Windows, macOS, and Linux licenses
FortiClient EMS supports per-endpoint licensing.
The following are the latest license bundles for FortiClient EMS:
|
License name |
Description |
|---|---|
|
Endpoint Protection Platform |
Full license that offers all FortiClient features. Includes all features detailed for the zero trust network access (ZTNA) license, as well as antivirus (AV), antiransomware, antiexploit, cloud-based malware detection, Application Firewall, software inventory, USB device control, and advanced threat protection via FortiClient Cloud Sandbox. |
|
ZTNA |
Includes support for Fabric Agent for endpoint telemetry, security posture check via ZTNA tagging, remote access (SSL and IPsec VPN), Vulnerability Scan, Web Filter, and threat protection via Sandbox (appliance only). Each purchased ZTNA license allows management of one FortiClient Windows, macOS, Linux, iOS, Android, or Chromebook endpoint. You must purchase a minimum of 25 endpoint licenses, and you can have these EMS licenses for a maximum five year term. You can specify the number of endpoints and the term duration at time of purchase. If you do not apply a ZTNA license to EMS, no endpoints can register to EMS. |
|
FortiSASE |
License that applies for deployments using FortiSASE. See FortiSASE. |
|
VPN-only |
Only includes support for the Remote Access feature, including SSL and IPsec VPN, single sign-on mobility agent, software inventory, selected Zero Trust tagging rules, and EMS management. |
|
FortiGuard Endpoint Forensics Analysis |
The forensic service provides remote endpoint analysis to help endpoint customers respond to and recover from cyber incidents. For each engagement, forensic analysts from Fortinet’s FortiGuard Labs remotely assist in the collection, examination, and presentation of digital evidence, including a final detailed report. |
You can purchase different numbers of EPP and ZTNA licenses. For example, you can purchase 100 EPP licenses and 200 ZTNA licenses. EMS applies licenses based on the features that are enabled in the endpoint's assigned profile.
The following shows a more comprehensive comparison between the features included in the EPP and ZTNA licenses:
|
Feature |
EPP |
ZTNA |
|---|---|---|
|
Zero Trust Security |
||
|
Zero Trust Agent |
Yes |
Yes |
|
Central management via EMS |
Yes |
Yes |
|
Dynamic Security Fabric connector |
Yes |
Yes |
|
Vulnerability agent and remediation |
Yes |
Yes |
|
SSL VPN with multifactor authentication (MFA) |
Yes |
Yes |
|
IPsec VPN with MFA |
Yes |
Yes |
|
Sandbox appliance |
Yes |
Yes |
|
Next Generation Endpoint Security |
||
|
AI-powered next generation AV |
Yes |
|
|
FortiClient Cloud Sandbox |
Yes |
|
|
Automated endpoint quarantine |
Yes |
|
|
Application inventory |
Yes |
|
|
Application Firewall |
Yes |
|
|
Software Inventory |
Yes |
|
|
You must purchase a license for each registered endpoint. |
