FortiClient (Windows) 5.6.2

[Fel Grossi]

What’s New in FortiClient (Windows) 5.6.1

This section identifies the new features and enhancements in FortiClient (Windows) 5.6.1. For more information, see the FortiClient Administration Guide.

Anti-exploit detection

The anti-exploit detection feature helps protect vulnerable endpoints from unknown exploit attacks. FortiClient monitors the behavior of popular applications, such as web browsers (Internet Explorer, Chrome, FireFox, Opera), Java/Flash plug-ins, Microsoft Office applications, and PDF readers, against exploits that use zero-day or unpatched vulnerabilities to infect the endpoint. Once detected, the compromised application process is terminated. The anti-exploit detection feature also helps protect against memory-based attacks and drive-by download attacks. It also detects and blocks unknown and known exploit kits. It is a signature-less solution.


Share endpoint user's social IDs with FortiAnalyzer

When FortiClient is in managed mode, details from cloud applications about endpoint users are sent to FortiAnalyzer. Before the information can be sent, the endpoint user must add the information to FortiClient by logging into a cloud application.


Support for FortiSandbox authorization

Administrators can now enforce that only authorized FortiClient endpoints can connect to their FortiSandbox.


Improvements to VPN auto connect

Various improvements and bug fixes have been made to improve the reliability and function of the VPN auto-connect feature

Change Log FortiClient (Windows) 5.6.2

2017-11-10 Initial release of FortiClient (Windows) 5.6.2.
2017-11-15 Added list of resolved issues from FortiClient (Windows) 5.6.1 to 5.6.2.
2017-11-23 Updated Special Notices by adding Change in SSL VPN default and updating Transition to OS Certificate Store instead of FortiClient’s local certificate store to clarify that FortiClient (Windows) supports certificates.

 

[ForgottenSeer 58943]

This is a pretty huge release. It offers a HMPA-like level of protection for Forticlient, for free.

This, combined with the Anti-Botnet, Expanded APT signatures and other improvements should really bring FortiClient up in the charts for free solutions.

 

[Warrior]

Interesting it also blocks coin miners,
It dose a lot for free ..

 

[bribon77]

FortiClient. It's a great program I've used and it's highly recommended thanks for the information.

 

[d0ts]

Does FortiSandbox required their hardware to work?

 

[vtqhtr413]

Has anyone tried this yet and if so, what did you think about it. I don't recall this having a free option.

 

[GonzitoVir]

Has anyone tried this yet and if so, what did you think about it. I don't recall this having a free option.

I'd like to hear other experiences with Fortinet too.
I tried Fortinet but there were things that only worked with its hardware.
I finally uninstalled it but it seemed like it messed with my Internet configuration and left it unstable.
This new release is big and if it is free, then its even better

 

[Warrior]

Well its set up on one of my systems and working well so far, I have no Fortinet hardware ,
So the FortiSandbox dose not work , u can chose to install or not install the FortiSandbox in the installer

 

[vtqhtr413]

Well its set up on one of my systems and working well so far, I have no Fortinet hardware ,
So the FortiSandbox dose not work , u can chose to install or not install the FortiSandbox in the installer

Thanks for responding Warrior. Anything about the program stand out as interesting or impressive.

 

[Danielx64]

The name FortiClient makes me think of a client for Fortinet hardware. Don't ask why.

 

[Sunshine-boy]

FortiClient

Don't they want to update this ugly and outdated user interface? it's not important but a cute user interface is necessary:notworthy:i like stylish software.

 

[ForgottenSeer 58943]

Don't they want to update this ugly and outdated user interface? it's not important but a cute user interface is necessary:notworthy:i like stylish software.

They just updated the interface in the 5.6 series. Is it supposed to have something else? It has the Win10 flat look now. No spinning tips and whistles, but that's not the point of it. If you tweak the INI file for Forticlient and turn on the ZOO signatures, it becomes one of the strongest signature based AV's in the world.

 

[bribon77]

Well I also like a nice and friendly interface ..... but there is a saying that says do not look at a rooster for its plumage.

 

[ForgottenSeer 58943]

Interesting it also blocks coin miners,
It dose a lot for free ..

