Fortinet white logo
Fortinet white logo

EMS Administration Guide

Left pane

Left pane

The left navigation pane is used to display content in the right pane.

Option

Description

Dashboard

FortiClient Status

Displays a dashboard of information about all managed endpoints.

Vulnerability Scan

Displays the Current Vulnerabilities Summary chart that provides a centralized vulnerability summary for all managed endpoints. You can observe high-risk hosts and critical vulnerabilities existing on endpoints. You can also access links on how to fix or repair the vulnerabilities.

Chromebook Status

Displays a dashboard of information about all managed Chromebooks. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > Server.

Endpoints

All Endpoints

Manage all endpoints.

Manage Domains

Add and manage AD domains.

Domains

Manage endpoints from AD domains. You can also add an AD domain if none exist.

Workgroups

Manage endpoints from workgroups.

Group Assignment Rules

Configure rules to automatically place endpoints into custom groups based on their installer ID, IP address, or OS.

Google Domains

Only available if the EMS for Chromebooks Settings option is enabled in System Settings > Server.

All Users

Manage users from all Google domains.

Manage Domains

Add and manage Google domains.

Domains

Manage users from specific Google domains. You can also add a Google domain if none exist.

Quarantine Management

Files

View and allowlist files on endpoints that Sandbox or AV has quarantined.

Whitelist

View and delete allowlisted files from the Whitelist pane.

Software Inventory

Applications

View applications installed on endpoints. Display applications by application or application vendor name.

Hosts

View applications installed on endpoints, sorted by endpoint.

Endpoint Policy

Create endpoint policies and manage policy updates for Windows, macOS, and Linux endpoints.

Chromebook Policy

Create endpoint policies and manage policy updates for Chromebook endpoints. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > Server.

Endpoint Profiles

Manage Profiles

Create profiles and manage profile updates for all profiles.

Local Profiles

Create profiles and manage profile updates for local Windows, macOS, and Linux profiles.

Local Chromebook Profiles

Create profiles and manage profile updates for local Chromebook profiles. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > Server.

Manage Installers

Deployment Packages

Add and manage FortiClient deployment packages.

FortiClient Installers

View FortiClient installers available from FortiGuard. Add custom installers.

Policy Components

CA Certificates

Upload and import CA certificates into FortiClient EMS.

On-net Detection Rules

Configure on-net detection rules for endpoints.

Telemetry Gateway Lists

Create and assign Telemetry gateway lists and manage list updates.

Compliance Verification

Compliance Verification Rules

Define compliance verification rules.

Host Tag Monitor

View tagged endpoints.

Fabric Device Monitor

View all FortiGates connected to EMS through the FSSO protocol, and the list of tags that are shared with each FortiGate.

Administration

Administrators

Add and manage FortiClient EMS administrators.

Admin Roles

Add and manage FortiClient EMS admin roles and permissions.

User Servers

Configure an AD domain as the user server. This is used to authenticate FortiClient EMS administrators.

User Settings

Configure the inactivity timeout and other user settings.

Back up Database

Back up the FortiClient EMS database.

Restore Database

Restore the FortiClient EMS database.

Configure License

Upgrade or renew the FortiClient EMS license.

Logs

View log messages generated by FortiClient EMS and download raw logs.

System Settings

Server

Change the IP address and port and configure other server settings for FortiClient EMS, including enabling Chromebook management.

Logs

Specify what level of log messages to capture in FortiClient EMS logs and when to automatically delete logs and alerts.

Fortinet Services

Configure the FortiGuard server location. Configure FortiManager to use for client software/signature updates and configure FortiCloud settings.

Endpoints

Configure endpoint settings.

Login Banner

Enable the pre-login banner to display a message to a user logging into FortiClient EMS.

EMS Alerts

Enable alerts for FortiClient EMS events.

Endpoint Alerts

Enable alerts for endpoint events.

SMTP Server

Set up an SMTP server to enable email alerts.

