Fortinet FortiClient 5.0 for Windows v5.0.9
Strengths: Easy to deploy for any size organisation. Delivers a number of layered defences through an integrated offering.
Weaknesses: Would like to see more visualisation tools, i.e., reporting/dashboarding.
Verdict: Great product for the investment.
The FortiNet Endpoint solution from Fortinet consisted of a FortiClient endpoint application and a FortiGate appliance used to manage the endpoints. FortiClient 5.0 runs as a client application on endpoint devices and it provides protection for anti-virus/anti-malware, web protection (web filtering), application firewall, secure remote access and vulnerability management.
The tool includes an anti-virus module to scan system files, executables, dynamic-link libraries and drivers. It also scans for and removes rootkits. There is also a cloud-based behaviour scanning option to help detect unknown signature-type viruses. The web filtering module monitors web traffic based on URL category and blocks malicious websites according to the configured profile/policy. The application firewall recognises the traffic generated by a large number of applications and can block application traffic based on configured rules/policy. The vulnerability management module scans the device and reports on known system vulnerabilities and patch gaps. Secure remote access is supported through both IPsec VPN and SSL VPN connections.
FortiClient is centrally managed from the FortiGate web management console, assuming that the clients are running in registered mode (with the FortiGate). The FortiGate administrator can enforce security policy on endpoints, deploy a preconfigured endpoint profile to connected devices, run a scheduled vulnerability scan, monitor device status and upload logs to a Fortinet centralised logging and reporting appliance. Centralised logging and reporting are handled through the FortiAnalyzer or FortiManager.
FortiClient can be installed on a standalone computer using the installation wizard or deployed to multiple Microsoft Windows systems using Microsoft Active Directory (AD) or the Microsoft System Centre 2012 Configuration Manager (SCCM).
Installation was simple. We were provided a hosted appliance to use for our testing. However, full deployment would be very easy since the entire central management systems is appliance driven. The endpoint application is simple to deploy and configure. A new feature for this version is a pre-installation virus scan. This is integrated with the client-load process. There is support for Windows XP, Vista, Windows 7 and 8. Once the client is installed, there is a simple registration process to connect it to the management console.
Management of the endpoints is done through the web-based user interface. Client can be discovered or registered and then assigned to groups to associate with policies or profiles. Policies can also be assigned by Active Directory group as this information is automatically provided to the management console during the registration process. The user interface was simple to use and made setting up AV schedules, web filtering rules, blocked applications and VPN tunnels very easy. Centralised reporting is available via the management console. You get a lot of layered protection for an attractive per user price point.
There is a free online forum support available as well as several levels of premium and enhanced support.
Prices are US-based, thus indicative only.