I have tested Forticlient and it's a state-of-the-art software firewall. Why this not so well known here at Wilders? Anyone that has some thoughts about it? Even after the 90-days trial period of antivirus and webfilter updates, the software still works and is free to be used. Regards joter
Are you talking about the FortiClient Host Security ver 3.x ? I'm trialing it now for the first time, it seems like a nice security suite.
As mentioned by "YeOldeStonecat", this is a good appliance (hardware, as with a router (software internal)), I do not know of a software installation of this for windows. If there is, please advise and I will download.
In fact there is a software version of Fortinet's products, you can find it here: http://www.fortinet.com/products/forticlient.html It is a security suite which also includes a firewall. For some strange reason I am unable to access the Fortinet shop website at the moment, but I remember that it was mentioned that there are 2 versions of Forticlient with the main differences being in the simplicity of options and the user interface.
Hello Firecat, Thanks for the info. If you know of a download that does not require me to enter my company info, let me know.
There are two versions, Forticlient Host Security Enterprise Edition and the Consumer Edition. The only differences are the interface that has another "theme", the IPsec VPN feature and Windows 2003 support. For sure is also the cut-down price. Regards joter
If you don't mind http://www.download.com/3000-2239_4-10707678.html for the consumer Edition. Regards joter
I found these 2 links: http://www.tdfast.com/soft_files6/111_32607.exe (version 3.0.459, direct download link) http://www.tdfast.com/soft_files1/92_5673.zip (version 3.0.308, direct download link) The reason why I have provided both links is because from the screenshots I saw on the site I got these links, it appears that the 3.0.459 download is the consumer edition while the 3.0.308 download is the enterprise edition. Unless the server has changed the files, you should be able to get a fully functional Fortinet install from the above two files....I have not mentioned the site I got these links from because SiteAdvisor reports that the site may be risky.
Hi Firecat, Thanks, but I have downloaded using the link provided by "joter" (thanks joter). I will install later onto a VM to have a play.
I have installed onto VM to have a look. The firewall rules, certainly the advance rules are similar to ZA (same layout/ options). I will find time tomorrow to take a longer look. One question does arrise,... I allowed the firewall to update (AV etc) via HTTP, but I do not know why there is a constant attempt of outbound datagrams (UDP) going to 69.90.198.50(Fortinet) remote port 8888 (I currently have this blocked at gateway). Does anyone know what this is for?
I decided to have a look at these datagrams(udp) packets being sent. UDP are being sent to/ received from 69.90.198.50 and 210.51.190.136, both on remote port 8888. This is by "fortiwf.exe"(web filter service). Out of curiousity, I blocked "fortiwf.exe" from all comms within the firewall and I got popup to show these blocked:- This in itself appears correct, but when I compare this alert, from the firewall log, to my host log, I find these comms (with reply) are actually allowed:-
Sorry, I didn't find such attempts at my system. Note that I use the enterprise edition, not the consumer edition. Regards joter
Does this installation include the "web filter"? As mentioned in my posts, (these comms are from the "web filter". I was kindly sent a PM with info on this (thank you),.. that confirms the needed outbound UDP for the web filtering:- This is for updates (I presume), and certainly have no problem with this (updates are needed). My main concern at this time, is the fact that the firewall (after I blocked these comms) reported these as blocked, but, as I have posted, these comms are still allowed.
I have been able to finally reproduce the problem and it is exactly what you have noted. I think this is FACTORY SETTING that you can not override and there is a bug here because the log is been created before let it passing through. This attitude was very common on Kerio Firewalls. Regards joter
The info that Stem showed about port 8888, the web filter, and other Fortinet info can be found at the link here, http://kc.forticare.com/print.asp?id=947&Lang=1&SID=
Forticlient 3.0.459 did not uninstall very well. Windows Security Center reported that the firewall part was still installed but was luckily turned off. Personally I didn't like Forticlient very much.
I've most definately have heard of it but never used it. So what happens after the 90day trial is up, is any functions disabled ?
I have been using one of their Fortigate 60's (AV/IPS) boxes for a few years now and its done a great job. Dont know about their software, but if they are using the same IPS signatures, i would expect it to be good. I like using a dedicated box due to the zero impact on system resources. For all of you out there screaming...but what about outbound protection....In my opinion, outbound is overrated for the impact on resources imposed. Hook up an XP box directly to the net and you will be owned w/in 5 minutes (inbound). This is the biggest risk to your system. The best way to protect your system is NAT routing with a stealthed inbound firewall.
You have no more updates for Antivirus and Webfiltering. The program continues working as it is. Regards joter
Yes, it has the same IDS/IPS signatures, into the code. They change with every new version. Regards joter
