Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
Jonathan_Body_FTNT
Staff
Staff

Created on ‎07-22-2009 07:56 AM Edited on ‎01-30-2024 02:07 AM By Community Manager

Article Id 198391

FortiClient and Firewall Policy Lockdown

Description
This article explains how to lockdown firewall policies so that users cannot disable or change them.
Scope
All FortiClient users.
Solution

The centralized lockdown feature has been available since the release of version 3.0 of FortiClient, the manual lockdown feature has been available since version 3.0 MR5.
 
An administrator can configure Manual Lockdown on the GUI.  From the FortiClient Console select "Lock Settings", the following password prompt will appear:
 
jbody_FD30656_FD30656-forticlient.jpg
 
 
If Remote Management has been enabled, it can be lockdowned by FortiClient's user interface via FortiManager. The FortiManager guide provides instructions on how to do this.
 
Alternatively you can force locking down for all users, including administrators, by creating a property in the MSI's property table.
  • Create a new, or edit an existing, MSI transform file.
  • Open the Property table and create a property called ADMINPWD.  Set its value to the MD5 of a pass phrase of your choice.



 

 

1323
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.