最新版本 FortiClient


FortiClient 是一個免費的終端保護套件,包括惡意軟件 / 病毒檢測,rootkit 刪除,家長網絡控制和 VPN。使用來自 Fortinet FortiGuard 實驗室的更新的威脅情報和定義來檢測惡意軟件。家長控制提供了一個簡單而有效的方法來阻止惡意和明確的網站。單一 VPN 配置允許通過 IPSec 或 SSL 協議進行快速簡單的安全遠程訪問。利用由 Fortinet 內部開發的 FortiClient 防病毒技術, FortiClient 防病毒已經獲得了二十多個 VB100 獎項,並且能夠在被動和主動的基礎上檢測威脅。主動檢測基於檢測零日惡意軟件,這是以前從未見過的惡意軟件.

FortiClient 是專為世界上最大的企業環境設計的企業級套件,包括“財富”1000 強企業,聯邦和州政府機構以及需要終極一個完全模塊化的保護套件,能夠超越防病毒。 FortiClient 與 FortiGate,FortiManager 和 FortiAnalyzer 完全集成,用於管理,部署和中央日誌 / 報告功能:
防病毒 SSL-VPN Web 過濾 IPSec VPN 應用防火牆雙因素身份驗證漏洞掃描廣域網優化自動 VPN 的在線檢測重塑品牌同樣可用:下載 FortiClient 為 Mac


檔案版本 FortiClient

檔案名稱 FortiClientOnlineInstaller.exe
檔案大小 819.2 KB
系統 Windows XP / Vista / Windows 7
軟體類型 免費軟體
作者 Fortinet
更新日期 2019-03-25

What's new in this version:

- Change log not available for this version

- Change log not available for this version


Split DNS support for SSL VPN:
- FortiClient (Windows) now supports split DNS tunneling for SSL VPN

Basic USB device control:
- You can use the USB device control feature to restrict access to USB ports on endpoints

Malware Protection:
The following issues have been fixed in version 6.0.3.:
- FortiClient (Windows) AV causes compilation error
- Black screen for a few minutes after login/logoff
- FortiClient (Windows) dashboard shows Sandbox as unauthorized even when the Test button shows it as valid
- FortiClient (Windows) reports signature to be out-of-date if it is updated to the signature more than X days ago, regardless of version
- AV RTP does not register to the Security Center in Windows 10 RS5
- Skype-received files do not trigger Sandbox scan
- Able to delete/restore quarantine file via virus alert popup when managed via EMS
- FortiClient (Windows) failed to block USB access for the first insertion when using the system
- Built-in policy to block USB access

Web Filter:
- Safe Search does not work
- FortiClient (Windows) Web Filter enable/disable setting change failed to apply

Application Firewall:
- Application Firewall cannot be set to invisible

Remote Access:
- SSL VPN with certificate authorization does not work from tray, but works from console
- IPsec resiliency error message '"failed to launch IPsec service"
- Unable to select certificate for SSL VPN
- Connecting to FortiGate clears authorized machine configuration (NAC node)
- Current personal VPN vibrates back to others in dual registration mode
- FortiClient (Windows) console on Windows 7 PCs inaccessible in Windows system tray - SSL VPN failure
- Phase 1/phase 2 IKE proposal not populated for IPv6 tunnel
- With IPv6 as remote gateway, custom port changes to the default after editing/saving
- Failed to remove split tunnel
- Save password, Auto-connect, and Always up do not display when VPN is down
- 6.0.2 RC1 fails to connect to VPN from task tray with user certificate authentication (no username or password)
- If FortiClient (Windows) 5.6.x is installed on a different drive (E:), manual upgrade to 6.0.x completes, but FortiClient (Windows) does not work after reboot
- If Prompt on connect is selected, certificate filter does not work properly
- Right-click is not working for username and password VPN fields
- RSA new PIN mode does not work for IPsec v4/v6 tunnel
- FortiClient (Windows) failed to switch auto-connect tunnels when FortiClient (Windows) is registered to FortiGate
- FortiClient (Windows) VPN dashboard shows empty VPN tunnel after connecting from FortiTray
- FortiClient (Windows) failed to show IP address for IPsec VPN
- FortiClient (Windows) not displaying actual username used for SSL VPN tunnel
- FortiClient (Windows) should report that VPN connection failed after two wrong passwords
- Connected SSL VPN failed to display tunnel info when password contained special characters
- FortiClient (Windows) IPsec VPN accepts invalid server certificate with IKEv2
- Backing up and restoring FortiClient (Windows) causes loss of IPsec VPN pre-shared key
- Should not display certificate dropdown for tunnel without certificate configured
- FortiClient (Windows) malware GUI says malware is quarantined when it is not
- Default tab not working
- Vulnerability schedule scan weekly is undefined in GUI