I hinted a few months ago big things were coming for Forticlient, many have arrived already but more are still to come. Also note, you can 'fully' disable all telemetry/logging in Forticlient now, rendering a totally private/anonymous security solution, possibly the best in this area, or at least second only to Emsisoft in the privacy of your files/systems. They've added checkboxes to disable telemetry and disable logging at the granular level.

There are three levels of protection available with Forticlient. Starting from basic all the way up; (in the current 5.6.X release cycle)

Free Protection-
Web Filtration (very potent, perhaps the best web scanning in the world)
Antivirus (including the ability to enable extreme signatures, advanced heuristics in INI file)
Anti-Botnet/Anti-CC Protection (blocking communication to all known botnet domains and botnet ports)
Anti-Exploit (new feature, protects Windows, Windows Programs, Browsers, third party stuff like flash, java, PDF viewers, etc)
Vulnerability Protection (discovers and remedies system vulnerabilities, undiscovered vulns, etc)
Bitcoin Miner Protection

Protection if you have a Fortigate device on-network- (Everything mentioned previously in addition to)
Secured VPN
Secured Updates/Vuln/Monitoring (regardless if endpoint is in-network, or taken offsite, provides secured channel back to Fortigate)
Secured Local Updating (updates pushed from Fortigate, Fortigate validates updates, eliminates update hijacking, etc)
Management of Endpoints (scanning, vuln checks, etc)
Compliance Audit (audits endpoints via the Fortigate for compliance with network rules)

Protection if you have a Fortigate device on-network AND a Fortisandbox- (everything mentioned in previous two categories in addition to)
Behavioral Blocker
Machine Learning and Advanced Threat Protection (previously unknown threats, no-sigs)
Sandbox Evaluation and APT Detection (no-sigs, evaluates all downloaded/transmitted files in realtime sandbox)

Features coming soon in free version include DNS Protection and Certificate Validation in realtime on websites. At this point, I personally feel this may be the best free solution all things considered. It's certainly first on my list to recommend to friends/family that demand a free solution and has proven itself protecting some of the most clicker-heavy relatives I have.

I have the benefit of having an E series Fortigate on my gateway and all of the added functionality that comes with that in terms of Fortclient so for me, it's a no-brainer.

 

[amico81]

How good and light is the free version?
Looks interesting but i think new user need a guide for this av

 

[Warrior]

Thanks for responding Warrior. Anything about the program stand out as interesting or impressive.

ForgottenSeer 58943 has pretty much covered it all I can say I am very impressed by the Web Filtration and Bitcoin Miner Protection , so much so I have removed no coin from my firefox..

 

[Arequire]

@ForgottenSeer 58943 May I ask where the INI file is located? I remember looking for it earlier this year but couldn't find it in any of the folders.

 

[ForgottenSeer 58943]

@ForgottenSeer 58943 May I ask where the INI file is located? I remember looking for it earlier this year but couldn't find it in any of the folders.

Open the Forticlient GUI. Select 'File' in the upper left. Then under System you will find Backup or restore full configuration. Select backup and save the current configuration to your desktop. Make a backup of it. Then you can edit it. Once you edit it, reverse the procedure with the edited INI and select 'restore' to load up the new configuration. That file has every INI change you can make to the program which basically gives you absolute granular control over everything, including enabling advanced protection significantly above the default.

The reason these settings aren't in the GUI as they would be advanced for the average user. In the INI you can do things like turn on extended or extreme signature databases (Zoo), increase update frequency, enable/disable auto-malware removal, ramp up the heuristics and anything your heart desires. Full granular control like no other AV when you think about it. It's pretty hard to 'break' the problem by making changes and seeing how you like them, besides, you always have your core backup saved if you need to revert. I THINK you can even add additional programs to exploit protection but I would have to verify that myself and test it.

 

[ForgottenSeer 58943]

Also via INI you can do fun things. Like enforce 443 for updates. Set Forticlient to use more available hardware - it defaults to using 1 core only, if you are like me and have 6-8 cores, I give 2 cores to Forticlient to speed up scanning by 50%. You can disable sending found threats to Fortinet, blah blah blah. INI is where the fun begins for nerds.

 

[amico81]

Antivirus (including the ability to enable extreme signatures, advanced heuristics in INI file)

wich ini file? i need a guide for this av