Hello, there is time for change in our company - we end up with Kaspersky Internet Security and we are looking for other AV solutions. Because we use FortiClient for VPN access, we are also thinking about this solution. We already have prizes from our partner, but I still need to answer a few technical questions. - do you need to buy licenses for FortiTelemetery also? If yes, what is the advantage of telemetry? because in this case, the license fee will be double :) - can you install clients remotely from EMS without a connected VPN? Such as running a .bat file on client, etc? - is a better EMS server put available from a WAN (public IP or NAT) or only via SSL VPN? - does Forticlient Ransomware protection? I will appreciate your answers Thanks, Jirka
We did the same, moved from Sophos to FortiClient & EMS.
1, If you have EMS, which will need to be licensed, then you don't need any telemetry licenses as EMS does that.
2, You can install remotely. EMS builds installers, it's really flexible and you can enable features like auto update and auto register to EMS. You can access the installers via the EMS web portal or simply send out the .exe.
3, Originally we didn't expose EMS to the internet, but regretted that decision within 6 months! I'd suggest from day 1 you enable the EMS Registration key to stop unauthorised devices from registering. Lots of our staff don't come to the office or use VPN so exposing EMS to the web was necessary.
4, You can enable various features that should stop people getting to the ransomware sites. FC with EMS are very flexible. I'd suggest installing EMS 6.0 (free for up to 10 clients) and having a play.
In the early days EMS was really, really buggy but it's much better now. Having said that the EMS Auto installer doesn't work, you'll end up with PC's/Macs that get stuck mid upgrade and don't have a FC installed! Stick with the manual method.
One thing about the advantage of telemetry. If you want to check the "status" of a client, e.g. installed FC Version, Client Vulnerabilities etc. to block such clients from connecting, you need telemetry licenses on the Fortigate. We do that, to prevent unpatched business WiFi Clients to access internal ressources.
BTW: We have EMS in our DMZ and also exposed to the internet, as we have some external workers that aren't frequently in the office.
________________________________________________________
--- NSE 4 ---
________________________________________________________
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.