Install and upgrade:
- GUI is blank
- Remote Access (IPsec) loses saved username/password when upgrading to 6.0.0
- Update Diagnostic Tool's collected information
- Unable to upgrade FortiClient (Windows) 6.0.1 to 6.0.2 from EMS with password lock enabled
- Fortitray.exe running PowerShell error prompt
- Unable to open FortiClient (Windows) GUI in Windows 10 Education

Install and uninstall:
- FortiClient (Windows) has many leftover files after uninstallation

- Remembered FortiGate list needs to refresh after clicking Forget
- MSFT_HW_API does not survive ephemeral Microsoft service outages

- Change log not available for this version

- Change log not available for this version

- Change log not available for this version

- Change log not available for this version

- Change log not available for this version

- Updated to add support for FortiSandbox 2.4.0

- Change log not available for this version

- Removed 389753 from Resolved Issues
- Added 389240 and 390356 to Resolved Issues
- Moved 295413 to Known Issues
- Updated description of 390265
- Added the following special notice: SSL VPN cannot connect after upgrade to FortiOS to 5.4.x on page 7

- Change log not available for this version


- FortiClient 5.4.0 has enhanced capabilities for the detection of Advanced Persistent Threats (APT).
- Botnets running on compromised systems usually generate outbound network traffic directed towards Command and Control (C&C) servers of their respective owners. The servers may provide updates for the botnet, or commands on actions to execute locally, or on other accessible, remote systems.
- When the new botnet feature is enabled, FortiClient monitors and compare network traffic with a list of known Command and Control servers. Any such network traffic will be blocked.

FortiSandbox Integration:
- FortiSandbox offers the capabilities to analyse new, previously unknown and undetected virus samples in real- time. Files sent to it are scanned first, using similar Antivirus (AV) engine and signatures as available on the FortiOS and FortiClient. If the file is not detected, but is an executable file, it is run (sandboxed) in a Microsoft Windows virtual machine (VM) and monitored. The file is given a rating or score based on its activities and behaviour in the VM.
- FortiClient integration with the FortiSandbox allows users to submit files to the FortiSandbox for automatic scanning. When configured, FortiClient will send supported files downloaded over the internet to FortiSandbox if they could not be detected by the local real-time scanning. Access to the downloaded file is blocked until scanning result is returned.
- As FortiSandbox receives files for scanning from various sources, it collects and generates AV signatures for such samples. FortiClient periodically downloads the latest AV signatures from the FortiSandbox, and applies them locally to all real-time, as well as on-demand, AV scanning.
- This feature requires FortiSandbox running version 2.1 or newer and is only available on FortiClient (Windows).


Enhanced Real-Time Protection Implementation :
- The Real-Time Protection (RTP) or on-access feature in FortiClient uses a tight integration with Microsoft Windows to monitor files locally or over a network file system as they are being downloaded, saved, run, copied, renamed, opened or written to. The FortiClient driver coupling with Windows has been re-written to use modern API's provided by Microsoft. All basic features remain the same, with a few minor differences in behaviour. Some noticeable performance enhancements could be observed in various use case scenarios.

Web Filtering:
- Web Browser Usage and Duration:
- If configured, FortiClient will record detailed information about the user's web browser activities, such as: l Ahistoryofwebsitesvisitedbytheuser(asshowninregularwebbrowserhistory)
- l Anestimateofthedurationorlengthofstayonthewebsite
- These logs are sent to FortiAnalyzer, if configured. With FortiAnalyzer 5.4.0 or newer, the FortiClient logs sent
- from various endpoints may be viewed in FortiView.
- This feature requires FortiAnalyzer 5.4.0 or newer.


