I'm trying to test forticlient endpoint control aspects to enforce windows updates and AV on employee computers using VPN. It seems to work well enough for basic functionality. I am having an issue with the antivirus profile.
It seems like you cannot set up a profile with forticlient as the AV provider or 3rd party, it's one or the other. For example- if i give forticlient to users as a vpn client, i don't expect them to use it for their antivirus if they have another product they like. At the same time, some people may choose to use forticlient for everything including AV. How would you set up a profile or policy to handle both possibilities? if you enable the 3rd party AV option, someone connecting who only has forticlient AV gets a non-compliant message.
It looks like you can assign compliance profiles based on the detected device type, so is the answer to create a custom group and throw everyone who has 3rd party AV into a group, and then everyone with FC into another group and hope they don't decide to change their mind?
Anyone handled this before?
CISSP, NSE4
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.