Hi
Is it possible to see the FortiClient AV results in the FortiAnalyzer? we're replacing Sophos with FortiClient and need a way of viewing any detected viruses and threats across our network.
Thanks
Thanks jb
We actually already have this, but what I'd like to know is where are the identified viruses logged? We only have 3 options under the FortiClient log section (see attached) which are Traffic, Event and Vulnerability Scan.
Where are the results shown for Viruses that FortiClient finds on a PC? Sure I want to know when a URL is blocked, but more importantly, I want to know when it find a live virus on a PC as that is an immediate threat to our network.
Hi jb,
I meant to reply earlier, I discovered that shortly after posting, when a virus is found on the filesystem it goes into FortiClient -> Events.
I did try creating a "custom view" to just show found viruses, which saved ok, but when you go to the Custom View there is no data.. It seems the FortiClient data is treated or handled differently.
Has anybody else managed to get a Custom View or have an example report for FortiClient? Ideally I'd just like to be able to have a daily report generated for us.
Now I have a problem because I don't see it under events at all. The only indication is in the Traffic logs.
I guess I need to do some more testing :)
Thanks,
jb
I wanted to understand how the results of actual "scans" were shown.
So I disabled the FortiClient and AV of the FortiGate, downloaded "eicar", then reloaded FortiClient and ran a custom filesystem scan on the directory.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.