Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
joh2k
New Contributor III

Testing FortiEDR on Windows Server - no connection possible

We are testing #FortiEDR on a 3 Windows Server 2012 R2: A, B,

 

Installations went smooth and Ensilo Console showed apparently normal steps:

  • Collector [xxxxxxxxxxx] was registered and added to the system
  • Collector [xxxxxxxxxxx] state was changed to "Degraded" . Warnings: There is no available configuration. Please contact support. .
  • Collector [xxxxxxxxxxx] state was changed to "Running" .

A is a file server. After installation, no share could be used. Memory an CPU looked alright

B is a low activity webserver. After installation, website could not be reached. . Memory an CPU looked alright

C is an empty server. After installation, no problems have bee detected.

 

We had to uninstall FortiEDR form A and B.

 

Did anyone face similar problems with file and web servers on Windows Server?

 

Thanks.

4 REPLIES 4
rosatechnocrat
Contributor II

You have to check the policies on the Management Server ( EMS Manager). Are you applying the policies in Monitor/simulation mode or blocking mode. 

Rosa Technocrat -- Also on YouTube---Please do Subscribe
Rosa Technocrat -- Also on YouTube---Please do Subscribe
joh2k
New Contributor III

Hello,

 

Thank you for your help.

 

No EMS Manager at hand right now.

Security settings at th ensilo console shows the following policies, and all of them are oset to "simulation":

Execution Prevention
Exfiltration Prevention
Ransomware Prevention
Device Control
Application Control
eXtended Detection
xxxxxxx-Execution Prevention clone
xxxxxxx-Exfiltration Prevention clone
xxxxxxxx-eXtended Detection clone
xxxxxxxx-Ransomware Prevention clone

CMBCBE
New Contributor

same issue, waiting for a fix or workaround...

tester44ti
New Contributor

Hi,  we´ve started (since 3 Month) to endroll fortiedr Agents on our Servers running with VMware ESXi. We´re new customer. We´ve just enroll the Agent in Listenmode ....    There are a lot of problems. Support creates a new Version, but now, since we update VMware Tools to latest Version - similar Problem. 

 Also Problem on our Citrix Environment with PVS Servers.            

So we disable the Agent on affected Servers and wait till Supports creates a new Clientversion ....

Labels
Top Kudoed Authors