Fortinet FortiClient Endpoint Security Suite
Anytime, Anywhere Endpoint Security for Network Endpoints

Anti-malware

Anti-malware leverages FortiGuard Content Pattern Recognition Language (CPRL) , machine learning, and AI to protect endpoint against malware. The pattern-based CPRL is highly effective in detecting and blocking polymorphic malware. It also blocks attack channels and malicious websites.

Anti-exploit

Protects against advanced threats exploiting zero-day and unpatched vulnerabilities. This signature-less and behavioral-based technology detects and blocks memory violation techniques. It shields web browsers, java/flash plug-ins, office applications, PDF readers, load library, and script interpreters from exploit-based attacks.

Web filtering

Powered by FortiGuard research, the web filtering function monitors all web browser activities to enforce web security and acceptable usage policy with 75+ categories. It works across all supported operating systems and works with Google SafeSearch. Admins can set black/white lists, on-/off-net policies, and import FortiGate web filtering policies for consistent enforcement. 

Application firewall

Provides the ability to monitor, allow, or block application traffic by categories. It uses the same categories as FortiGate, enabling consistent application traffic control. It leverages FortiGuard anti-botnet, IPS, and application control intelligence and can prevent the use of unwanted applications including proxy apps and HTTPS messaging apps.

Schools continues to enhance their technologies in the curriculum and the adoption of personal devices such as Chromebook are increasingly commonplace.  Schools are required to be in compliance with Children’s Internet Protection Act (CIPA) and protect students from harmful content while browsing the Internet.

Consistent web filtering policy enforcement on- and off- campus    

Powered by FortiGuard research, the web filtering function monitors all web browser activities to enforce web security and acceptable usage policy with 75+ categories and supports Google SafeSearch:

• Support safe browsing for K-12 on and off campus; no reverse proxy or VPN required
• Categorizes more than 43 million rated websites, and 2 billion+ web pages
• Consistent with web filtering policy on FortiGate   
• Works with Google safe search and supports custom Black/White lists
• Monitor all web browser activity including HTTPS

Easy to deploy, simple to use

• Integrated with Google G Suite Admin Console for Management
• Deployment from within G Suite admin console and Google Chrome Web Store.  It allows administrators to manage apps and extensions on Chromebooks, making it a scalable process.
• Single-Sign-On with Google Credentials without requiring additional Captive Portal Login

Flexible detailed logging and reporting

• Identify Students logged into Chromebooks and apply appropriate policies that is grade-level appropriate. 
• Also supports the “cart system” where devices are not specifically assigned to one user.

FortiClient leverages the Security Fabric Architecture and integrates with many Security Fabric components:

FortiSandbox

FortiClient natively integrates with FortiSandbox. FortiClient automatically submits files to the sandbox for real-time analysis. Real-time threat intelligence from FortiSandbox is instantly shared across the enterprise.  

FortiGate

FortiClient shares endpoint telemetry with FortiGate enterprise firewalls to enforce endpoint security compliance.  FortiClient telemetry also contributes to the security rating. The diverse VPN client provides secure remote access.

FortiAnalyzer/FortiManager/FortiSIEM

In addition to endpoint telemetry, FortiClient sends logs including vulnerability, traffic, and events for the Network Operation Center (NOC) and Security Operation Center (SOC) for threat analysis and forensic investigation. 

FortiAuthenticator

Enables secure sign-on (SSO) and two-factor authentication.

VPN

FortiClient uses SSL and IPsec VPN to provide secure and reliable access to the corporate network. Two-factor authentication can also be leveraged for additional security. Features such as always-on, auto-connect, dynamic VPN gateway selection and split-tunneling, result in optimized user experience and security. 

Single sign-on

It integrates with FortiAuthenticator identity and access management service to provide single sign-on. 

EMS provides central management of Windows, Mac, Linux, iOS, Android, and Chromebook devices. Features include remote endpoint deployment, client provisioning, Windows AD integration, real-time endpoint status, vulnerability dashboard, software inventory, quarantine management, alerts, and more.