Authorized Machine Detection:
- For enterprises where new computers may be brought into the organisation by employees, FortiClient may be configured to check or identify the computer, before allowing it to establish IPsec VPN or SSL VPN connection to the FortiGate. The administrator may configure restrictions with one or more of the following:
- l Registrycheck:Ensureaspecificregistrypathcontainsapredeterminedvalue. l Filecheck:Verify:theexistenceofaspecificfileataspecifiedlocation.
- l Applicationcheck:Ensurethataspecificapplicationisinstalledandrunning.
- The verification criteria can be configured using advanced FortiClient XML configurations on the FortiGate or the EMS.
- This applies to FortiClient (Windows) only.
- New SSL VPN Windows Driver
- The FortiClient SSL VPN driver, pppop.sys was re-written to use the latest Microsoft Windows recommended CoNDIS WAN driver model. The new driver is selected when FortiClient is installed on Windows 7 or higher. The SSL VPN driver included in the previous versions of FortiClient will still be maintained.
- Endpoint Control What’s New in FortiClient (Windows) 5.4.0

New IPsec VPN Windows Driver:
- FortiClient IPsec VPN drivers have been updated to support Microsoft Windows NDIS 6.3 specification. The new drivers are compatible with Microsoft Windows 8.1 or higher.

Endpoint Control:
- Integration with the New Enterprise Management Server
- The Enterprise Management Server (EMS) is a new product from Fortinet for businesses to use to manage their computer endpoints. It runs on a Windows Server,so it does not require a physical Fortinet device. Administrators may use it to gain insight on the status of their endpoints. The EMS supports devices running Microsoft Windows, Mac OS X, Android and iOS.
- FortiClient Endpoint Control protocol has been updated to seamlessly integrate with the EMS. Various changes were added to support EMS features, such as:
- FortiGate Network Access Control with EMS Integration:
- When creating a FortiClient profile on EMS, the administrator can choose to configure the FortiClient to register to the same EMS or to a FortiGate. Changes in FortiClient 5.4.0 allow it to register to a FortiGate, while simultaneously, notifying the EMS of its registration status. The FortiClient EC registration to the FortiGate is required for Network Access Compliance (NAC). The administrator can configure the FortiGate to allow access to network resources only if the client is compliant with the appropriate interface EC profile.
- This feature requires FortiOS 5.4.0 or newer.
- Quarantine an Infected Endpoint from the FortiGate or EMS
- A computer endpoint that is considered to be infected may be quarantined by the FortiGate or EMS (Enterprise Management Server) administrator. FortiClient needs to be registered and online, using Endpoint Control, to the said FortiGate or EMS.
- Once quarantined, all network traffic to or from the infected endpoint will be blocked locally. This allows time for remediation actions to be taken on the endpoint, such as scan and clean the infected system, revert to a known clean system restore point or re-install the operating system.
- The Administrator may un-quarantine the endpoint in the future from the same FortiGate or EMS.

FortiClient GUI:
- This feature requires either FortiOS 5.4.0 or EMS 1.0.0.
- Importing FortiGate CA Certificate after Endpoint Control Registration
- When the FortiGate is configured to use SSL deep inspection, users visiting encrypted websites will usually receive an invalid certificate warning. The certificate signed by the FortiGate does not have a Certificate Authority (CA) at the endpoint to verify it. Users can manually import the FortiGate CA certificate to stop the error from being displayed. However, all users will have to do the same.
- When registering Endpoint Control (EC) to a FortiGate, the FortiClient will receive the FortiGate's CA certificate and install it into the system store. If Firefox is installed on the endpoint, the FortiGate's CA certificate will also be installed into Firefox certificate store. Thus, the end user will no longer receive the invalid certificate error message when visiting encrypted websites.
- The FortiGate CA certificates will be removed from the system store if FortiClient is uninstalled.

Enhancement to On-net/Off-net Configuration:
- The on-net feature requires the use of a FortiGate as the DHCP server. This is usually configured on the same FortiGate that the FortiClient will be registered. When the device on which FortiClient is running has an IP address from the FortiGate's DHCP server, it is on-net. For any other IP addresses, it is off- net.
- There is a new way to configure the on-net feature. On the FortiGate, the DHCP server can be used, or several network subnets can be provided.

FortiClient will be on-net if:
- Otherwise, it is off-net.

FortiClient GUI AntiVirus Settings Page:
- With the introduction of botnet detection and the integration with FortiSandbox, the AV settings page on the FortiClient GUI has been updated to allow configuration of the new features. The AV settings page is accessible from the FortiClient dashboard. Select the AV tab on the left pane. Then click the settings icon on Real-Time Protection in the right pane.

The following may be selected on the AV settings page:
- FortiClient (Windows) 5.4.0:
- The use of FortiSandbox requires that file scanning is enabled.

