Fortclient Configuration & Deployment
Providing a secure perimeter and a flexible remote access solution using Fortinet offerings.
Providing a secure perimeter and a flexible remote access solution using Fortinet offerings.
One of our recent customers were looking for a secure and flexible remote access solution that provided them with a like for like experience whether connecting via their own LAN or a mobile hotspot. Having reviewed a number of technologies and options, we progressed with offerings from the Fortinet suite to meet these requirements.
We installed and configured two FortiGate 300D firewall appliances at each customer site to provide perimeter defences and client VPN termination. The onsite firewalls would perform compliance enforcement and web content-filtering when the endpoints were ‘On Net’.
Next came the configuration & deployment of FortiClient on the Windows 10 end-user devices to provide a software-based perimeter defence capability for web content-filtering whilst ‘Off Net’ by using a split tunnel configuration with an Always On VPN for corporate network connectivity, leveraging device based certificate authentication.
FortiClientEMS was deployed to manage the FortiClient instances, allowing the customer to maintain client configuration globally from a central platform. FortiClient was configured to register with the EMS automatically as part of the build, this resulted in all new end-user devices being registered and configured automatically.
We leveraged the FortiClientEMS management of FortiClient to configure the application firewall and schedule vulnerability scans. FortiClient is also able to provide Antivirus for the endpoints, however we selected to use Windows Defender. We enabled compliance enforcement on the Fortigate and configured it to check for the Windows Defender definitions, this was due to limited integration with the Windows native Antivirus status reporting (now resolved in a subsequent update).
The end-user experience with FortiClient and FortiClientEMS was extremely good, with stability of the VPN and ease of use being some of the most regular feedback we received. The VPN was configured to use device based certificates as well as the users AD credentials to provide additional security. By using the FortiClient auto-connect feature, users were automatically connected to the VPN when going ‘OffNet’ which worked seamlessly and was very well received.
FortiClient
FortiClientEMS
Fortigate Firewall
Find out more about the services we offer, or contact us if you would like to find out more.
IT Services and Cloud Solutions provider based in Stevenage, Hertfordshire.
We provide organisations with the approach, resource and support that’s required to transition from on-premise, hosted and other cloud-based services into Office 365 and Microsoft Azure.
Unit 5 Arlington Court, Whittle Way, Stevenage, Hertfordshire, SG1 2FS
Phone: 01438 300335
Email: info@ogelit.com
This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies.
OKLearn moreWe may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.
Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
Because these cookies are strictly necessary to deliver the website, you cannot refuse them without impacting how our site functions. You can block or delete them by changing your browser settings and force blocking all cookies on this website.
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.
If you do not want that we track your visist to our site you can disable tracking in your browser here:
We also use different external services like Google Webfonts, Google Maps and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.
Google Webfont Settings:
Google Map Settings:
Vimeo and Youtube video embeds:
You can read about our cookies and privacy settings in detail on our Privacy Policy Page.
Privacy Policy
Leave a Reply
Want to join the discussion?Feel free to contribute!