Created on 10-12-2020 01:23 AM Edited on 01-30-2024 03:25 AM By Kate_M
Description
This article describes how to synchronize FortiClient EMS tags and configurations.
Scope
A new option under the FortiClient EMS settings consolidates the setup of EMS connectors to support EMS tags.
EMS tags are pulled and automatically synced with the EMS server.
Ii is converted into read-only dynamic firewall addresses that can be used in firewall policies, routing, and so on.
Solution
- Tags have been created on Compliance Verification -> Compliance Verification Rules page.
# config endpoint-control fctemsVerify which IPs the dynamic firewall address resolves to.
edit "ems137"
set fortinetone-cloud-authentication disable
set server "172.16.200.137"
set https-port 443
set source-ip 0.0.0.0
set pull-sysinfo enable
set pull-vulnerabilities enable
set pull-avatars enable
set pull-tags enable
set call-timeout 5000
set certificate "REMOTE_Cert_1"
next
end
# diagnose firewall dynamic listConfigure a firewall policy that uses the EMS tag dynamic firewall address as a source.
List all dynamic addresses:
FCTEMS0580-----9_ems137_vuln_critical_tag: ID(118)
ADDR(10.1.100.120)
ADDR(10.1.100.198)
FCTEMS0580-----9_ems137_winscp_tag: ID(155)
ADDR(100.100.100.141)
FCTEMS0580-----9_ems137_win10_tag: ID(182)
ADDR(10.1.100.120)
# diagnose firewall dynamic address FCTEMS0580226579_ems137_vuln_critical_tag
FCTEMS0580-----9_ems137_vuln_critical_tag: ID(118)
ADDR(10.1.100.120)
ADDR(10.1.100.198)
Total dynamic list entries: 1.
Total dynamic addresses: 2
Total dynamic ranges: 0
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.