Blog Layout

FortiClient EMS for Chromebooks

Download Sample M365 Risk Assessment
Akins IT • October 17, 2018

My previous blogs provided an overview of the FortiClient EMS platform for Windows and Mac OSX endpoints, but did you know that there’s also support for Chromebooks? Previous releases of FortiClient EMS had two versions, Standard and for Chromebooks. These had to be installed as two separate instances on their own dedicated VM, which meant that management of EMS registered devices had to be done from two separate consoles. With the introduction of EMS version 6.0 and above, management of both standard and Chromebook devices can now be accomplished within a single pane of glass.


How Does Licensing Work?


Although both Standard and Chromebook devices can now be managed under a single management console, licensing is still separate.

FortiClient Deployment


The FortiClient Web Filter Extension can be pushed out to endpoints via the Google admin portal. HTTPS communication between the extension and FortiClient EMS requires either a public or self-signed certificate.


Features


FortiClient Web Filter Extension for Chromebooks does not include endpoint AV and Vulnerability scanning. It is strictly for web content filtering but does add a layer of security by preventing endpoints from visiting known malicious sites. User web traffic is also sent back along with telemetry data, providing admins with visibility into the types of sites being visited. Attempts to access blocked sites or categories are displayed in the FortiClient EMS dashboard. Logs can also be sent to a FortiAnalyzer if one has been deployed.


On-net / Off-net Filtering     



Content filtering persists even while the devices are off-net, and new or updated EMS profiles can be pushed out to these devices so long as they can communicate with the EMS server. For off-net devices, this is achieved by having a public DNS entry exactly as the servers FQDN. This would then resolve to your public IP and NAT’d to the EMS servers private IP (The FortiClient Web Filter Extension communicates with the EMS server via its hostname, not IP address).

Learn More About EndPoint Security
CONTACT US TO LEARN MORE ABOUT THIS TOPIC OR TO SCHEDULE A CALL

Improve Productivity with Copilot and Akins IT

By Shawn Akins December 13, 2024
Unleashing Productivity: Maximizing Potential with Copilot for Microsoft 365 and Akins IT

Collaborate Securely with Akins IT

By Shawn Akins November 25, 2024
Security Insights

Navigating the End of the Microsoft Enterprise Agreement: What It Means for Our Customers

By Shawn Akins November 13, 2024
One of the most impactful changes is the upcoming end of the Microsoft Enterprise Agreement (EA) framework, set to take effect on January 1, 2025.
More Posts
Share by: