Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    EMS Administration Guide

    Home FortiClient 7.4.5 EMS Administration Guide
    7.4.5
    7.4.5
    7.4.4
    7.4.3
    7.4.1
    7.4.0
    7.2.13
    7.2.12
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.9
    6.4.8
    6.4.7
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.8
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0

    Firewall

    Firewall

    FortiClient does not include SSL deep inspection. As FortiClient cannot apply signatures marked as Deep Inspection, do not use these signatures in a profile.

    Configuration

    Description

    Application Firewall

    Enable application control.

    Enable or disable the eye icon to show or hide this feature from the end user in FortiClient.

    General

    Notification Bubbles on User's Desktop When Applications Are Blocked

    Enable notification bubbles when FortiClient blocks applications.

    Detect & Block Exploits

    Inspect network traffic for intrusions attempting to exploit known vulnerabilities.

    Block Known Communication Channels Used by Attackers

    Enable Command and Control (C&C) detection using IP address reputation database signatures. Check network traffic against known C&C IP address plus port number combinations.

    Categories

    Enable FortiClient firewall to allow, block, or monitor applications based on their signature.

    Block, allow or monitor the following categories:

    • Botnet
    • Business
    • Cloud.Applications
    • Cloud.IT
    • Collaboration
    • Email
    • Game
    • General.Interest
    • Industrial
    • Mobile
    • Network.Service
    • P2P
    • Proxy
    • Remote.Access
    • Social.Media
    • Storage.Backup
    • Update
    • Video/Audio
    • VoIP
    • Web.Client
    • All Other Unknown Applications

    Application Overrides

    Configure FortiClient firewall to allow, block, or monitor specific applications based on their signature.

    Adding more than 1000 application overrides is not recommended and can cause EMS instability.

    Add
    1. Click Add to configure a custom application override.
    2. In the Firewall Application Signatures dialog, select the desired application signature(s) for which to configure an override. For each application signature, the dialog displays its name, application category, whether the signature requires deep inspection, and other fields. As FortiClient cannot apply signatures marked as Deep Inspection, do not use these signatures in a profile.
    3. At the bottom of the dialog, select the desired action for this signature: Allow, Block, or Monitor.
    4. Click Add.

    You can filter the list of application overrides by the signature, category, action, and so on.

    Delete

    Delete an application signature override.

    Custom Application Overrides

    FortiClient does not support this feature. Do not configure it.
    Previous
    Next

    Firewall

    Firewall

    FortiClient does not include SSL deep inspection. As FortiClient cannot apply signatures marked as Deep Inspection, do not use these signatures in a profile.

    Configuration

    Description

    Application Firewall

    Enable application control.

    Enable or disable the eye icon to show or hide this feature from the end user in FortiClient.

    General

    Notification Bubbles on User's Desktop When Applications Are Blocked

    Enable notification bubbles when FortiClient blocks applications.

    Detect & Block Exploits

    Inspect network traffic for intrusions attempting to exploit known vulnerabilities.

    Block Known Communication Channels Used by Attackers

    Enable Command and Control (C&C) detection using IP address reputation database signatures. Check network traffic against known C&C IP address plus port number combinations.

    Categories

    Enable FortiClient firewall to allow, block, or monitor applications based on their signature.

    Block, allow or monitor the following categories:

    • Botnet
    • Business
    • Cloud.Applications
    • Cloud.IT
    • Collaboration
    • Email
    • Game
    • General.Interest
    • Industrial
    • Mobile
    • Network.Service
    • P2P
    • Proxy
    • Remote.Access
    • Social.Media
    • Storage.Backup
    • Update
    • Video/Audio
    • VoIP
    • Web.Client
    • All Other Unknown Applications

    Application Overrides

    Configure FortiClient firewall to allow, block, or monitor specific applications based on their signature.

    Adding more than 1000 application overrides is not recommended and can cause EMS instability.

    Add
    1. Click Add to configure a custom application override.
    2. In the Firewall Application Signatures dialog, select the desired application signature(s) for which to configure an override. For each application signature, the dialog displays its name, application category, whether the signature requires deep inspection, and other fields. As FortiClient cannot apply signatures marked as Deep Inspection, do not use these signatures in a profile.
    3. At the bottom of the dialog, select the desired action for this signature: Allow, Block, or Monitor.
    4. Click Add.

    You can filter the list of application overrides by the signature, category, action, and so on.

    Delete

    Delete an application signature override.

    Custom Application Overrides

    FortiClient does not support this feature. Do not configure it.
    Previous
    Next