Technical Tip: FortiClient EMS Cloud and FortiGate must be in the same client account to work

Description This article describes why FortiGate and FortiClient EMS must be in the same client account for proper functionality and seamless integration.
Scope FortiGate, EMS, FortiClient.
Solution

Devices from FortiGate and FortiClient EMS need to be in the same client account to function properly together.

Because the two devices work together in a tightly integrated system and the FortiGate firewall depends on the setup and control offered by the FortiClient EMS, this requirement is crucial.

 

  • The firewall can enforce security regulations, including VPN access, endpoint management, and other security measures when FortiGate is coupled with FortiClient EMS, which is used to manage FortiClient endpoints. A unified security strategy is provided by having both devices under the same client account, which guarantees that the configuration synchronizes smoothly on both ends.
  • The client account ensures that all rules, security settings, and logs are consistent between the two devices and enables EMS to push configurations straight to FortiGates. Configuration management and policy enforcement may not be in sync if they are in separate client accounts, which could result in security flaws.
  • Keeping both devices within the same account simplifies issue resolution since support services can access both FortiClient EMS and FortiGate configurations within the same environment, improving diagnostics and troubleshooting efficiency.
  • Separating FortiGate and FortiClient EMS licenses into separate accounts might cause problems with licensing validation, updates, and access to capabilities that are available within a single account structure because these licenses are frequently connected to the client account.

 

Note: Support multi-tenant FortiClient Cloud fabric connectors, and having multiple EMS licenses is possible. Using the FortiClient Cloud access key, a FortiGate can connect to a FortiClient Cloud instance belonging to a sub-OU in the same FortiCloud account or a different FortiCloud account. Please read more about this in the following official release notesSupport multi-tenant FortiClient Cloud fabric connectors 7.4.4.

 

How to check and to perform this integration:

This can be done by logging into the Fortinet client portal and checking that both devices appear under the same profile.

Next, configure the EMS settings to align with the FortiGate requirements for VPN, endpoint control, and other policies.

This setup improves network security, ensures consistent policy enforcement, and simplifies management across devices. Additionally, unified technical support is available for any issues that may arise between the EMS and FortiGate.
194
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.