FortiClient is an endpoint security solution that helps detect and mitigate vulnerabilities on client devices. FortiClient EMS is a centralized management server that provides visibility and control over FortiClient endpoints. In some cases, it can happen to have a situation where vulnerabilities detected by FortiClient on individual endpoints do not seem to be reflected in FortiClient EMS. This guide will help to troubleshoot and resolve this issue.

Troubleshooting Steps:

1. Check for Endpoint Communication:
   Ensure that the FortiClient endpoints are properly communicating with FortiClient EMS. Verify that the endpoints are connected to the EMS server and send regular status updates.

2. Confirm Vulnerability Scanning:

   Verify that the FortiClient endpoints are performing vulnerability scanning. Check the FortiClient settings on the individual endpoints to ensure that the vulnerability scanning feature is enabled.

    

    

3. Review FortiClient EMS Configuration:

   Log in to FortiClient EMS and review the configuration settings. Ensure that the vulnerability scanning feature is enabled at the EMS level as well.

    

    

4. Check Vulnerability Signature Updates:

   Ensure that both FortiClient endpoints and FortiClient EMS have up-to-date vulnerability signature databases. Outdated signatures may not accurately reflect the latest vulnerabilities.

    

    

5. Inspect Vulnerability Severity Levels:

   Verify the severity levels of the detected vulnerabilities on the FortiClient endpoints. Sometimes, vulnerabilities with low severity may not be included in certain reports or dashboards by default.

    

    

6. Review EMS Dashboard Filters:

   Access the FortiClient EMS dashboard and review any applied filters or search criteria. It is possible that filters are in place that are excluding certain vulnerabilities from the view.

    

    

7. Examine FortiClient EMS Logs:

   Check the logs within FortiClient EMS for any error messages or warnings related to vulnerability data. Look for any potential issues with data ingestion or processing.

    

    

8. Run a Synchronization:

   Trigger a manual synchronization between the FortiClient endpoints and FortiClient EMS. This can help ensure that the latest vulnerability data is sent to the EMS server.

    

    

9. Check for Compatibility Issues:

   Ensure that the FortiClient endpoint versions and FortiClient EMS versions are compatible with each other. Incompatibility can lead to data synchronization issues.

    

    

10. Consult Fortinet Support:

    If the issue persists and it is impossible to identify the root cause, consider reaching out to Fortinet Support for assistance. The service can provide advanced troubleshooting and guidance based on the specific environment.