Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Application control via FortiManager

Hey everyone,

I'm looking forward to block Windows 7 and Windows XP on all of our Firewalls worldwide.


As they are all managed via the FortiManager, I was wondering if there is a way to roll out the corresponding configurations centrally.


A workaround would be to access the Firewalls manually one-by-one. However, that would be a lot of work, especially since I'd have to integrate them back into the FortiManager after making changes.


Thanks for your help!




Hey Florian,

I'm not familiar with your current policy setups or packages, so I can't make any specific recommendations, but in general you can do something like this:


- create an application control profile to block Windows 7/XP

- add that application control profile to the relevant policies in your packages

- install to the FortiGates in question

-> if you have one policy package across all your FortiGates, you would only have to do the one change

-> if you have multiple policy packages, you would have to maket the change in each policy package


You could look into global header/footer policies (if you have ADOMs enabled), but those policies might interact with existing policies on your FortiGate and affect non Windows7/XP computeres as well.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors