Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rafaelrosseto88
New Contributor

Created on ‎03-06-2025 03:16 AM

FortiNAC Endpoint Compliance Cybereason

Hi everyone,

 

Does anyone know why there isn’t a Cybereason Antivirus product available for validation in the FortiNAC endpoint compliance scan?

 

I managed to create a custom scan, which is working well, but now I need to validate either SentinelOne or Cybereason, and with Antivirus plus Custom scan I did not found a way to do this, because there is no OR between them, only AND.

 

FortiNAC 7.2

 

Labels:
296
0 Kudos
2 Solutions
ebilcari
Staff
Staff

Created on ‎03-06-2025 05:08 AM

Currently this antivirus is not supported by FortiNAC but you can raise a 'New Feature Request (NFR)' over your local Fortinet representatives to add support for it.

 

For now, you can try to achieve the requirement by calling a second scan if the antivirus check failed the first one, like shown here:

override results.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

272
rafaelrosseto88
New Contributor
In response to ebilcari

Created on ‎03-06-2025 09:36 AM

Hello,

 

That's exactly what I need. Works like a charm!

 

Thanks

View solution in original post

218
0 Kudos
5 REPLIES 5
ebilcari
Staff
Staff

Created on ‎03-06-2025 05:08 AM

Currently this antivirus is not supported by FortiNAC but you can raise a 'New Feature Request (NFR)' over your local Fortinet representatives to add support for it.

 

For now, you can try to achieve the requirement by calling a second scan if the antivirus check failed the first one, like shown here:

override results.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
273
rafaelrosseto88
New Contributor
In response to ebilcari

Created on ‎03-06-2025 09:36 AM

Hello,

 

That's exactly what I need. Works like a charm!

 

Thanks

219
0 Kudos
ebilcari
Staff
Staff
In response to rafaelrosseto88

Created on ‎03-10-2025 03:20 AM

Thank you for your feedback, I'm glad I could help.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
151
AEK
SuperUser
SuperUser

Created on ‎03-06-2025 08:05 AM

Hi Rafael

I didn't use FNAC since a while but if I remember well I think you can do that by creating two compliance rules, one with AV, and the second with custom scan, then adding the client hosts with Cybereason Antivirus in a separate group, then apply the compliance rule with custom scan to only that group. The other group having SentinelOne AV will be scanned by the regular rule (with normal AV check).

AEK
AEK
250
wadhalji1
New Contributor

Created on ‎03-06-2025 09:26 AM

It sounds like you have a policy in there that evaluates the host as being allowed to be on the network. It is weird that if you disable the host it goes back online but I'm pretty positive that it is a rule that allows the host to be on the network and I suspect it is a rule that looks for the persistent agent as that is a common rule to have.

https://19216811.cam/ https://1921681001.id/
https://19216811.cam/ https://1921681001.id/
225
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.