Fortinet white logo
Fortinet white logo

EMS Administration Guide

Firewall

Firewall

FortiClient does not include SSL deep inspection. As FortiClient cannot apply signatures marked as Deep Inspection, do not use these signatures in a profile.

Configuration

Description

Application Firewall

Enable application control.

Enable or disable the eye icon to show or hide this feature from the end user in FortiClient.

General

Notification Bubbles on User's Desktop When Applications Are Blocked

Enable notification bubbles when FortiClient blocks applications.

Detect & Block Exploits

Inspect network traffic for intrusions attempting to exploit known vulnerabilities.

Block Known Communication Channels Used by Attackers

Enable Command and Control (C&C) detection using IP address reputation database signatures. Check network traffic against known C&C IP address plus port number combinations.

Categories

Enable FortiClient firewall to allow, block, or monitor applications based on their signature.

Block, allow or monitor the following categories:

  • Botnet
  • Business
  • Cloud.Applications
  • Cloud.IT
  • Collaboration
  • Email
  • Game
  • General.Interest
  • Industrial
  • Mobile
  • Network.Service
  • P2P
  • Proxy
  • Remote.Access
  • Social.Media
  • Storage.Backup
  • Update
  • Video/Audio
  • VoIP
  • Web.Client
  • All Other Unknown Applications

Application Overrides

Configure FortiClient firewall to allow, block, or monitor specific applications based on their signature.

Adding more than 1000 application overrides is not recommended and can cause EMS instability.

Add

  1. Click Add to configure a custom application override.
  2. In the Firewall Application Signatures dialog, select the desired application signature(s) for which to configure an override. For each application signature, the dialog displays its name, application category, whether the signature requires deep inspection, and other fields. As FortiClient cannot apply signatures marked as Deep Inspection, do not use these signatures in a profile.
  3. At the bottom of the dialog, select the desired action for this signature: Allow, Block, or Monitor.
  4. Click Add.

You can filter the list of application overrides by the signature, category, action, and so on.

Delete

Delete an application signature override.

Custom Application Overrides

FortiClient does not support this feature. Do not configure it.

Firewall

Firewall

FortiClient does not include SSL deep inspection. As FortiClient cannot apply signatures marked as Deep Inspection, do not use these signatures in a profile.

Configuration

Description

Application Firewall

Enable application control.

Enable or disable the eye icon to show or hide this feature from the end user in FortiClient.

General

Notification Bubbles on User's Desktop When Applications Are Blocked

Enable notification bubbles when FortiClient blocks applications.

Detect & Block Exploits

Inspect network traffic for intrusions attempting to exploit known vulnerabilities.

Block Known Communication Channels Used by Attackers

Enable Command and Control (C&C) detection using IP address reputation database signatures. Check network traffic against known C&C IP address plus port number combinations.

Categories

Enable FortiClient firewall to allow, block, or monitor applications based on their signature.

Block, allow or monitor the following categories:

  • Botnet
  • Business
  • Cloud.Applications
  • Cloud.IT
  • Collaboration
  • Email
  • Game
  • General.Interest
  • Industrial
  • Mobile
  • Network.Service
  • P2P
  • Proxy
  • Remote.Access
  • Social.Media
  • Storage.Backup
  • Update
  • Video/Audio
  • VoIP
  • Web.Client
  • All Other Unknown Applications

Application Overrides

Configure FortiClient firewall to allow, block, or monitor specific applications based on their signature.

Adding more than 1000 application overrides is not recommended and can cause EMS instability.

Add

  1. Click Add to configure a custom application override.
  2. In the Firewall Application Signatures dialog, select the desired application signature(s) for which to configure an override. For each application signature, the dialog displays its name, application category, whether the signature requires deep inspection, and other fields. As FortiClient cannot apply signatures marked as Deep Inspection, do not use these signatures in a profile.
  3. At the bottom of the dialog, select the desired action for this signature: Allow, Block, or Monitor.
  4. Click Add.

You can filter the list of application overrides by the signature, category, action, and so on.

Delete

Delete an application signature override.

Custom Application Overrides

FortiClient does not support this feature. Do not configure it.