Technical Tip: How to evaluate endpoint compliance...

FortiEDR

FortiEDR automates the protection against advanced threats, pre and post-execution, with real time orchestrated incident response functionality.

Article Id 362073

Description

This article describes how to scan FortiEDR Windows Collector for Endpoint Compliance in FortiNAC in cases where the FortiEDR collector was disabled via the disable feature from the FortiEDR Central Manager console.

Scope

FortiEDR Windows Collector, FortiNAC.

Solution

If it is required to restrict the Endpoint when FortiEDR is disabled by an Administrator, the following Registry key can be used as Custom Scans in FortiNAC:

Registry Path	HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FortiEDRWinDriver_x.x.x.x
Name	PersistantConfigPath
Type	REG_SZ
Data	\DosDevices\C:\ProgramData\FortiEDR\Config\Collector\NsloDriverConfig.dat

See this article to add FortiNAC Endpoint Compliance Custom Scans.

11063

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: How to evaluate endpoint compliance in FortiNAC when FortiEDR is disabled

You are leaving our website