FortiOS 6 – FortiClient Compliance Profiles

Modifying the endpoint protection replacement messages

If the security policy has Redirect all non-compliant/unregistered FortiClient compatible devices to a captive portal enabled, users of non-compliant devices are redirected to a captive portal that is defined by the Endpoint NAC Download Portal replacement message. There are different portals for Android, iOS, Mac, Windows, Quarantine, and “other” devices.

To modify the the endpoint protection replacement messages

  1. Go to System > Replacement Messages and select Extended View.
  2. In the Endpoint Control section select the message that you want to edit.

The replacement message and its HTML code appear in a split screen in the lower half of the page.

  1. Modify the text as needed and select Save.

Monitoring endpoints

Go to Monitor > FortiClient Monitor to monitor endpoints.

The Monitor page allows the user to view FortiClient endpoint devices grouped by interface and then subgrouped by compliance status. Compliance status can be compliant, non-compliant, exempt, or quarantined.

Status Enforcement Enabled Enforcement Disabled
Compliant List only active FortiClient endpoints. No devices listed.
Not-compliant List devices not-compliant with

FortiClient profile, so long as they are not exempt.

No devices listed.
Exempt* List FortiClient endpoints exempt from FortiClient compliance. List of all user devices except those quarantined by the administrator.
Quarantined List devices quarantined by the administrator. List devices quarantined by the administrator.

* Includes device exempt reasons as any combination of device, device category/group, and source address.

You can see the reasons for non-compliance by right-clicking on an endpoint in the list.

 


Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To Buy Your Fortinet Hardware From The Fortinet GURU