Custom Messages

Customize the message that displays on an endpoint when it has been quarantined by FortiClient EMS

Left pane

Left pane

The left navigation pane is used to display content in the right pane.

Option

Description

Dashboard

FortiClient Status

Displays a dashboard of information about all managed endpoints.

Vulnerability Scan

Displays the Current Vulnerabilities Summary chart that provides a centralized vulnerability summary for all managed endpoints. You can observe high-risk hosts and critical vulnerabilities existing on endpoints. You can also access links on how to fix or repair the vulnerabilities.

Chromebook Status

Displays a dashboard of information about all managed Chromebooks. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > Server.

Endpoints

All Endpoints

Manage all endpoints.

Manage Domains

Add and manage AD domains.

Domains

Manage endpoints from AD domains. You can also add an AD domain if none exist.

Workgroups

Manage endpoints from workgroups.

Group Assignment Rules

Configure rules to automatically place endpoints into custom groups based on their installer ID, IP address, or OS.

Google Domains

Only available if the EMS for Chromebooks Settings option is enabled in System Settings > Server.

All Users

Manage users from all Google domains.

Manage Domains

Add and manage Google domains.

Domains

Manage users from specific Google domains. You can also add a Google domain if none exist.

Quarantine Management

Files

View and allowlist files on endpoints that Sandbox or AV has quarantined.

Whitelist

View and delete allowlisted files from the Whitelist pane.

Software Inventory

Applications

View applications installed on endpoints. Display applications by application or application vendor name.

Hosts

View applications installed on endpoints, sorted by endpoint.

Endpoint Policy

Create endpoint policies and manage policy updates for Windows, macOS, and Linux endpoints.

Chromebook Policy

Create endpoint policies and manage policy updates for Chromebook endpoints. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > Server.

Endpoint Profiles

Manage Profiles

Create profiles and manage profile updates for all profiles.

Local Profiles

Create profiles and manage profile updates for local Windows, macOS, and Linux profiles.

Local Chromebook Profiles

Create profiles and manage profile updates for local Chromebook profiles. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > Server.

Manage Installers

Deployment Packages

Add and manage FortiClient deployment packages.

FortiClient Installers

View FortiClient installers available from FortiGuard. Add custom installers.

Policy Components

CA Certificates

Upload and import CA certificates into FortiClient EMS.

On-net Detection Rules

Configure on-net detection rules for endpoints.

Telemetry Gateway Lists

Create and assign Telemetry gateway lists and manage list updates.

Compliance Verification

Compliance Verification Rules

Define compliance verification rules.

Host Tag Monitor

View tagged endpoints.

Fabric Device Monitor

View all FortiGates connected to EMS through the FSSO protocol, and the list of tags that are shared with each FortiGate.

Administration

Administrators

Add and manage FortiClient EMS administrators.

Admin Roles

Add and manage FortiClient EMS admin roles and permissions.

User Servers

Configure an AD domain as the user server. This is used to authenticate FortiClient EMS administrators.

User Settings

Configure the inactivity timeout and other user settings.

Back up Database

Back up the FortiClient EMS database.

Restore Database

Restore the FortiClient EMS database.

Configure License

Upgrade or renew the FortiClient EMS license.

Logs

View log messages generated by FortiClient EMS and download raw logs.

System Settings

Server

Change the IP address and port and configure other server settings for FortiClient EMS, including enabling Chromebook management.

Logs

Specify what level of log messages to capture in FortiClient EMS logs and when to automatically delete logs and alerts.

Fortinet Services

Configure the FortiGuard server location. Configure FortiManager to use for client software/signature updates and configure FortiCloud settings.

Endpoints

Configure endpoint settings.

Login Banner

Enable the pre-login banner to display a message to a user logging into FortiClient EMS.

EMS Alerts

Enable alerts for FortiClient EMS events.

Endpoint Alerts

Enable alerts for endpoint events.

SMTP Server

Set up an SMTP server to enable email alerts.

Custom Messages

Customize the message that displays on an endpoint when it has been quarantined by FortiClient EMS