Is it possible to configure FSA to do a dynamic scan on a certain VM
clone based on the user or machine the file came from ? For instance, if
the file came from a Windows 11 user, is it possible to force the
dynamic scan to a Windows 11 clone only ?
I'm looking for some best practices for setting the 'starting default'
wired switchport vlans when deploying NAC. What is reccommended for each
of these cases ?a) dead end VLAN with zero access ?b) guest network VLAN
that denies access to any corpora...
Seeking a Fortinet solution to replace our Umbrella DNS Advantage for
remote users. The goal is to enforce DNS filtering for all remote users,
regardless of whether or not they are on/off VPN. Forticlient doesn't
support the DNS filtering profile (on...
For my FortiCloud subscriptions (FAZ, FMG, Sandbox, EMS) - Our
compliance team needs documentation that our data is kept in US
datacenters only. How is this handled and is there any documentation
that proves it ? Thanks, Don
When trying to move sub-interfaces from one physical port to another, my
policy package in FMG throws errors... Seems like I have to manually
update every policy. Is there a way to get the policy to track the
changes and auto-correct itself ? Thanks,...
AEK, makes sense. A follow-up question....In a windows environment, does
the user need to start on a vlan that at least has access to the domain
controller to authenticate before any NAC policy is applied ? Thanks !
My thought was running these CLI scripts from FMG: 1) Policy Package -
Replace vlan interface with "any". Must install the policy because all
subsequent configs will fail.2) Device Database - In the VLAN interface,
unset the existing physical port, t...
