Greetings,
We have a lot of coworkers that uses Forticlient to connect to our organization, but most of the time the computers they use are not safe and may be infected with malware, we want to enforce the vulnerability scanner and some compliances, like an specific operative system, or country. If the conditions are met, then the connection is stablished, else the connection is not possible.
Bests regards.
You should be able to do this by enabling Endpoint Registration in your SSLVPN Settings page on the FortiGate, and setting up a FortiClient profile on the FortiGate to enforce minimum security requirements.
Not sure it can prevent clients from connecting before they've had a scan, but can definitely restrict clients with a certain vulnerability threshold.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.