App Review FortiClient 6.0.9.0277

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Product name
FortiClient 6.0.9.0277
Installation (rating)
5.00 star(s)
User interface (rating)
4.00 star(s)
Accessibility notes
The GUI is nice and well organized. To modify most of the settings you have to click on "Unlock Settings" on the low-left corner.
Default settings are already good, you can tune them deeply by using the conf file.
To do so, you have to go to Settings-->Backup and save the file somwhere. Then you open it (for example with WordPad) and edit it. After saving, you can import it by Settings-->Restore
Here is the official guide https://docs.fortinet.com/document/forticlient/6.0.9/xml-reference-guide/387580/introduction
Performance (rating)
5.00 star(s)
Core Protection (rating)
4.00 star(s)
Proactive protection (rating)
4.00 star(s)
Additional Protection notes
FortiClient has Antivirus, AntiExploit, Heuristic and Web Filter.
It lacks of a strong Behaviour Blocker or HIPS and of a Firewall, but Web Filter and Signatures are top notch.
Sandbox is available only if you have a FortiSandbox connected.
Browser protection (rating)
5.00 star(s)
Positives
    • Freeware
    • Many features
    • Minimal setup required
    • Low impact on system resources
    • Simple and non-intrusive
    • Accurate results and reliable antivirus engine
    • Effective malicious URL blocking
    • Virus signatures are updated daily
    • Multi-layer protection approach
Negatives
    • Advanced users may want more control
    • Weak protection against zero-day threats
Time spent using product
Reviewed over a 30-day period
Computer specs
MSI Cubi Intel Core i3-5005U
12Gb RAM
128Gb SSD
Recommended for
  1. Inexperienced users
  2. Multi-user devices
  3. Financial banking or trading
  4. Low spec PCs
Overall rating
4.00 star(s)

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
And again, the file does not tell me much since there is no comparison, and, no mentioning anywhere in it what sort of level the default settings in it delivers. So when applying them or the file, or your file, i would not know what, i am applying. So please, tell me something about that! I would also appreciate some info about what the Dynamic threath protection is.

First, a little bit about Forticlient. It is a group of pieces that are designed to work on machines across a business network, which also would be running the Fortinet firewall hardware. Through use of the firewall hardware, cloud defense, the sandbox, memory protection, and finally the signature based anti-virus, the system is very powerful as a whole in this environment. The sandbox, when operational normally provides a high level of protection, which uses machine learning to isolate malware processes which seek to spread across a network. All of the elements are then designed to work together. However, the Forticlent UI module, which you have installed, will only give you access to web filtering, memory protection, and the standard real-time anti-virus. It is purely signature and scan based protection, along with a little memory filtering. This is because you do not have the Fortinet firewall hardware, which I assume is extremely expensive and also impractical for a single endpoint computer owner.

Basically, you are using the endpoint software (user machine software) for a network array. You have only the mentioned protections from this endpoint software. This is why Forticlient is so well regarded for coupling with Comodo Firewall. Comodo Firewall has the firewall and the sandbox, but the cloud lookup is considered weak and the Web filtering basically non-existent. You have no scanning ability with Comodo Firewall. If you add FC to Comodo Firewall, you then get very good web filtering and a standard cloud lookup a-v with real time and on demand scanning to go along with the firewall and sandbox of Comodo. You can also, say, add AppCheck or some other anti-ransomeware, or, for example, add NVT OSArmor (one of the test versions etc.) and really go all the way. Alternatively, you could also simply add a firewall such as Malwarebytes' Binisoft Firewall control and then maybe Sandboxie, etc. to have good coverage. This might get kind of complicated, honestly, but the CF/Forticlient combination is simple enough and has worked very well for me for I guess 5 years now, while I have been using CF for 8 years now.

On the settings, you cannot see the level to which the program is hardened, because the UI does not give any way to view the depth of the settings chosen via the html. They are designed to be adjusted via the html file by an IT network administrator and thereby controlled over the network in a way where they will remain in place without any risk of alteration from an employee at a workstation, etc. However, I recommend you read through the thread I referenced for a more in depth understanding of the program and these settings. ForgottenSeer 58943 has information about the system which is helpful. To find the thread, you will have to use the MalwareTips search should you care to go that route. In a nutshell, compared to the client as installed, using the settings you added, you are getting deeper than normal scanning (more extensive, more often, and broader to include USB devices etc), quite a bit more aggressive signatures (blocking more processes including PUPs), and quite a bit more aggressive signature enforcement (automatic quarantine of blocked processes). The html file is the key. Via the UI, you can only change a few things but through the html you can harden the scanning behavior of the client a-v software to a fairly fine degree. I believe a user can choose from one of 4 or 5 different levels of signature detection.

