Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SteveJW
New Contributor II

Upgrade forticlients in the Office (On-Fabric only)

I have been testing the Forticlient EMS upgrade from 6.4. 7 -> 7.0. 11 -> 7.2. 5 for the past few days.

I only want to perform the FortiClient upgrade on clients in the office (on-Fabric), and NOT the connected VPN clients.

The only option I see is to temporarily remove the Off-Fabric VPN rule set from an existing Policy, and then use the relevant Endpoint group for Deployment.

Please let me know if there is a better way to do this

Thanks

2 REPLIES 2
kionbo2
New Contributor

Once a month we do all updates at noon on a Wednesday. Give them plenty of heads up it’s coming so they can plan ahead, and they always have the option to push back updates a couple hours. Only take a couple minutes. We use action1, I have no experience with intune.

SteveJW
New Contributor II

We have a new customer for whom we provide IT management.
Our first customer with FortiEMS, so we are not yet familiar with the product.
The current state of the FortiClients is chaos.
Currently 64 Not Installed, 87 Not Registered, and 26 Out-Of-Sync
We will "clean" this first

After the upgrade process, we will also perform updates once a month in the future.
I think there is a difference between updates and upgrades.
For updates, I assume that, for example, a (vulnerability) patch is installed.
A restart of the workplace is most likely the only requirement

During an upgrade, the FortiClient is removed and a new version is installed.
So it seems more convenient to me to only upgrade at workplaces without a VPN connection.
Is this what you mean by "action 1"?

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors