FortiEndpoint

Download as pdf or txt
Download as pdf or txt
You are on page 1of 9

Data Sheet

FortiEndpoint
The Fortinet Unified Agent

Connect Prevent Protect Respond

Endpoint Protection Endpoint Detection Extended Detection


VPN & Response
& Response

Vulnerability Threat Intelligence


ZTNA Management Threat Hunting

CASB Device Discovery Sandboxing Forensics

Device Control Code Tracing Secure Remote


Privileged Access
Shell
Management

Application Control Ransomware


Protection

Highlights Web & Content


Filtering

n VPN/ZTNA Agent
n Vulnerability
Assessment
Unified Agent for Secure Connectivity using ZTNA,
n Sandboxing
Endpoint Protection, Extended Detection and Response
n Device Control
Endpoint Protection
FortiEndpoint integrates with the Fortinet Security Fabric by
n

n MITRE Tagging
n Threat Hunting
combining FortiClient with multiple technologies including the
n Automated Response power of FortiXDR into a single unified agent. It converges
Advanced Forensics
secure connectivity with advanced endpoint prevention, along
n

n Extended Detection
and Response (XDR) with protection and response options to reduce the meantime
n Cloud-based to detect and repair without impact to your users.
Management
n Managed Services

1
FortiEndpoint Data Sheet

Features

The unified agent provides Zero Trust Network Access based on the near real-time security
posture of the endpoint. It leverages the endpoint posture and endpoint behavior to detect
threats. The agent offers proactive attack surface reduction and behavior-based threat
identification, effectively detecting and stopping advanced threats, including fileless malware.
This approach ensures continuous protection, even for compromised and offline devices,
while minimizing dwell time and maintaining robust security across all endpoints. The solution
prevents data exfiltration, command and control (C2) communications, file tampering, and
ransomware encryption. Seamlessly integrated with the Fortinet Security Fabric, it offers
comprehensive visibility and compliance across all endpoints. Centralized management
simplifies administration, enabling rapid vulnerability mitigation and robust defense for both
remote and on-premises environments.

Available in Central Management Tools


Endpoint Management System (EMS)
• Simple and user-friendly UI • Dynamic access control
• ZTNA orchestration • Automatic email alerts
Hosted
• Real-time dashboard • Supports custom groups
• Software inventory management • Remote actions
• Active Directory (AD) and Azure AD • Cloud-based management
integration • Zero trust tagging rules
• Central quarantine management • Security policy provisioning
• Automatic group assignment

Vulnerability Dashboard

2
FortiEndpoint Data Sheet

Benefits

Security Fabric Integration


The unified agent integrates seamlessly with Fortinet’s Security Fabric, enhancing visibility
and control across all endpoints while ensuring consistent enforcement of security policies. It
includes Fabric agent capabilities that provide near real time endpoint visibility to FortiOS. The
Security Fabric XDR capabilities can also automate a coordinated threat response across both the Security
Fabric and third-party tools like firewalls, NAC, SIEM, NDR, and more in order to streamline
operations and strengthening the organization’s overall security posture. The XDR functionality
taps into existing data lakes such as your SIEM or FortiAnalyzer without requiring replication
which lowers the total cost of ownership of the solution.

Universal ZTNA
Fortinet’s Universal ZTNA works with FortiOS to enable secure granular access to applications
no matter if the user is local or remote. Each session is initiated with an automatic, encrypted
tunnel from the agent to the FortiOS ZTNA Application Gateway for user and device identity
Zero Trust Access verification. In addition, it performs continuous near real-time endpoint posture checks that
enables ZTNA application gateway to provide adaptive real-time access control based on
dynamic endpoint posture validation. You can also use multi-factor authentication to provide
an additional layer of security. With Universal ZTNA, organizations benefit from not only
more secure and better remote access but in addition can offer consistent security and user
experience for secure access to applications for on-premises and remote users regardless of
endpoint location.

VPN
This agent provides flexible options for VPN connectivity. The split tunneling feature enables
remote users on VPNs to access the Internet without their traffic having to pass through
the corporate VPN headend, as in a typical VPN tunnel. This feature reduces latency, which
VPN improves user experience. At the same time, the agent includes protections to ensure that
Internet-based transactions cannot backflow into the VPN connection and jeopardize the
corporate network.