FortClient Banner Design:
- If FortiClient is running in standalone mode and not registered to a FortiGate or EMS, a single banner at the bottom of the GUI is displayed. This is true for both the FortiClient full version, as well as the VPN only version. When registered to a FortiGate or EMS, the banner is hidden by default. Similarly, when created from a FortiClient Configurator, no banner is displayed by default.

- Enhancement to FortiClient Logs
- FortiClient will create a log entry to show just the URL visited by the user through a web browser. This is in addition to the network level logs generated by FortiClient.

- FortiClient 5.2.4 supports Windows 10. If upgrading from Windows 7 or 8.1 to Windows 10, please uninstall any installed FortiClient, reboot the system, and reinstall FortiClient 5.2.4. Please note, in this scenario, using the Repair option in the Programs and Features Control Panel does not reinstall FortiClient properly.
- The OpenSSL library has been updated to the latest version 1.0.2d.
- FortiOS 5.4 offers the FortiGate administrator the ability to quarantine an endpoint. Traffic from a quarantined endpoint will be dropped by the FortiGate until the endpoint has been released from quarantine. If the endpoint is running FortiClient 5.2.4 or newer) and registered to the FortiGate using Endpoint Control, FortiClient will notify the endpoint user that it has been quarantined by the FortiGate administrator. The FortiClient GUI will change to convey the message. The GUI will remain above any other opened window and cannot be closed. Once released from quarantine the FortiClient GUI will revert to normal operations.

- FortiClient may be configured to send log messages to a syslog server. The following XML configuration may be used to enable this feature. Set to faz in order to switch logging to FortiAnalyzer. This is the default. Provide the IP address of the syslog server in
- The OpenSSL library has been updated to the latest version 1.0.1k.

- Vulnerability Scanner (Vulnerability Scan) and firewall applications (Application Firewall) with version and above has been removed for unmanaged clients. FortiGate administrators can enable the display of these functions (for FortiClient) for the registered FortiGate users, so that these functions are still available but are no longer free.
- Improved usability of the repackager tool
- Repackaged clients can be upgraded
- Option to drop IPv6 traffic when an IPsec VPN connection is established. IPv4 traffic is sent through the tunnel or otherwise, depending on whether split tunnel is used.

FortiClient 相關參考資料
(Windows) Release Notes | FortiClient 6.0.2 | Fortinet Documentation ...

Special Notices. Microsoft Windows updates related to CPU security flaw (Meltdown). Microsoft Windows updates may not occur due to a CPU security flaw ...

Alby23 - Fortinet Technical Discussion Forums

Hello, I have just installed Forticlient on my Windows 7 workstation;This is the 1st time I install and use Forticlient; Installation was ok, and ended with ...

Configurator Tool | FortiClient 6.0.2 | Fortinet Documentation Library

Windows has a hard limit of 260 characters on file path length. It is recommended to run the FortiClient Configurator Tool in a shallow directory structure, such as ...

Forticlient 6.0 GUI does not open | Fortinet Technical Discussion ...

Hello,I have just installed Forticlient on my Windows 7 workstation;This is the 1st time I install and use Forticlient;Installation was ok, ...

FortiClient blocks some youtube videos by default ...

Hello, I am new to FortiClient and am using it for Anti Virus on a few Win 7 Pro computers. ... I've catched same problem at FC

FortiClient version by Fortinet Technologies Inc - How to ...

How to uninstall FortiClient Version by Fortinet Technologies Inc? Learn how to remove FortiClient Version from your ...


FortiClient для Windows - Скачать бесплатно. Бесплатный антивирус

Разработчик: Fortinet (США). Лицензия: Бесплатно (персональное и коммерческое использование). Версия: Обновлено ...

Скачать бесплатный FortiClient — антивирус

Скачать FortiClient FortiClient Endpoint Security — бесплатная версия антивируса, который предлагает защиту корпоративного класса для ...

下載FortiClient – Vessoft

FortiClientー一款具有出色的計算機防護能力的軟件。防病毒軟件會掃描計算機中的活動感染,並在掃描過程中將其刪除,從而確保100%清除檢測到的病毒,即使掃描 ...

杀毒软件– Windows – Vessoft

FortiClient 杀毒软件. 這款殺毒軟件具有內置的VPN客戶端和對惡意軟件進行計算機防護的出色水平,能夠有效檢測到網絡釣魚。 下載. 免費. English.