Technical Tip: How to integrate FortiEndpoint with...

FortiEndpoint

FortiEndpoint is a cloud based EMS solution hosted by Fortinet, built for new deployments. It combines FortiClient Cloud and FortiEDR, offering everything available in FortiClient Cloud with the added ability to deploy and manage FortiEDR collectors.
FortiClient Cloud handles the deployment and version management of collectors. When a deployment is created, a matching EDR collector group is automatically created. Endpoints added to the deployment are also added to this group.
In a standard EDR setup, version control is managed directly in the EDR console. With FortiEndpoint, this is done through the FortiClient installer settings. Collector group configuration stays within FortiClient Cloud, while policy and playbook management continues to be handled through the EDR console.

Article Id 424961

Description

This article describes the XML modifications required to integrate FortiEndpoint to be able to send logs to FortiAnalyzer Cloud.

Scope

FortiEndpoint.

Solution

Verify the compatibility EMS-Server Cloud version populated and FortiAnalyzer Cloud under the same license of FortiEndpoint, must be on the same family version. If FortiAnalyzer Cloud is on a different family requires an upgrade to match the EMS-Server version.

Edit XML associated with System Settings will be assigned to the FortiEndpoint, and add Account ID associated with the FortiEndpoint S/N example:

Account-ID=123

<log_upload_server>123.ca-west-1.fortianalyzer.forticloud.com</log_upload_server>

<log_uploadserver_sni>123.support.fortinet.com</log_uploadserver_sni>

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: How to integrate FortiEndpoint with FortiAnalyzer-Cloud under same License.

You are leaving our website