- Jul 29, 2018
- 566
AppGuard, if I'm not wrong, it's based on default-deny, so it should be as good as Comodo FW.
Other nice free alternatives could be OSArmor, ExeRadarPro or ReHIPS
FortiClient 6.0.0 (Windows)
- Thread starter Fel Grossi
- Start date
Other nice free alternatives could be OSArmor, ExeRadarPro or ReHIPS
- Oct 31, 2014
- 1,712
I used before one year forticlient near 3 months. The most secure combo for forticlient after my tests is comodo fw. I am not a great tester but without any protection like hips or BB i trust only comodo sanbox.Is just my opinion. And the other is i don t like combos with many products because sure create compatibility problems and system delays. For me best combos for now is Kaspersky free + osarmor, Avast free + syshardener. And my combo is not good for many persons. But i have never infection at my system is 360TS + osarmor + voodooshield. I activate voodooshield only if play unsafe with virus and cracks. Sorry about my english is google translator
- Dec 29, 2014
- 1,716
I can see why FortiClient is not for most people. It's a client side endpoint software all the way. It really does expect the bulk of the work to be done by FortiGuard on the network server etc. However, if the signatures are good for zero day, then that's good enough for me.
After running the Vulnerability Patcher, it indeed installed 75 Windows Updates. I believe that the Meltdown patch was included in this.
Not sure if there are any patches for this one, though:
Security Alert - 3 new vulnerabilities in Intel processors discovered
I hope someone is tracking these vulnerabilities. There doesn't seem to be the momentum for a fix like the Spectre/Meltdown vulnerability. However, it is Intel and it's just as serious.
Anyway, reran the scan, and it picks up no new Vulnerabilities
So this system appears to be declared by FortiClient Vulnerability free with 75 updates from MS. Normally, there would be about 300 for Windows 7 all together, but I am curious if it is safe to say that this covers the exploitable areas of Windows. I will go with this on this system for a little while and see how it goes...maybe do a little bit of research on the issue.
OK, this is good software that is meant to be supported from a local cloud. On its own, it's still good as a support for someone looking for signatures and the web filter and vulnerability scans are a plus. The sandbox is nice for anyone not running Comodo. Overall, I am going to keep this for awhile, but I think it will be good with OSArmor and Comodo.
Question, has anyone tested to see if the sandbox sandboxes documents so the program can test whether they are weaponized? Otherwise, it looks like it just runs malware, and is not an application sandbox, as mentioned by @Sunshine-boy.
After running the Vulnerability Patcher, it indeed installed 75 Windows Updates. I believe that the Meltdown patch was included in this.
Not sure if there are any patches for this one, though:
Security Alert - 3 new vulnerabilities in Intel processors discovered
I hope someone is tracking these vulnerabilities. There doesn't seem to be the momentum for a fix like the Spectre/Meltdown vulnerability. However, it is Intel and it's just as serious.
Anyway, reran the scan, and it picks up no new Vulnerabilities
So this system appears to be declared by FortiClient Vulnerability free with 75 updates from MS. Normally, there would be about 300 for Windows 7 all together, but I am curious if it is safe to say that this covers the exploitable areas of Windows. I will go with this on this system for a little while and see how it goes...maybe do a little bit of research on the issue.
OK, this is good software that is meant to be supported from a local cloud. On its own, it's still good as a support for someone looking for signatures and the web filter and vulnerability scans are a plus. The sandbox is nice for anyone not running Comodo. Overall, I am going to keep this for awhile, but I think it will be good with OSArmor and Comodo.
Question, has anyone tested to see if the sandbox sandboxes documents so the program can test whether they are weaponized? Otherwise, it looks like it just runs malware, and is not an application sandbox, as mentioned by @Sunshine-boy.
Last edited:
- Jul 29, 2018
- 566
If you don't have a FortiSandbox, you can't use its sandboxing feature, the item you see in the "malware protection" panel is just to open the threat and quaratine history.
FortiSandbox
- Aug 17, 2013
- 1,905
You need a Forti appliance to use the sandbox as far as I'm aware. You can tweak the config file to use sandbox signatures but from what I remember there's no actual sandbox without a forti appliance.
- Dec 29, 2014
- 1,716
Thanks for the information. In the link VMs are cited, so does the FortiClient install and run the malware inside the VM? Appears to me that it works somehow along these lines, so yes this is not a normal sandbox. Maybe the idea ultimately is to have a VM running on the network server and then the file is submitted and run in the VM on the server...
FortiGuard is the service from Fortinet, it's not a device. FortiGuard is basically the threat protection infrastructure of Fortinet. Fortigate is an appliance on your gateway (NGFW) that interfaces with FortiClient on a network and provides updates, a pane of glass awareness, vulnerability and compliance audits. Also having a Fortigate appliance allows you to utilize FortiSandbox which has been moved from Appliance Based systems on a local network to cloud based malware analysis of unqualified files. Also some of the advanced protection features of FortiClient DO NOT operate because it's not sitting behind a licensed Fortigate appliance.
I recommend pairing FortiClient with OSArmor, and Syshardener executed. That should provide more than enough protection for any system. Mostly because of the robust (best in class) URL filtration and STRONG signatures.
