Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Written Reviews - Security and Privacy
FortiClient 6.0.9.0277
Message
<blockquote data-quote="AtlBo" data-source="post: 987673" data-attributes="member: 32547"><p>First, a little bit about Forticlient. It is a group of pieces that are designed to work on machines across a business network, which also would be running the Fortinet firewall hardware. Through use of the firewall hardware, cloud defense, the sandbox, memory protection, and finally the signature based anti-virus, the system is very powerful as a whole in this environment. The sandbox, when operational normally provides a high level of protection, which uses machine learning to isolate malware processes which seek to spread across a network. All of the elements are then designed to work together. However, the Forticlent UI module, which you have installed, will only give you access to web filtering, memory protection, and the standard real-time anti-virus. It is purely signature and scan based protection, along with a little memory filtering. This is because you do not have the Fortinet firewall hardware, which I assume is extremely expensive and also impractical for a single endpoint computer owner.</p><p></p><p>Basically, you are using the endpoint software (user machine software) for a network array. You have only the mentioned protections from this endpoint software. This is why Forticlient is so well regarded for coupling with Comodo Firewall. Comodo Firewall has the firewall and the sandbox, but the cloud lookup is considered weak and the Web filtering basically non-existent. You have no scanning ability with Comodo Firewall. If you add FC to Comodo Firewall, you then get very good web filtering and a standard cloud lookup a-v with real time and on demand scanning to go along with the firewall and sandbox of Comodo. You can also, say, add AppCheck or some other anti-ransomeware, or, for example, add NVT OSArmor (one of the test versions etc.) and really go all the way. Alternatively, you could also simply add a firewall such as Malwarebytes' Binisoft Firewall control and then maybe Sandboxie, etc. to have good coverage. This might get kind of complicated, honestly, but the CF/Forticlient combination is simple enough and has worked very well for me for I guess 5 years now, while I have been using CF for 8 years now.</p><p></p><p>On the settings, you cannot see the level to which the program is hardened, because the UI does not give any way to view the depth of the settings chosen via the html. They are designed to be adjusted via the html file by an IT network administrator and thereby controlled over the network in a way where they will remain in place without any risk of alteration from an employee at a workstation, etc. However, I recommend you read through the thread I referenced for a more in depth understanding of the program and these settings. ForgottenSeer 58943 has information about the system which is helpful. To find the thread, you will have to use the MalwareTips search should you care to go that route. In a nutshell, compared to the client as installed, using the settings you added, you are getting deeper than normal scanning (more extensive, more often, and broader to include USB devices etc), quite a bit more aggressive signatures (blocking more processes including PUPs), and quite a bit more aggressive signature enforcement (automatic quarantine of blocked processes). The html file is the key. Via the UI, you can only change a few things but through the html you can harden the scanning behavior of the client a-v software to a fairly fine degree. I believe a user can choose from one of 4 or 5 different levels of signature detection.</p><p></p><p>I don't recommend FC for anyone who is seeking to depend exclusively on the program for PC defense. However, combined with Comodo Firewall (as the best example, although other programs can possibly be paired with FC), FC can provide very good a-v coverage and signature detection on a machine where there would be little if any such protection. Honestly, it seems like FC is almost designed to be paired with Comodo Firewall.</p><p></p><p>Hope this helps some. Try ForgottenSeer 58943's Forticlient thread (v 6.0.0.0). It's very helpful.</p></blockquote><p></p>
[QUOTE="AtlBo, post: 987673, member: 32547"] First, a little bit about Forticlient. It is a group of pieces that are designed to work on machines across a business network, which also would be running the Fortinet firewall hardware. Through use of the firewall hardware, cloud defense, the sandbox, memory protection, and finally the signature based anti-virus, the system is very powerful as a whole in this environment. The sandbox, when operational normally provides a high level of protection, which uses machine learning to isolate malware processes which seek to spread across a network. All of the elements are then designed to work together. However, the Forticlent UI module, which you have installed, will only give you access to web filtering, memory protection, and the standard real-time anti-virus. It is purely signature and scan based protection, along with a little memory filtering. This is because you do not have the Fortinet firewall hardware, which I assume is extremely expensive and also impractical for a single endpoint computer owner. Basically, you are using the endpoint software (user machine software) for a network array. You have only the mentioned protections from this endpoint software. This is why Forticlient is so well regarded for coupling with Comodo Firewall. Comodo Firewall has the firewall and the sandbox, but the cloud lookup is considered weak and the Web filtering basically non-existent. You have no scanning ability with Comodo Firewall. If you add FC to Comodo Firewall, you then get very good web filtering and a standard cloud lookup a-v with real time and on demand scanning to go along with the firewall and sandbox of Comodo. You can also, say, add AppCheck or some other anti-ransomeware, or, for example, add NVT OSArmor (one of the test versions etc.) and really go all the way. Alternatively, you could also simply add a firewall such as Malwarebytes' Binisoft Firewall control and then maybe Sandboxie, etc. to have good coverage. This might get kind of complicated, honestly, but the CF/Forticlient combination is simple enough and has worked very well for me for I guess 5 years now, while I have been using CF for 8 years now. On the settings, you cannot see the level to which the program is hardened, because the UI does not give any way to view the depth of the settings chosen via the html. They are designed to be adjusted via the html file by an IT network administrator and thereby controlled over the network in a way where they will remain in place without any risk of alteration from an employee at a workstation, etc. However, I recommend you read through the thread I referenced for a more in depth understanding of the program and these settings. ForgottenSeer 58943 has information about the system which is helpful. To find the thread, you will have to use the MalwareTips search should you care to go that route. In a nutshell, compared to the client as installed, using the settings you added, you are getting deeper than normal scanning (more extensive, more often, and broader to include USB devices etc), quite a bit more aggressive signatures (blocking more processes including PUPs), and quite a bit more aggressive signature enforcement (automatic quarantine of blocked processes). The html file is the key. Via the UI, you can only change a few things but through the html you can harden the scanning behavior of the client a-v software to a fairly fine degree. I believe a user can choose from one of 4 or 5 different levels of signature detection. I don't recommend FC for anyone who is seeking to depend exclusively on the program for PC defense. However, combined with Comodo Firewall (as the best example, although other programs can possibly be paired with FC), FC can provide very good a-v coverage and signature detection on a machine where there would be little if any such protection. Honestly, it seems like FC is almost designed to be paired with Comodo Firewall. Hope this helps some. Try ForgottenSeer 58943's Forticlient thread (v 6.0.0.0). It's very helpful. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
