When we have Forticlient Zero Trust Telemetry enabled (Centrally Managed by EMS), our web downloads are intermittent. Sometimes files download, other times we get a network download error message saying, "couldn't download - network issue". If I disable the Centrally Managed by EMS, the download works fine. It does not seem like a size issue as sometimes larger downloads work fine and other time not. Including smaller file size. I had reached out to Fortinet support and they found the following: "We found that when "Block Known Communication Channels Used by Attackers" is enabled, download is failed.". After further review they said "IPS catches network traffic correctly."
"Hence as a workaround to allow the download, you can disable "Block Known Communication Channels Used by Attackers". They also said "This was reported to development team. However, at the moment IPS signature exclusion is not a feature."
Has anyone else experienced this issue? I am not wanting to disable Block known communication channels used by attackers.
I would interested in seeing if other have had this issue and what they did to solve this issue. We are running 7.0.7 #ems and client
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.