In addition to simple remote connectivity, it simplifies the remote user experience with features
such as autoconnect and always-on VPN, as well as dynamic VPN gate selection. You can also
use multifactor authentication to provide an additional layer of security.

Web Filtering and SaaS Control


The agent provides on-client web and video filtering. This function provides phishing
and botnet protection as well as granular application traffic control including web-based
applications, YouTube, and software as a service (SaaS).
Web Filtering

3
FortiEndpoint Data Sheet

Benefits continued

Vulnerability Detection and Patching


Since the unified agent scans endpoints for all applications, their versions, and vulnerabilities
(CVEs), it shares that information for appropriate action. It proactively mitigates risks by
allowing one to create granular virtual patching policies based on user/device groups,
Vulnerability Management addressing vulnerabilities before they can be exploited. These vulnerabilities can also be
managed by firewall and ZTNA policies, or by quarantining compromised endpoints to prevent
further spread. This approach ensures that endpoints remain secure even if traditional patching
is delayed, providing continuous protection across the ecosystem.

It further automates this process by identifying vulnerabilities and automatically applying


patches across all managed devices. By continuously assessing and patching risks without
user intervention, it minimizes the window of exposure and ensures timely protection even for
remote endpoints, reducing the need for manual patch management.

Patch Policy Enforcement


Keeping endpoints up to date with the latest firmware can be difficult. The agent simplifies this
task by managing endpoint patching, even when the endpoints are not on the network.
Virtual Patching

Malware and Exploit Prevention


The agent integrates Fortinet Cloud Sandboxing and FortiGuard global threat intelligence to
enhance the onboard AI’s real-time threat detection and decision-making. By consulting these
included microservices, it refines alert classifications as more context becomes available. This
Malware dynamic approach allows for more accurate threat assessment, providing analysts with deeper
insights or enabling automated responses through playbooks, ensuring continuous protection
against evolving threats.

Ransomware Protection and Rollback


The unified agent provides patented technology that tracks real-time system changes in a
non-production environment, allowing it to inspect for malicious activity before any changes
are allowed to occur in the production environment. This proactive approach ensures that any
Ransomware suspicious modifications are identified and neutralized before they can affect critical systems.
In the event of an infection, the agent can roll back ransomware encryption across Windows,
macOS, and Linux systems, restoring the endpoint to its preinfected state and maintaining
business continuity.

FortiGuard Security Services FortiCare Worldwide 24/7 Support


www.fortiguard.com support.fortinet.com

4
FortiEndpoint Data Sheet

Services
Managed Services
The managed service provides 24/7 threat monitoring, detection, and response by a globally
located, 100% internal team of security experts. This service continuously monitors alerts,
FortiEndpoint Managed Services
proactively hunts for threats, and takes action to protect your organization. The team
include: threat detection,
leverages deep expertise in malware analysis, threat hunting, and incident handling, ensuring
hunting, remediation, and
reporting
that all alerts are promptly addressed. In addition, the managed service offers incident
response services as an add-on, providing expert support during critical security events. This
comprehensive service reduces the burden on your security team, enhances threat detection
capabilities, and ensures continuous protection against evolving threats. Please see the table
at the end for management option tiers.

Best Practice Service (BPS)


Best Practices Service is an account-based annual subscription available for all new
Access global knowledge of customers. This service delivers guidance remotely via a specialized team that will assist with
Fortinet customer best practices your deployment, upgrades, and ongoing operations. Customers share details about their
deployment, user requirements, and resources, and the Best Practices team offers tailored
recommendations, best practices, sample configurations, and links to useful tools.

Fortinet CASB Service


To safely embrace the cloud, a Cloud Access Security Broker (CASB) can act as a gatekeeper by
providing visibility, control, and protection to allow organizations to extend their security policies
Provide visibility, compliance,
beyond their own infrastructure. CASB sits between cloud service users and secures SaaS cloud
data security and threat
protection
applications, monitors all activity, and enforces security policies. Fortinet’s dual mode solution
provides security, scalability, and performance using both inline and API-based CASB protections
to address all cloud security needs. A unified agent license enables inline CASB services on a
FortiGate and provides a license for FortiCASB, Fortinet’s API-based CASB service.

5
FortiEndpoint Data Sheet

Feature Highlights
Central Management
The management of the solution give IT and Security Operations teams the following features.