I don't recommend FC for anyone who is seeking to depend exclusively on the program for PC defense. However, combined with Comodo Firewall (as the best example, although other programs can possibly be paired with FC), FC can provide very good a-v coverage and signature detection on a machine where there would be little if any such protection. Honestly, it seems like FC is almost designed to be paired with Comodo Firewall.

Hope this helps some. Try ForgottenSeer 58943's Forticlient thread (v 6.0.0.0). It's very helpful.
 
Last edited:

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
@Shadowa I have seen that Bitdefender has become an absolute beast with its protection abilities. Maybe it would work better with Comodo Firewall, but then it may be too heavy compared to Forticlient which is not very heavy by itself.
 

pxxb1

Level 9
Verified
Well-known
Jan 17, 2018
433
First, a little bit about Forticlient. It is a group of pieces that are designed to work on machines across a business network, which also would be running the Fortinet firewall hardware. Through use of the firewall hardware, cloud defense, the sandbox, memory protection, and finally the signature based anti-virus, the system is very powerful as a whole in this environment. The sandbox, when operational normally provides a high level of protection, which uses machine learning to isolate malware processes which seek to spread across a network. All of the elements are then designed to work together. However, the Forticlent UI module, which you have installed, will only give you access to web filtering, memory protection, and the standard real-time anti-virus. It is purely signature and scan based protection, along with a little memory filtering. This is because you do not have the Fortinet firewall hardware, which I assume is extremely expensive and also impractical for a single endpoint computer owner.

Basically, you are using the endpoint software (user machine software) for a network array. You have only the mentioned protections from this endpoint software. This is why Forticlient is so well regarded for coupling with Comodo Firewall. Comodo Firewall has the firewall and the sandbox, but the cloud lookup is considered weak and the Web filtering basically non-existent. You have no scanning ability with Comodo Firewall. If you add FC to Comodo Firewall, you then get very good web filtering and a standard cloud lookup a-v with real time and on demand scanning to go along with the firewall and sandbox of Comodo. You can also, say, add AppCheck or some other anti-ransomeware, or, for example, add NVT OSArmor (one of the test versions etc.) and really go all the way. Alternatively, you could also simply add a firewall such as Malwarebytes' Binisoft Firewall control and then maybe Sandboxie, etc. to have good coverage. This might get kind of complicated, honestly, but the CF/Forticlient combination is simple enough and has worked very well for me for I guess 5 years now, while I have been using CF for 8 years now.

On the settings, you cannot see the level to which the program is hardened, because the UI does not give any way to view the depth of the settings chosen via the html. They are designed to be adjusted via the html file by an IT network administrator and thereby controlled over the network in a way where they will remain in place without any risk of alteration from an employee at a workstation, etc. However, I recommend you read through the thread I referenced for a more in depth understanding of the program and these settings. ForgottenSeer 58943 has information about the system which is helpful. To find the thread, you will have to use the MalwareTips search should you care to go that route. In a nutshell, compared to the client as installed, using the settings you added, you are getting deeper than normal scanning (more extensive, more often, and broader to include USB devices etc), quite a bit more aggressive signatures (blocking more processes including PUPs), and quite a bit more aggressive signature enforcement (automatic quarantine of blocked processes). The html file is the key. Via the UI, you can only change a few things but through the html you can harden the scanning behavior of the client a-v software to a fairly fine degree. I believe a user can choose from one of 4 or 5 different levels of signature detection.

I don't recommend FC for anyone who is seeking to depend exclusively on the program for PC defense. However, combined with Comodo Firewall (as the best example, although other programs can possibly be paired with FC), FC can provide very good a-v coverage and signature detection on a machine where there would be little if any such protection. Honestly, it seems like FC is almost designed to be paired with Comodo Firewall.

Hope this helps some. Try ForgottenSeer 58943's Forticlient thread (v 6.0.0.0). It's very helpful.

Got it.

I found that the config.file settings that comes with the exe in your former link is very much the same as S-guys recommendations.
Thanks for all the info and help (y):)

I might add that the reason for the troubles on W10 may be that it is changed a lot with the help of NTLite. So it is not a regular W10 Os.
 
