Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
jkoay
Staff
Staff

Created on ‎11-08-2021 02:04 AM

Article Id 193763

Technical Tip: Zero trust tagging rule for rule type registry key

Description
This article shows zero trust tagging rule configuration steps for rule type registry key.
Solution
When configuring registry key zero trust tagging rule, it is either possible to specify registry path or registry value:




To define registry path, end the registry key string with a backslash ‘\’. 
To define registry key value, end the registry key string without a backslash ‘\’.

Below are examples of defining registry key path and registry key value:

1) To check and tag if FortiClient registry path exists:
Registry key path: HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FortiClient\




2) To check and tag endpoint only when INSTALLDIR exists:
Registry key value: HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FortiClient\INSTALLDIR



2225
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.