Enabling Endpoint Control Endpoint Network Access Control
FortiClient Endpoint Security Version 4.0 MR1 Administration Guide
34 04-40001-99556-20090626
http://docs.fortinet.com/ • Feedback
To view the list of predefined applications
•Go to Endpoint NAC > Application Detection and select the Predefined tab. See
Table 2 on page 35 for the list of group and category definitions.
To create an Application Detection List
1 Go to Endpoint NAC > Application Detection > Detection List tab and click Create New.
Figure 6: New Detection List window
2 Enter a name for the list.
3 Enter any applicable comments about the list.
4 Click OK.
5 Click Create New.
6 In the New Application Detection Entry area, enter the following information. See
Table 2 on page 35 for the list of category definitions.
• Category — Select the applicable category.
• Vendor — Select the vendor that applies to the category.
• Application — Select the application.
• Action — Select one of the following:
• Allow — The FortiGate unit takes no action against applications.
• Monitor — The FortiGate unit records the application in the logs and in the
Endpoint NAC > Monitor list but will not take any action against the user.
• Block — The FortiGate unit quarantines the host and records the violating
applications in the logs and in the Endpoint NAC > Monitor list. A “quarantined”
message is shown to the user in the web browser.
7 Click OK.
8 Repeat steps 5 and 6 to create the application detection list.
Figure 7: Detection list