Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Claudio
New Contributor

Using different Forticlient Profiles based on AD-Groups

Hi all,

In my topology remote users connect to Fortigate using Forticlient over IPSec VPN. I would like that Fortigate enforcement utm features to Forticlient using different Forticlient Profiles based on AD-Groups, not on the devices groups. All documentations only show how to do this using device identification group. Questions? This configuration is possible? Is there some documentation that explain in details?

Regards, Claudio Rezende

2 REPLIES 2
Carl_Wallmark
Valued Contributor

Hi,

 

It´s not possible at this moment, you can only apply per device.

 

This is what I want to see in the future.

 

1. Set profile per user and not just device.

2. To be able to blacklist files on client. (for example block all .js files)

3. Central quarantine and release of files on client, now you cannot release files centrally.

4. Set on-net/off-net on more modules than only web filtering.

5. DLP on FortiClient, as you would in the firewall.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
Pr0f3ssional
New Contributor

Hi Claudio,

 

I too have been looking at this and found no way to do this other than using Device Profiles, would be great if they could roadmap this functionality in.

 

Dan 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors