FortiEndpoint
FortiEndpoint
FortiEndpoint
FortiEndpoint
The Fortinet Unified Agent
n VPN/ZTNA Agent
n Vulnerability
Assessment
Unified Agent for Secure Connectivity using ZTNA,
n Sandboxing
Endpoint Protection, Extended Detection and Response
n Device Control
Endpoint Protection
FortiEndpoint integrates with the Fortinet Security Fabric by
n
n MITRE Tagging
n Threat Hunting
combining FortiClient with multiple technologies including the
n Automated Response power of FortiXDR into a single unified agent. It converges
Advanced Forensics
secure connectivity with advanced endpoint prevention, along
n
n Extended Detection
and Response (XDR) with protection and response options to reduce the meantime
n Cloud-based to detect and repair without impact to your users.
Management
n Managed Services
1
FortiEndpoint Data Sheet
Features
The unified agent provides Zero Trust Network Access based on the near real-time security
posture of the endpoint. It leverages the endpoint posture and endpoint behavior to detect
threats. The agent offers proactive attack surface reduction and behavior-based threat
identification, effectively detecting and stopping advanced threats, including fileless malware.
This approach ensures continuous protection, even for compromised and offline devices,
while minimizing dwell time and maintaining robust security across all endpoints. The solution
prevents data exfiltration, command and control (C2) communications, file tampering, and
ransomware encryption. Seamlessly integrated with the Fortinet Security Fabric, it offers
comprehensive visibility and compliance across all endpoints. Centralized management
simplifies administration, enabling rapid vulnerability mitigation and robust defense for both
remote and on-premises environments.
Vulnerability Dashboard
2
FortiEndpoint Data Sheet
Benefits
Universal ZTNA
Fortinet’s Universal ZTNA works with FortiOS to enable secure granular access to applications
no matter if the user is local or remote. Each session is initiated with an automatic, encrypted
tunnel from the agent to the FortiOS ZTNA Application Gateway for user and device identity
Zero Trust Access verification. In addition, it performs continuous near real-time endpoint posture checks that
enables ZTNA application gateway to provide adaptive real-time access control based on
dynamic endpoint posture validation. You can also use multi-factor authentication to provide
an additional layer of security. With Universal ZTNA, organizations benefit from not only
more secure and better remote access but in addition can offer consistent security and user
experience for secure access to applications for on-premises and remote users regardless of
endpoint location.
VPN
This agent provides flexible options for VPN connectivity. The split tunneling feature enables
remote users on VPNs to access the Internet without their traffic having to pass through
the corporate VPN headend, as in a typical VPN tunnel. This feature reduces latency, which
VPN improves user experience. At the same time, the agent includes protections to ensure that
Internet-based transactions cannot backflow into the VPN connection and jeopardize the
corporate network.
In addition to simple remote connectivity, it simplifies the remote user experience with features
such as autoconnect and always-on VPN, as well as dynamic VPN gate selection. You can also
use multifactor authentication to provide an additional layer of security.
3
FortiEndpoint Data Sheet
Benefits continued
4
FortiEndpoint Data Sheet
Services
Managed Services
The managed service provides 24/7 threat monitoring, detection, and response by a globally
located, 100% internal team of security experts. This service continuously monitors alerts,
FortiEndpoint Managed Services
proactively hunts for threats, and takes action to protect your organization. The team
include: threat detection,
leverages deep expertise in malware analysis, threat hunting, and incident handling, ensuring
hunting, remediation, and
reporting
that all alerts are promptly addressed. In addition, the managed service offers incident
response services as an add-on, providing expert support during critical security events. This
comprehensive service reduces the burden on your security team, enhances threat detection
capabilities, and ensures continuous protection against evolving threats. Please see the table
at the end for management option tiers.
5
FortiEndpoint Data Sheet
Feature Highlights
Central Management
The management of the solution give IT and Security Operations teams the following features.
Real-time Endpoint Status: Continuously monitors endpoint activity, including security events,
compliance status, and potential vulnerabilities.
Central management tools
provide the ability to centrally Vulnerability Dashboard: Identifies and prioritizes vulnerabilities, enabling IT teams to quickly
manage Windows, macOS, and address security risks.
Linux endpoints
Software Inventory Management: Keeps track of installed software and ensures endpoints are
compliant and up to date.
Dynamic Access Control: Automates access control based on real-time endpoint security
posture, integrating with firewall policies for dynamic enforcement.
Device Discovery: Continuously scans the network to identify and monitor rogue or
unmanaged devices, including IoT devices, ensuring that all assets are accounted for and
secured.
Virtual Patching: Applies risk-based proactive policies to mitigate vulnerabilities through virtual
patching, protecting critical systems even before traditional patches are deployed.
Forensics: Captures detailed endpoint activity and maintaining memory snapshots, allowing
for full attack chain visibility through patented code tracing, and enabling security teams to
accurately reconstruct and analyze security incidents.
Threat Hunting: Delivers advanced threat hunting capabilities with comprehensive attack-
chain visibility, supported by MITRE ATT&CK framework tagging.
By leveraging role-base access control (RBAC), organizations can ensure comprehensive and
coordinated security management across all endpoints. IT teams can focus on compliance and
policy enforcement, while SecOps teams manage advanced threat detection and response.
This integrated approach streamlines security operations, reduces manual workloads, and
significantly enhances the organization’s overall security posture.
6
FortiEndpoint Data Sheet
Windows 7+ Microsoft Windows Server 2012 or later and Ubuntu 22.04 Desktop and Server
Windows Server 2016 2.0 GHz 64-bit processor, six virtual CPUs, 8 GB RAM, 40 GB free hard disk,
Gigabit (10/100/1000BaseT)
Windows Server 2019
Ethernet adapter, Internet access
Windows Server 2022
macOS
Linux
Others
iOS 9.0+ *
Android 5.0+ *
7
FortiEndpoint Data Sheet
Order Information
MANAGED OPTIONS
PREVENT EDR ESSENTIALS XDR
24/7 Monitoring
Vulnerability Monitoring
Security Fabric Setup
Group and Security Policy Provisioning
Exception Building
Threat Hunting
Incident Handling
Reporting
Threat Detection
Extended Detection and Response
8
Fortinet Corporate Social Responsibility Policy
Fortinet is committed to driving progress and sustainability for all through cybersecurity, with respect for human rights and
ethical business practices, making possible a digital world you can always trust. You represent and warrant to Fortinet that you
will not use Fortinet’s products and services to engage in, or support in any way, violations or abuses of human rights, including
those involving illegal censorship, surveillance, detention, or excessive use of force. Users of Fortinet products are required
to comply with the Fortinet EULA and report any suspected violations of the EULA via the procedures outlined in the Fortinet
Whistleblower Policy.
www.fortinet.com
Copyright © 2024 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product
or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other
conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s SVP Legal and above, with a
purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute
clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer,
or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.
October 9, 2024
FEP-DAT-R01-20241009
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies: