FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
Article Id 306874
Description This article describes how to block WhatsApp communication via FortiClient EMS through Security Profiles.
Scope FortiClient EMS v7.0+, v7.2+.
  1. Access the EMS GUI and then go to Endpoint Profiles -> Firewall, then edit the desired profile:




There are two options to block WhatsApp:

  • Blocking the entire category, 'Collaboration' category.
  • Blocking only the application to allow access to other apps at the same category.

In this example, the 'Collaboration' category will be allowed and an application override will be created to only block WhatsApp.


  1. At the desired profile, scroll down to 'Application Override', and then, select 'Add' as shown in the figure below:




  1. A new window named 'Firewall Application Signatures' will be shown. Select the filter to search for the WhatsApp:




  1. Type the app name. in this case 'WhatsApp', and some options will appear:




To block the entire app communication, select the first option. Select then the option to block, at the left side of the 'Add' button, and select 'Add'.


  1. Select 'Save', to save the config:




With the configurations saved, wait around 1 minute for the changes to be replicated to the endpoints that use the profile.


  1. When the user attempts to open the WhatsApp application, a warning message will appear informing that the app is blocked:




It is also possible to see the warning at the 'Notifications' tab in the FortiClient as shown below:




The WhatsApp access attempts can also be viewed from the EMS GUI:




To see the events above go to Endpoints -> All Endpoints, search for the device, and select 'Firewall Events'.


The WhatsApp application is blocked and all attempts to access will be recorded.