FortiClient 6.0.0 (Windows)

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
If you install the "Web filtering" module only, the category "Security Risk" moves from the "Malware Protection" tab to the "Web Security" tab, but you can still block malware&phishing websites.
You also get "Vulnerability scan" and my database is v. 1.00169 and "up to date"

This is what I was wondering if maybe @yitworths was seeing in the client software (only web filtering present). I see he has actually installed but disabled the A-V. So @yitworths, you could save config and reinstall without the a-v module to save GUI load time I suppose if that interests you.

I thought maybe without the A-V module installed the GUI would change and move the "potentially malicious" filters to the Web Security/Filtering tab. Looks like Fortinet thought of everything. At any rate, once I saw @yitsworth's pictures I understood that he was seeing the same thing I see with the "possibly malicious" in the A-V settings. Appreciate your picture @imuade. Helped me understand the program a little bit better :).

BTW, just for the record, I have the same setup on two PCs here that are always on, so I can always verify things twice about FortiClient.
At that moment, I was going through three different threads from two different domains & I ended up posted that. Sorry for that.

LOL :ROFLMAO:, I have been doing 9 things at a time this morning too. I was trying to guess how FortiClient software looks without the A-V installed, but it is installed on your system->just disabled. @imuade's pic cleared that one up for me.
 

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
So the vulnerability signatures are for vulnerability scan and the actual web filter is working on cloud level right? And you can check those cloud signature dates + details from forticlinet web site?

So if you install web filter only, its working on cloud level and the signature / engine updates doesnt matter
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,797
If you install the "Web filtering" module only, the category "Security Risk" moves from the "Malware Protection" tab to the "Web Security" tab, but you can still block malware&phishing websites.
You also get "Vulnerability scan" and my database is v. 1.00169 and "up to date"

View attachment 196984

fwiw I have the same version 1.00169 & my interface says up to date :unsure: with last check 30_aug 1613. I'm not seeing a tweak to tell if how often to update. That means I guess 1.00169 was pushed to me 30_aug @1613 and nothing new since then..?
 
Last edited:

yitworths

Level 10
Verified
Well-known
May 31, 2015
472
I thought maybe without the A-V module installed the GUI would change and move the "potentially malicious" filters to the Web Security/Filtering tab.

yea, you are correct.This is my forticlient's interface 2018-09-02_21-54-36.png. & what you've seen at that moment that was for TairikuOkami. As I intended to check his issues.
 
  • Like
Reactions: AtlBo

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,797
So the vulnerability signatures are for vulnerability scan and the actual web filter is working on cloud level right? And you can check those cloud signature dates + details from forticlinet web site?

So if you install web filter only, its working on cloud level and the signature / engine updates doesnt matter

not so sure about that... :unsure:
 
  • Like
Reactions: stefanos and AtlBo

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
not sure, that's not obvious to me here, as least not yet...??? :unsure:

Have you tried new malicious links? Maybe that will help verify. BTW, if you have Comodo web filtering on, it seems to be doing a good job as back up for me...just in case you don't get a block from FortiClient should you test:

Phishing Block.png

If FortiClient reports new links by one of the "potentially malicious" categories when it blocks a site, that should indicate that indeed it is a purely cloud mechanism. I tried a few at VXVault if you have the courage to go for it. You can see in the pic one of them. All of them were the same domain. I know you have very good protection in place, but I didn't like testing on a normal system either. Systems here are like yours I believe with Comodo FW + FortiClient + OSArmor.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,797
Have you tried new malicious links? Maybe that will help verify. BTW, if you have Comodo web filtering on, it seems to be doing a good job as back up for me...just in case you don't get a block from FortiClient should you test:

View attachment 196990

If FortiClient reports new links by one of the "potentially malicious" categories when it blocks a site, that should indicate that indeed it is a purely cloud mechanism. I tried a few at VXVault if you have the courage to go for it. You can see in the pic one of them. All of them were the same domain. I know you have very good protection in place, but I didn't like testing on a normal system either. Systems here are like yours I believe with Comodo FW + FortiClient + OSArmor.

good idea, and yes similar configs. :)
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
yea, you are correct.This is my forticlient's interface . & what you've seen at that moment that was for @TairikuOkami. As I intended to check his issues.

OK, thanks for clarifying. For anyone who is has a question about installing FortiClient, users who install FortiClient with the A-V will see a slightly different GUI with a tab on the left for "Malware Protection". For "Web Security" only installation of FortiClient, the "potentially malicious" filter settings will be in "Web Security" rather than in the A-V settings of "Malware Protection" :)
 

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
According to FortiGuard website, v. 1.169 is the latest

Learn More
ok, from what I see fortiwf is on, with network activity... meaning... it is using its cloud and v1.00169...? It's sunday am and I've only had 1 cup of coffee so far...
v1.00169 means signatures of vulnerability scanner

I firstly though that meant web filter signatures, but there is no web filter signatures to be updated at all

It means Web filter runs on cloud level, and is updated itself
 
D

Deleted Member 3a5v73x

I personally feel FortiClient with just Web filter has edge over Heimdal Pro(Thor Foresight Home) since you can set categories which to block and phishing detection is high, I know Heimdal is lacking in that one, also, for me it seems any Web blocking extension can be removed, while I would still use atleast one of the WDBP/Avira/Malwarebytes extension alongside Heimdal Pro. FortiClient Web filtering is very nice with zero system weight or impact on browsing speed, plus the fact it's free.
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
FortiClient Web filtering is very nice with zero system weight or impact on browsing speed, plus the fact it's free.

True, and the A-V detection is crystal sharp too for anyone who installs the a-v.

The two systems integrate extraordinarily well, so it's possible to imagine how powerful the full system must be. There are several configuration options within the XML just for the a-v that make the whole program feel like it could be any of 40 different programs, honestly. Also, the ease of exporting/importing settings is fantastic. Once settings are achieved, export them to any machine, and they will work reliably. The flexibility of the program for an a-v, is what I am liking so far the most. I am very impressed with this aspect of use.

I want extreme sigs, so it's easy to achieve in FortiClient and with options for detection and scanning and removal etc.. Very nice indeed. Excellent match for Comodo Firewall, a combination which mimics to the best degree possible for two programs the full Fortinet system.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top