- May 29, 2018
- 2,728
Just curious but is the 2 day delay on signatures typical or is it just visual bug? It was only thing i was worry about
Forticlient probably lighter than windows defender, but have cabability to do same things but way more powerful
Also the web filtering is enough to cut browser extensions away ( nice for microsoft edge users). 2 days without forticlient web filter and the browsing speed is literally same so forticlient is very good
Agree with previous posters about SH+OSA+Forti and just browser with ublock / nano = perfection
I think im gonna get back on forticlient hype train again
Forticlient probably lighter than windows defender, but have cabability to do same things but way more powerful
Also the web filtering is enough to cut browser extensions away ( nice for microsoft edge users). 2 days without forticlient web filter and the browsing speed is literally same so forticlient is very good
Agree with previous posters about SH+OSA+Forti and just browser with ublock / nano = perfection
I think im gonna get back on forticlient hype train again
Last edited:
- Jul 29, 2018
- 566
I had no signatures update last Sunday for the whole day, then it updates every time I start my PC and then every hour (unless I manually check for updates).Just curious but is the 2 day delay on signatures typical or is it just visual bug? It was only thing i was worry about
Forticlient probably lighter than windows defender, but have cabability to do same things but way more powerful
Also the web filtering is enough to cut browser extensions away ( nice for microsoft edge users). 2 days without forticlient web filter and the browsing speed is literally same so forticlient is very good
Agree with previous posters about SH+OSA+Forti and just browser with ublock / nano = perfection
But i think im gonna get back on forticlient hype train again
This is the link to check the latest database version: FortiGuard
- May 29, 2018
- 2,728
Thanks, bookmarked it and paying some attention on signatures for few days from now
- Dec 29, 2014
- 1,716
Every hour here too.
- Aug 17, 2013
- 1,905
There is no sandbox without a physical forti appliance.
FortiSandbox, Application Firewall, SSO, and Secure Remote Access modules do NOTHING without the appropriate accounts/appliances in place. So you can disable them.
For proper testing a FortiClient should always be tested when paired with the appropriate hardware so all of the advanced protection modules are in place, also FortiSandbox should have 'Deny files until Sandbox Authentication' checked in a proper test. With all of the proper accounts and appliances in place FortiClient would likely score exceptionally high in tests. Without them, you should pair it up with adjunct solutions.
FortiClient Free+OSArmor+Syshardener has proved itself to a few people that it's a sufficiently powerful real world protection setup that won't cost you a penny. You are getting upper tier signatures, top tier URL filtration/traffic inspection, as well as adjunct technologies to cover areas FortiClient Free might not.
I've successfully implemented that combo on 'clicker' relatives systems and they've remained totally clean for years. As a bonus, all telemetry/logging can be completely disabled on FortiClient. Those options are there because some secure facilities that use it cannot have any egress of logs. (for obvious reasons)
- Apr 16, 2017
- 2,613
FWIW I've been running forticlient 5.6nnn with cf10@cs for some months for the web filtering. I had no issues with that combo. I just removed FC 5.6 pending install of FC 6.0nnn
EDIT with FC 5.6 I just installed web filter.
Smart way to get the absolute best in class web filtration. Who needs Heimdal when you can do this, right?
PS: I am glad people are noticing that the Web Filter Driver offers a zero-weight to browsing now. Prior versions, it was slightly heavier, and at times, noticeable. Not so anymore.
Also, FortiClient is a caching AV. So I recommend after installation a full scan. After that Change/Modify will be carefully guarded and the system will feel much faster then just installing it and waiting for everything to cache over hours/days.
Also, FortiClient is a caching AV. So I recommend after installation a full scan. After that Change/Modify will be carefully guarded and the system will feel much faster then just installing it and waiting for everything to cache over hours/days.
Just FortiClient's Web Filter.. comparing to Heimdal.. hmm @ForgottenSeer 58943 can you increase Web Filter effectiveness in xml?
@ForgottenSeer 58943 can you increase Web Filter effectiveness in xml?
- Dec 29, 2014
- 1,716
First many thanks for all the get started information with this software. It's good. So here it is...first scan (other PC is clean thankfully):
First 3 are all from RanSim and ransomeware simulator and a darn cool program I might add. Actually, I'm not so sure about the first one, but I think it is associated with Ransim based on the scan information. Anyway, I have been meaning to remove the program which had been useful for testing security applications. Ransomware has moved on. The illustrious key finder that everyone flags. Don't even remember which one it is, but it's time for it to go from the folder on a remote drive where it's been with drivers, pictures, and so on for another PC in the house. Think I put it there around the time of the W10 upgrade for the PC.
Question about the web filter. The filter settings are standard category based operators. Does FortiClient, however, send all connection attempts to Fortinet to run them by a black list, or are the categories the protection? Either way I am very happy with the program, just curious about the filter.
First 3 are all from RanSim and ransomeware simulator and a darn cool program I might add. Actually, I'm not so sure about the first one, but I think it is associated with Ransim based on the scan information. Anyway, I have been meaning to remove the program which had been useful for testing security applications. Ransomware has moved on. The illustrious key finder that everyone flags. Don't even remember which one it is, but it's time for it to go from the folder on a remote drive where it's been with drivers, pictures, and so on for another PC in the house. Think I put it there around the time of the W10 upgrade for the PC.
Question about the web filter. The filter settings are standard category based operators. Does FortiClient, however, send all connection attempts to Fortinet to run them by a black list, or are the categories the protection? Either way I am very happy with the program, just curious about the filter.
Last edited:
- Apr 16, 2017
- 2,613
I finally got around to installing FC 6.0.1.0099 and the webfilter is working (but I need to tweak it some...
)I got temp locked out of a webmail site because that vendor also has a proxy service (which I was not using) and that FC category was enabled in settings and using exclusion for that URL did not allow it to connect either. Something to do this weekend, learn some of the nuances I glossed over. As everyone always says, helps to really understand the software...