Last edited:

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
No problem. Hope you like the program, but at least picking up some new knowledge can be interesting and helpful if not. I have enjoyed that aspect of using Forticlient. It's a good study of standard business type network protection, which has always been a curiosity and interest for me I guess :)
 

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,223
@Shadowa I have seen that Bitdefender has become an absolute beast with its protection abilities. Maybe it would work better with Comodo Firewall, but then it may be too heavy compared to Forticlient which is not very heavy by itself.

You can always try and come back to Forticlient if Bitdefender does not suit you :)
 

pxxb1

Level 9
Verified
Well-known
Jan 17, 2018
433
No problem. Hope you like the program, but at least picking up some new knowledge can be interesting and helpful if not. I have enjoyed that aspect of using Forticlient. It's a good study of standard business type network protection, which has always been a curiosity and interest for me I guess :)

I went back to before i tweaked W10 with NTLite, then everything worked ok. I could import that config.file and the settings stick immediately.

You did not say anything about what the Dynamic threat protection is.
 
  • Like
Reactions: AtlBo

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
@pxxb1 here is a thread about this very topic:

Forticlient Dynamic Threat Thread

I don't know more, but I have it on via the html if I am not mistaken. I imported the html earlier, and it is on here.

As far as I can discern, dynamic threat detection enables cloud interaction with the individual client (your copy of the program), so you get much better real time zero day detection and prevention. As far as the entire Fortinet system goes, it may be that dynamic threat is intended to function with the product as a whole, meaning that perhaps the product via the cloud could preemtively drop a block signature for something on the fortinet sandbox if an example of a sketchy looking file has shown up in an area of some company using the Fortinet system.

Forticlient is nice in that you are linked in a way to business computers using the system far and wide. This is true of all secured PCs I know, but many/most of the most serious attacks begin with businesses and a very good number of these are using Fortinet's system. Also, Fortinet is known for being up to date and on point with their signatures. I guess we all know how that can change, but I haven't seen anything indicating that Fortinet is lagging with its signature detection etc.
 

pxxb1

Level 9
Verified
Well-known
Jan 17, 2018
433
@pxxb1 here is a thread about this very topic:

Forticlient Dynamic Threat Thread

I don't know more, but I have it on via the html if I am not mistaken. I imported the html earlier, and it is on here.

As far as I can discern, dynamic threat detection enables cloud interaction with the individual client (your copy of the program), so you get much better real time zero day detection and prevention. As far as the entire Fortinet system goes, it may be that dynamic threat is intended to function with the product as a whole, meaning that perhaps the product via the cloud could preemtively drop a block signature for something on the fortinet sandbox if an example of a sketchy looking file has shown up in an area of some company using the Fortinet system.

Forticlient is nice in that you are linked in a way to business computers using the system far and wide. This is true of all secured PCs I know, but many/most of the most serious attacks begin with businesses and a very good number of these are using Fortinet's system. Also, Fortinet is known for being up to date and on point with their signatures. I guess we all know how that can change, but I haven't seen anything indicating that Fortinet is lagging with its signature detection etc.

Ok, thank you for the link.
It sounds reasonable that it interact considering it`s name.

There is not many "pure" AVs out there anymore, so this one is a gem in many respects.
Again, thanks for the... service.
 
  • Like
Reactions: AtlBo

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,223
I will test it in the week Forticlient, since I see that it interests :)
But I'm not going to spare him, he will have the same protocol, like his competitors ;)
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
I will test it in the week Forticlient, since I see that it interests :)
But I'm not going to spare him, he will have the same protocol, like his competitors ;)
Great thanks Shadowra. Do you think you should add the settings .conf to the program, or will you test by the defaults? I do not believe the defaults will stand much of a chance of success, because the program is only designed to be part of a system. For an a-v/scanner it might be fine, just not so great for system protection. Then again, I'm not sure the hardened settings would fare better. Looking forward to the results, so thankyou. :)
 
  • Like
Reactions: Shadowra

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,223
Great thanks Shadowra. Do you think you should add the settings .conf to the program, or will you test by the defaults? I do not believe the defaults will stand much of a chance of success, because the program is only designed to be part of a system. For an a-v/scanner it might be fine, just not so great for system protection. Then again, I'm not sure the hardened settings would fare better. Looking forward to the results, so thankyou. :)

By default, we do not change the rule :D
 
  • Like
Reactions: AtlBo

Fel Grossi

Level 13
Verified
Top Poster
Well-known
Jan 17, 2014
619
Does anyone know if there is a way to install Forticlient 7 on an old PC, the same way as version 6.0 (Free)?
 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
838
Not sure why you would want to install Fortinet on any PC let alone an 'old' PC. Besides web filtering there isn't much reason to use Fortinet.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top