Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • EMS Administration Guide

    Home FortiClient 7.0.11 EMS Administration Guide
    7.0.11
    7.4.1
    7.4.0
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.9
    6.4.8
    6.4.7
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.8
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0

    Left pane

    Left pane

    The left navigation pane displays content in the right pane. The following describes the left pane when multitenancy is disabled. For descriptions of the left pane with multitenancy enabled, see Left pane with multitenancy enabled.

    Option

    Description

    Dashboard

    Status

    Displays a dashboard of information about all managed endpoints.

    Vulnerability Scan

    Displays the Current Vulnerabilities Summary chart that provides a centralized vulnerability summary for all managed endpoints. You can observe high-risk hosts and critical vulnerabilities existing on endpoints. You can also access links on how to fix or repair the vulnerabilities.

    Chromebook Status

    Displays a dashboard of information about all managed Chromebooks. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

    Endpoints

    All Endpoints

    Manage all endpoints.

    Manage Domains

    Add and manage AD domains.

    Domains

    Manage endpoints from AD domains. You can also add an AD domain if none exist.

    Workgroups

    Manage endpoints from workgroups.

    Group Assignment Rules

    Configure rules to automatically place endpoints into custom groups based on their installer ID, IP address, or OS.

    Google Domains

    Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

    All Users

    Manage users from all Google domains.

    Manage Domains

    Add and manage Google domains.

    Domains

    Manage users from specific Google domains. You can also add a Google domain if none exist.

    Deployment & Installers

    Manage Deployment

    Create deployment configurations to deploy FortiClient to endpoints.

    FortiClient Installers

    Add and manage FortiClient deployment packages.

    Endpoint Policy & Components

    Manage Policies

    Create endpoint policies and manage policy updates for Windows, macOS, and Linux endpoints.

    CA Certificates

    Upload and import CA certificates into FortiClient EMS.

    On-fabric Detection Rules

    Configure on-fabric detection rules for endpoints.

    Chromebook Policy

    Create endpoint policies and manage policy updates for Chromebook endpoints. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

    Endpoint Profiles

    Manage Profiles

    Create profiles and manage profile updates for all profiles.

    Import from FortiGate/FortiManager

    Import Web Filter profiles from FortiOS or FortiManager.

    Zero Trust Tags

    Zero Trust Tagging Rules

    Define Zero Trust tagging rules.

    Zero Trust Tag Monitor

    View tagged endpoints.

    Fabric Device Monitor

    View all FortiGates connected to EMS for Zero Trust tagging and the list of tags that are shared with each FortiGate.

    Software Inventory

    Applications

    View applications installed on endpoints. Display applications by application or application vendor name.

    Hosts

    View applications installed on endpoints, sorted by endpoint.

    Quarantine Management

    Files

    View and allowlist files on endpoints that Sandbox or AV has quarantined.

    Allowlist

    View and delete allowlisted files from the Allowlist pane.

    Administration

    Administrators

    Add and manage FortiClient EMS administrators.

    Admin Roles

    Add and manage FortiClient EMS admin roles and permissions.

    Admin User Settings

    Configure the inactivity timeout and other user settings.

    Fabric Devices

    View Fabric devices connected to EMS.

    SAML SSO

    Configure SAML SSO authentication.

    Log Viewer

    View log messages that FortiClient EMS generates and download raw logs.

    Generate Diagnostic Logs

    Create a diagnostic logs package that includes a snapshot of EMS CPU and memory usage, SQL Server logs, performance data, and so on.

    Mark All Endpoints As Uninstalled

    Mark all endpoints as uninstalled, which erases their historical event data.

    User Management

    Authorized User Groups

    Displays organizational units and user groups from all imported LDAP servers.

    Verified Users

    Shows a list of users who have successfully connected to FortiClient EMS by using an invitation and authenticating using a specified verification method.

    Unverified Users

    Shows a list of users who have not verified their identity using one of the specified authentication methods.

    Local Users

    Configure local users.

    SAML Configuration

    Configure connections to SAML identity providers (IdP), such as Microsoft Entra ID.

    Invitations

    Configure invitation codes to email to end users.

    System Settings

    EMS Settings

    Change the IP address and port and configure other EMS settings for FortiClient EMS, including enabling Chromebook management.

    Log Settings

    Specify what level of log messages to capture in FortiClient EMS logs and when to automatically delete logs and alerts.

    FortiGuard Services

    Configure the FortiGuard server location. Configure FortiManager to use for client software/signature updates and configure FortiCloud settings.

    EMS Alerts

    Enable alerts for FortiClient EMS events.

    Endpoint Alerts

    Enable alerts for endpoint events.

    SMTP Server

    Set up an SMTP server to enable email alerts.

    Custom Messages

    Customize the message that displays on an endpoint when it has been quarantined by FortiClient EMS

    Feature Select

    Choose which features to show and hide in EMS.

