Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiEDR/XDR 6.2.0 Administration Guide
    6.2.0
    6.2.0
    6.0.0
    5.2.1
    5.2.0
    5.1.0
    5.0.0
    4.2.0
    4.1.1
    4.1.0

    Installing a FortiEDR Collector on Windows

    Installing a FortiEDR Collector on Windows

    1. It is recommended to get a pre-populated customized Collector installer for Windows, as described in Requesting and obtaining a Collector installer.
    2. Run the FortiEDR Collector installation file. Use the FortiEDRCollectorInstaller32.msi file if you are using a 32-bit operating system; or use the FortiEDRCollectorInstaller64.msi file if you are using a 64-bit operating system.

    3. Click Next.

    4. Leave the default FortiEDR Collector installation folder or change it as necessary. Click Next.

    5. If a non-customized installer is used, in the Aggregator Address field, specify the FortiEDR Aggregator domain name or IP address.
    6. If a non-customized installer is used, in the Port field, specify the FortiEDR Aggregator port (8081).
      Note

      When upgrading a FortiEDR Collector, the Aggregator address field can be left empty – in order to retain the previously defined Aggregator address.

    7. If a non-customized installer is used, in the Registration Password field, enter the device registration password that you defined, as described in Configuring the FortiEDR Central Manager server and console.
    8. For a multi-organization FortiEDR system, enter the name of the organization in the Organization field. For more details, see the Collector registration.
    9. If you are installing the Collector on a VDI environment, check the VDI checkbox. For more details, see Working with FortiEDR on VDI environments.
    10. If you use a web proxy to filter requests in this device’s network, then check the Use System Proxy Settings checkbox. Note that Windows must be configured to use a proxy and tunneling must be allowed from the Collector to the Aggregator on port 8081 and from the Collector to the Core on port 555. (Run as Administrator: netsh winhttp set proxy <proxy IP >).
    11. If you are installing the Collector on a Citrix PVS golden image, check the Citrix PVS installation checkbox.
    12. Click Next twice to start the installation. Windows may possibly display a message requesting that you confirm the installation. Please do so.
    13. After the installation of the FortiEDR Collector has been successfully completed, the following window displays:

      Check Windows Services to verify that the FortiEDR Collector Service is running, as shown below:
    14. Verify that the FortiEDR Collector details are listed in the INVENTORY tab of the FortiEDR Central Manager console (see Inventory. Select the New filter to display a list of newly registered FortiEDR Collectors, as shown below:
    15. If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.
    Previous
    Next

    Installing a FortiEDR Collector on Windows

    Installing a FortiEDR Collector on Windows

    1. It is recommended to get a pre-populated customized Collector installer for Windows, as described in Requesting and obtaining a Collector installer.
    2. Run the FortiEDR Collector installation file. Use the FortiEDRCollectorInstaller32.msi file if you are using a 32-bit operating system; or use the FortiEDRCollectorInstaller64.msi file if you are using a 64-bit operating system.

    3. Click Next.

    4. Leave the default FortiEDR Collector installation folder or change it as necessary. Click Next.

    5. If a non-customized installer is used, in the Aggregator Address field, specify the FortiEDR Aggregator domain name or IP address.
    6. If a non-customized installer is used, in the Port field, specify the FortiEDR Aggregator port (8081).
      Note

      When upgrading a FortiEDR Collector, the Aggregator address field can be left empty – in order to retain the previously defined Aggregator address.

    7. If a non-customized installer is used, in the Registration Password field, enter the device registration password that you defined, as described in Configuring the FortiEDR Central Manager server and console.
    8. For a multi-organization FortiEDR system, enter the name of the organization in the Organization field. For more details, see the Collector registration.
    9. If you are installing the Collector on a VDI environment, check the VDI checkbox. For more details, see Working with FortiEDR on VDI environments.
    10. If you use a web proxy to filter requests in this device’s network, then check the Use System Proxy Settings checkbox. Note that Windows must be configured to use a proxy and tunneling must be allowed from the Collector to the Aggregator on port 8081 and from the Collector to the Core on port 555. (Run as Administrator: netsh winhttp set proxy <proxy IP >).
    11. If you are installing the Collector on a Citrix PVS golden image, check the Citrix PVS installation checkbox.
    12. Click Next twice to start the installation. Windows may possibly display a message requesting that you confirm the installation. Please do so.
    13. After the installation of the FortiEDR Collector has been successfully completed, the following window displays:

      Check Windows Services to verify that the FortiEDR Collector Service is running, as shown below:
    14. Verify that the FortiEDR Collector details are listed in the INVENTORY tab of the FortiEDR Central Manager console (see Inventory. Select the New filter to display a list of newly registered FortiEDR Collectors, as shown below:
    15. If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.
    Previous
    Next