Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
traghunath
New Contributor

Created on ‎09-07-2020 08:22 AM

Configuring Endpoint Control

Hi,

Can I configure EMS via my fortigate (300D) or do I need to install the EMS server software?  I am trying to avoid installing the server software.

 

Thanks

 

3585
0 Kudos
2 Solutions
Yurisk
SuperUser
SuperUser
In response to SecurityPlus

Created on ‎09-07-2020 11:33 PM

Up to FortiOS 6.2 you could register Forticlients to the Fortigate and create some basic profiles on the Fortigate to be pushed to the PCs, like compliance check, av/vuln scan. But starting with 6.2 you cannot - only via EMS server.

If you have older than 6.2 version, see in the FortiOS reference commands  https://docs.fortinet.com/document/fortigate/6.0.0/cli-reference/362768/endpoint-control (configurable in CLI only anyway):

 

config endpoint-control settings

config endpoint-control profile

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.

View solution in original post

Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
2604
0 Kudos
Yurisk
SuperUser
SuperUser
In response to traghunath

Created on ‎09-21-2020 07:40 AM

IF you have FortiOS 6.0.x you don't need EMS and you can register Forticlients on PC stations directly with Fortigate, up to 10 Forticlients without buying additional licenses. 

 

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.

View solution in original post

Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
2604
0 Kudos
5 REPLIES 5
SecurityPlus
Contributor II

Created on ‎09-07-2020 11:22 AM

I would like to know the answer to this question too.

2558
0 Kudos
Yurisk
SuperUser
SuperUser
In response to SecurityPlus

Created on ‎09-07-2020 11:33 PM

Up to FortiOS 6.2 you could register Forticlients to the Fortigate and create some basic profiles on the Fortigate to be pushed to the PCs, like compliance check, av/vuln scan. But starting with 6.2 you cannot - only via EMS server.

If you have older than 6.2 version, see in the FortiOS reference commands  https://docs.fortinet.com/document/fortigate/6.0.0/cli-reference/362768/endpoint-control (configurable in CLI only anyway):

 

config endpoint-control settings

config endpoint-control profile

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.
Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
2605
0 Kudos
traghunath
New Contributor
In response to Yurisk

Created on ‎09-21-2020 05:10 AM

But do I still need to install the EMS server software or can I configure and register the clients using the fortigate?  This is what I am trying to understand.

2558
0 Kudos
Yurisk
SuperUser
SuperUser
In response to traghunath

Created on ‎09-21-2020 07:40 AM

IF you have FortiOS 6.0.x you don't need EMS and you can register Forticlients on PC stations directly with Fortigate, up to 10 Forticlients without buying additional licenses. 

 

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.
Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
2605
0 Kudos
traghunath
New Contributor
In response to Yurisk

Created on ‎09-21-2020 07:42 AM

thank you

2558
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.