And again, the file does not tell me much since there is no comparison, and, no mentioning anywhere in it what sort of level the default settings in it delivers. So when applying them or the file, or your file, i would not know what, i am applying. So please, tell me something about that! I would also appreciate some info about what the Dynamic threath protection is.
First, a little bit about Forticlient. It is a group of pieces that are designed to work on machines across a business network, which also would be running the Fortinet firewall hardware. Through use of the firewall hardware, cloud defense, the sandbox, memory protection, and finally the signature based anti-virus, the system is very powerful as a whole in this environment. The sandbox, when operational normally provides a high level of protection, which uses machine learning to isolate malware processes which seek to spread across a network. All of the elements are then designed to work together. However, the Forticlent UI module, which you have installed, will only give you access to web filtering, memory protection, and the standard real-time anti-virus. It is purely signature and scan based protection, along with a little memory filtering. This is because you do not have the Fortinet firewall hardware, which I assume is extremely expensive and also impractical for a single endpoint computer owner.
Basically, you are using the endpoint software (user machine software) for a network array. You have only the mentioned protections from this endpoint software. This is why Forticlient is so well regarded for coupling with Comodo Firewall. Comodo Firewall has the firewall and the sandbox, but the cloud lookup is considered weak and the Web filtering basically non-existent. You have no scanning ability with Comodo Firewall. If you add FC to Comodo Firewall, you then get very good web filtering and a standard cloud lookup a-v with real time and on demand scanning to go along with the firewall and sandbox of Comodo. You can also, say, add AppCheck or some other anti-ransomeware, or, for example, add NVT OSArmor (one of the test versions etc.) and really go all the way. Alternatively, you could also simply add a firewall such as Malwarebytes' Binisoft Firewall control and then maybe Sandboxie, etc. to have good coverage. This might get kind of complicated, honestly, but the CF/Forticlient combination is simple enough and has worked very well for me for I guess 5 years now, while I have been using CF for 8 years now.
On the settings, you cannot see the level to which the program is hardened, because the UI does not give any way to view the depth of the settings chosen via the html. They are designed to be adjusted via the html file by an IT network administrator and thereby controlled over the network in a way where they will remain in place without any risk of alteration from an employee at a workstation, etc. However, I recommend you read through the thread I referenced for a more in depth understanding of the program and these settings. ForgottenSeer 58943 has information about the system which is helpful. To find the thread, you will have to use the MalwareTips search should you care to go that route. In a nutshell, compared to the client as installed, using the settings you added, you are getting deeper than normal scanning (more extensive, more often, and broader to include USB devices etc), quite a bit more aggressive signatures (blocking more processes including PUPs), and quite a bit more aggressive signature enforcement (automatic quarantine of blocked processes). The html file is the key. Via the UI, you can only change a few things but through the html you can harden the scanning behavior of the client a-v software to a fairly fine degree. I believe a user can choose from one of 4 or 5 different levels of signature detection.
I don't recommend FC for anyone who is seeking to depend exclusively on the program for PC defense. However, combined with Comodo Firewall (as the best example, although other programs can possibly be paired with FC), FC can provide very good a-v coverage and signature detection on a machine where there would be little if any such protection. Honestly, it seems like FC is almost designed to be paired with Comodo Firewall.
Hope this helps some. Try ForgottenSeer 58943's Forticlient thread (v 22.214.171.124). It's very helpful.
@Shadowa I have seen that Bitdefender has become an absolute beast with its protection abilities. Maybe it would work better with Comodo Firewall, but then it may be too heavy compared to Forticlient which is not very heavy by itself.
No problem. Hope you like the program, but at least picking up some new knowledge can be interesting and helpful if not. I have enjoyed that aspect of using Forticlient. It's a good study of standard business type network protection, which has always been a curiosity and interest for me I guess
@pxxb1 here is a thread about this very topic:
Forticlient Dynamic Threat Thread
I don't know more, but I have it on via the html if I am not mistaken. I imported the html earlier, and it is on here.
As far as I can discern, dynamic threat detection enables cloud interaction with the individual client (your copy of the program), so you get much better real time zero day detection and prevention. As far as the entire Fortinet system goes, it may be that dynamic threat is intended to function with the product as a whole, meaning that perhaps the product via the cloud could preemtively drop a block signature for something on the fortinet sandbox if an example of a sketchy looking file has shown up in an area of some company using the Fortinet system.
Forticlient is nice in that you are linked in a way to business computers using the system far and wide. This is true of all secured PCs I know, but many/most of the most serious attacks begin with businesses and a very good number of these are using Fortinet's system. Also, Fortinet is known for being up to date and on point with their signatures. I guess we all know how that can change, but I haven't seen anything indicating that Fortinet is lagging with its signature detection etc.
Great thanks Shadowra. Do you think you should add the settings .conf to the program, or will you test by the defaults? I do not believe the defaults will stand much of a chance of success, because the program is only designed to be part of a system. For an a-v/scanner it might be fine, just not so great for system protection. Then again, I'm not sure the hardened settings would fare better. Looking forward to the results, so thankyou.I will test it in the week Forticlient, since I see that it interests
But I'm not going to spare him, he will have the same protocol, like his competitors
Great thanks Shadowra. Do you think you should add the settings .conf to the program, or will you test by the defaults? I do not believe the defaults will stand much of a chance of success, because the program is only designed to be part of a system. For an a-v/scanner it might be fine, just not so great for system protection. Then again, I'm not sure the hardened settings would fare better. Looking forward to the results, so thankyou.