Endpoint Templates

Device Manager : Provisioning Templates : Endpoint Templates

Endpoint Templates

The endpoint templates menu allows you to create and manage endpoint and client reputation profiles, which can then be assigned to devices.

Endpoint control ensures that workstation computers (endpoints) meet security requirements, otherwise they are not permitted access. Endpoint Control enforces the use of FortiClient Endpoint Security and pushes an Endpoint Profile to the FortiClient application.

The endpoint profile consists of the following sections:

• Antivirus Realtime Protection on Client

• Application Firewall

You can select the application control sensor to associate with the endpoint profile.

• Web Category Filtering

You can select the web filtering profile to associate with the endpoint profile. You can also select to disable Web Category Filtering when the client is protected by the FortiGate.

• Endpoint Vulnerability on Client

You can select to scan daily, weekly or monthly. You can also select to scan the client after registration with your FortiGate device.

• Client VPN Provisioning

You can specify the VPN name, type, gateway and other settings the client will use to connect to your FortiGate device via the VPN connection. Two-factor authentication is configured in the FortiGate VPN configuration.

• Upload logs to FortiAnalyzer/FortiManager

You can select to use the same IP address as the FortiGate device or specify a different device IP address. You can specify the frequency of the log upload.

• Use FortiManager for client software/signature update

Select to enable this feature and enter the IP address of your FortiManager device. You can select to failover over to the FortiGuard Distribution Network (FDN) when the FortiManager is not available.

• Advanced options

You can customize which modules are displayed in the FortiClient dashboard. This will allow you to activate any of the modules at a later date without needing to re-install FortiClient. Select to show/hide FortiClient modules in the client console. You can also select to hide banners.

Select if profile details may be displayed before endpoint control registration is completed.

Non-compliant endpoints are those without the latest version of FortiClient installed. They can be sent to the FortiClient download portal to obtain FortiClient software, or they can be blocked. For more information on configuring Endpoint Profiles and Endpoint Control, see the FortiClient Administration Guide.