End point control
-
Upload
lan-wan-solutions -
Category
Software
-
view
360 -
download
1
Transcript of End point control
© Copyright Fortinet Inc. All rights reserved.
Inside FortiOS End Point ControlVersione 5.2.4 – Mar 2015Lan & Wan Solutions – Soluzioni Informatiche per Reti Locali e Geografiche
2
FortiOS Features
3
Overview End Point Control
FortiClient Multi-OS support Support Posture Checking Support remote user and device
identification “Off-net” and Mobile Security Policy
Enforcement VPN & Security Setting Provision Custom Install and Rebranding Endpoint Logging
Ensures that workstation computers (endpoints) meet security requirements
Distribute Client Security & VPN Settings
Logs Client activities
FortiClient
V5.2
4
FortiClient V5.2 End Point Control
Windows Mac OSX iOS AndroidIPSec VPN ✓ ✓ - ✓SSL VPN ✓ ✓ Web Mode Only ✓2FA ✓ ✓ ✓ ✓Anti-Virus ✓ ✓ - -
Web Filtering ✓ ✓ ✓ ✓WAN Optimization ✓ - - -
Registered for Central Management
Config Provisioning ✓ ✓ ✓ ✓Logging (to FMGR/FAZ) ✓ ✓ - -
Windows AD SSO Agent ✓ ✓ - -
Application Firewall ✓ ✓ - -
Vulnerability Scanning & Reporting ✓ ✓ - -
5
Posture Checking
Enforcement Captive Portal Check for install and
running of FortiClient Replacement page with
download and installation instruction
End Point Control
V5.2
6
Mobile Security End Point Control
INTERNET
LAN
OFF
ON
• FortiClient enrolls into the FortiGate and then receives its end point policy
• FortiClient uses last known security policies & VPN Configurations
Configuration Provisioning Provides consistent end point
security policies “on-net” and “off-net”
Reuse *Application Control & Web Filter Profiles
1
2
* Application control config for Windows and OS X only
7
Mobile Security End Point Control
INTERNET
LAN
OFF
ON
• FortiGate informs FortiClient that it’s “on-net” using DHCP “cookies”
• FortiClient Doesn’t receive “on-net” information and activate “off-net” mode
On/off-net Properties FortiClient adopts separate “on-
net” and “off-net” configurations depending on locations.
“On-net” options include turning off local security features, enables client logging
“Off-net” options include turning on security features and enable VPN automatically.
1
2
* Application control config for Windows and OS X only
V5.2
8
Mobile Security
Endpoint Profile For distributing Endpoint
Configurations Reuse UTM Profiles
» App Control» Web Filter
Provision Multiple VPN settings Multiple Endpoints may be
created and assigned to different Device Groups
End Point Control
V5.2
9
FGT identify device/user upon successful Logon
Mobile Security
Endpoint Control Profiles Assignment Multiple profiles can be assigned to Device Groups/User
groups/Users
2
User logon using Authentication Service (eg.
AD, radius etc)1
Push corresponding EC profile to FortiClient
3
End Point Control
10
Mobile Security End Point Control
Advanced Endpoint Profile Setting1. Setup and configure a sample client2. Export the setting and then import into FortiGate3. Distribute settings to other clients
1
2
3
11
Contattaci Gratuitamente …
Certified experts in Fortimail and email security
Certified experts in Fortiweb and web application firewall protection
Certified experts in FortiAp, FortiWifi and wireless security
CONTACTSTel. +39 049 8843198 DIGIT (5)[email protected]
www.lanewan.it
In questi anni di partnership con la casa madre, Lan & Wan Solutions ha ottenuto tutte le specializzazioni previste nei vari iter di certifica-zione, raggiungendo la qualifica di Partner Of Excellence.