    Previous
    Next

    Left pane

    Left pane

    The left navigation pane displays content in the right pane. The following describes the left pane when multitenancy is disabled. For descriptions of the left pane with multitenancy enabled, see Left pane with multitenancy enabled.

    Option

    Description

    Dashboard

    Status

    Displays a dashboard of information about all managed endpoints.

    Vulnerability Scan

    Displays the Current Vulnerabilities Summary chart that provides a centralized vulnerability summary for all managed endpoints. You can observe high-risk hosts and critical vulnerabilities existing on endpoints. You can also access links on how to fix or repair the vulnerabilities.

    Chromebook Status

    Displays a dashboard of information about all managed Chromebooks. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

    Endpoints

    All Endpoints

    Manage all endpoints.

    Manage Domains

    Add and manage AD domains.

    Domains

    Manage endpoints from AD domains. You can also add an AD domain if none exist.

    Workgroups

    Manage endpoints from workgroups.

    Group Assignment Rules

    Configure rules to automatically place endpoints into custom groups based on their installer ID, IP address, or OS.

    Google Domains

    Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

    All Users

    Manage users from all Google domains.

    Manage Domains

    Add and manage Google domains.

    Domains

    Manage users from specific Google domains. You can also add a Google domain if none exist.

    Deployment & Installers

    Manage Deployment

    Create deployment configurations to deploy FortiClient to endpoints.

    FortiClient Installers

    Add and manage FortiClient deployment packages.

    Endpoint Policy & Components

    Manage Policies

    Create endpoint policies and manage policy updates for Windows, macOS, and Linux endpoints.

    CA Certificates

    Upload and import CA certificates into FortiClient EMS.

    On-fabric Detection Rules

    Configure on-fabric detection rules for endpoints.

    Chromebook Policy

    Create endpoint policies and manage policy updates for Chromebook endpoints. Only available if the EMS for Chromebooks Settings option is enabled in System Settings > EMS Settings.

    Endpoint Profiles

    Manage Profiles

    Create profiles and manage profile updates for all profiles.

    Import from FortiGate/FortiManager

    Import Web Filter profiles from FortiOS or FortiManager.

    Zero Trust Tags

    Zero Trust Tagging Rules

    Define Zero Trust tagging rules.

    Zero Trust Tag Monitor

    View tagged endpoints.

    Fabric Device Monitor

    View all FortiGates connected to EMS for Zero Trust tagging and the list of tags that are shared with each FortiGate.

    Software Inventory

    Applications

    View applications installed on endpoints. Display applications by application or application vendor name.

    Hosts

    View applications installed on endpoints, sorted by endpoint.

    Quarantine Management

    Files

    View and allowlist files on endpoints that Sandbox or AV has quarantined.

    Allowlist

    View and delete allowlisted files from the Allowlist pane.

    Administration

    Administrators

    Add and manage FortiClient EMS administrators.

    Admin Roles

    Add and manage FortiClient EMS admin roles and permissions.

    Admin User Settings

    Configure the inactivity timeout and other user settings.

    Fabric Devices

    View Fabric devices connected to EMS.

    SAML SSO

    Configure SAML SSO authentication.

    Log Viewer

    View log messages that FortiClient EMS generates and download raw logs.

    Generate Diagnostic Logs

    Create a diagnostic logs package that includes a snapshot of EMS CPU and memory usage, SQL Server logs, performance data, and so on.

    Mark All Endpoints As Uninstalled

    Mark all endpoints as uninstalled, which erases their historical event data.

    User Management

    Authorized User Groups

    Displays organizational units and user groups from all imported LDAP servers.

    Verified Users

    Shows a list of users who have successfully connected to FortiClient EMS by using an invitation and authenticating using a specified verification method.

    Unverified Users

    Shows a list of users who have not verified their identity using one of the specified authentication methods.

    Local Users

    Configure local users.

    SAML Configuration

    Configure connections to SAML identity providers (IdP), such as Microsoft Entra ID.

    Invitations

    Configure invitation codes to email to end users.

    System Settings

    EMS Settings

    Change the IP address and port and configure other EMS settings for FortiClient EMS, including enabling Chromebook management.

    Log Settings

    Specify what level of log messages to capture in FortiClient EMS logs and when to automatically delete logs and alerts.

    FortiGuard Services

    Configure the FortiGuard server location. Configure FortiManager to use for client software/signature updates and configure FortiCloud settings.

    EMS Alerts

    Enable alerts for FortiClient EMS events.

    Endpoint Alerts

    Enable alerts for endpoint events.

    SMTP Server

    Set up an SMTP server to enable email alerts.

    Custom Messages

    Customize the message that displays on an endpoint when it has been quarantined by FortiClient EMS

    Feature Select

    Choose which features to show and hide in EMS.

    Previous
    Next