FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
Description This article shows zero trust tagging rule configuration steps for rule type registry key. Solution When configuring registry key zero trust tagging rule, it is either possible to specify registry path or registry value:
To define registry path, end the registry key string with a backslash ‘\’.
To define registry key value, end the registry key string without a backslash ‘\’.
Below are examples of defining registry key path and registry key value:
1) To check and tag if FortiClient registry path exists: Registry key path: HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FortiClient\
2) To check and tag endpoint only when INSTALLDIR exists: