We've had EMS for about a year and for the most part working great.
Profiles push out to clients, all that stuff.Today it decided that it
was not going to do vulnerabilities anymore! We suddenly have 0 vulns
for all our clients, earlier today that nu...
We're just starting to dip into application control. In this case,
Teamviewer is the application we want to monitor. From what we've read,
you can not create a rule that uses the application signature to match -
instead you have to apply application ...
This has happened twice now. We have remote clients who receive
"endpoint management server (ems) is actively blocking this forticlient
from registering"from the Forticlient (6.2.6) when they try to register
to our EMS server. Other clients with the ...
We have FortiEMS installed and have been using it quite successfully to
push out FortiClient and policy. Amazed at how well it works. Until
Friday. We tried to push to some clients and it never happened. Usually
it's almost instant. We found in the l...
I have this marked as with 5.6, but same thing happens with 6.0 I have a
word document that has WM/Agent.Ml!tr in it as a macro. It is in an
e-mail. From outlook, I can save it to my desktop, copy it on my desktop
and user directory, open it in word ...
Never found anything to resolve this. But we did work-around. Working
with support, one step was to delete the machines from EMS and re-add
them, however the machines were not showing there. The machines are
stand alone machines - not on the domain. ...
Looks like random reddit post was actually truthful. In the 6.2.6/6.2.7
release notes is606466 "FortiClient registration was blocked by Endpoint
Management Server (EMS)" message occurs when FortiGate is in Telemetry
list. No idea what that means, why...
No, I haven't put one in yet. I noticed the behaviour, was curious if
it's been seen before. I passed the info along to our internal
forticlient and fortigate experts for them to figure out and create a
case if needed.
And to make things interesting, I opened notepad, pasted the string that
makes up the EICAR virus into it and saved it as eicar.exe and it was
immediately quarantined. So it does work somewhat. Just why it doesn't
catch the infected word document, or...
I did not notice anything in the Fortigate logs that stood out. We do
have web filtering enabled on FC. I suppose to start to narrow this
down, we could take a problematic client and just disable web filtering
on it to see if that step helps. At leas...
