Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Bigjay
New Contributor

Help with APP FIREWALL for NETSKOPE #FortiClientEMS

Hello guys!

Can anyone advice on an issue with Netskope traffic being blocked with app firewall is turned on in EMS?

I cannot find any signature in EMS to whitelist.

Thanks in advance for the help.

3 REPLIES 3
t-admin
New Contributor

Did you ever find a solution?

 

I'm also running into this issue. All HTTP traffic is blocked even while the endpoint is disconnected from the EMS, so I don't think it's even a policy issue. I have to disable FortiClient completely for Netskope (and internet) to work. 

qaajak
New Contributor

Also curious if you found a solution.  Our InfoSec team is proofing out Netskope, but is also not keen on disabling the application firewall in FortiClient just to make it work.

t-admin
New Contributor

@qaajak I would recommend looking at how Netskope supplements/replaces what Forticlient is doing in terms of "app firewall" - depending on your requirements, Netskope may be sufficient. 

 

Essentially to make the two work, all http-related services in the endpoint profile needs to be disabled. There are quite a few, spread over multiple services (Web Filter, Firewall, etc.) but with the new granular profile management it is a bit easier.

Labels
Top Kudoed Authors