Real-time Endpoint Status: Continuously monitors endpoint activity, including security events,
compliance status, and potential vulnerabilities.
Central management tools
provide the ability to centrally Vulnerability Dashboard: Identifies and prioritizes vulnerabilities, enabling IT teams to quickly
manage Windows, macOS, and address security risks.
Linux endpoints
Software Inventory Management: Keeps track of installed software and ensures endpoints are
compliant and up to date.

Dynamic Access Control: Automates access control based on real-time endpoint security
posture, integrating with firewall policies for dynamic enforcement.

Central Quarantine Management: Allows for the isolation of compromised endpoints to


prevent the spread of threats within the network.

Device Discovery: Continuously scans the network to identify and monitor rogue or
unmanaged devices, including IoT devices, ensuring that all assets are accounted for and
secured.

Virtual Patching: Applies risk-based proactive policies to mitigate vulnerabilities through virtual
patching, protecting critical systems even before traditional patches are deployed.

Forensics: Captures detailed endpoint activity and maintaining memory snapshots, allowing
for full attack chain visibility through patented code tracing, and enabling security teams to
accurately reconstruct and analyze security incidents.

Threat Hunting: Delivers advanced threat hunting capabilities with comprehensive attack-
chain visibility, supported by MITRE ATT&CK framework tagging.

Integrated Response Playbooks and Automated Remediation: Combines customizable


incident response playbooks with automated remediation to swiftly neutralize threats, reducing
the need for manual intervention while maintaining system uptime.

By leveraging role-base access control (RBAC), organizations can ensure comprehensive and
coordinated security management across all endpoints. IT teams can focus on compliance and
policy enforcement, while SecOps teams manage advanced threat detection and response.
This integrated approach streamlines security operations, reduces manual workloads, and
significantly enhances the organization’s overall security posture.

6
FortiEndpoint Data Sheet

Supported Operating Systems


FORTIENDPOINT FORTICLIENT EMS
Windows Supported Operating Systems

Windows 7+ Microsoft Windows Server 2012 or later and Ubuntu 22.04 Desktop and Server

Windows 8+ Endpoint Requirement

Windows 10 FortiClient 6.4 or later, FortiClient for Windows and macOS X

Windows 11 6.4 for iOS and Android

Windows Server 2012, 2012 R2 System Requirements

Windows Server 2016 2.0 GHz 64-bit processor, six virtual CPUs, 8 GB RAM, 40 GB free hard disk,
Gigabit (10/100/1000BaseT)
Windows Server 2019
Ethernet adapter, Internet access
Windows Server 2022

macOS

macOS Mojave (10.14)

macOS Catalina (10.15)

macOS Big Sur (11)

macOS Monterey (12)

macOS Ventura (13)

macOS Sonoma (14)

Linux

Red Hat Enterprise Linux and CentOS 7.4+ 8+, 9+

Ubuntu LTS 16.04.5+, 18.04, 20.04, 22.04 (server, 64-bit only)

Others

All Chromebook versions *

iOS 9.0+ *

Android 5.0+ *

* Not Available on FortiEndpoint EDR Essentials and above

7
FortiEndpoint Data Sheet

Order Information
MANAGED OPTIONS
PREVENT EDR ESSENTIALS XDR
24/7 Monitoring   
Vulnerability Monitoring   
Security Fabric Setup   
Group and Security Policy Provisioning   
Exception Building  
Threat Hunting  
Incident Handling  
Reporting  
Threat Detection 
Extended Detection and Response 

Visit https://www.fortinet.com/resources/ordering-guides for related ordering guides.

8
Fortinet Corporate Social Responsibility Policy
Fortinet is committed to driving progress and sustainability for all through cybersecurity, with respect for human rights and
ethical business practices, making possible a digital world you can always trust. You represent and warrant to Fortinet that you
will not use Fortinet’s products and services to engage in, or support in any way, violations or abuses of human rights, including
those involving illegal censorship, surveillance, detention, or excessive use of force. Users of Fortinet products are required
to comply with the Fortinet EULA and report any suspected violations of the EULA via the procedures outlined in the Fortinet
Whistleblower Policy.

www.fortinet.com

Copyright © 2024 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product
or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other
conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s SVP Legal and above, with a
purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute
clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer,
or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.

October 9, 2024

FEP-DAT-R01-20241009

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy