Tag Archives: forticlient best practice

Appendix C – Rebrand FortiClient

Appendix C – Rebrand FortiClient

The FortiClient Configurator can be used to create custom FortiClient MSI installers with various combinations. The customized MSI installer generated may be used to install FortiClient on all supported platforms using Active Directory. A FortiClient setup executable file is also generated for manual distribution.

Under Options, you can select to enable software updates, configure the single sign-on mobility agent, and rebrand FortiClient. Rebranding allows you to edit various UI elements including graphics.

When replacing files in the resource folder, the replacement file should be the same file type and dimensions. Icons (.ico) are a special case. The Main_icon.ico file for example, is a composite file of multiple icons. The operating system picks the appropriate icon size from this file for the context in which the icon is being displayed.

Rebranding elements:

Installer Product Name Where Used: Setup Wizard header and body, File directory name in Installer Company Name file folder, engine/signature update bubble messages.

Default Value: FortiClient

Installer Company Name Where Used: File directory name in Program Files. Default Value: Fortinet

 

Manufacturer Name Where Used: Default Value: Fortinet Inc
Shortcut Text Where Used: Name of shortcut on desktop

Default Value: FortiClient

Product Name Where Used: Name of installer file (.msi/.mst), UI header, configuration received from FortiGate bubble messages, Default Value: FortiClient
Product Name Text Where Used: Name of client in main page

Default Value: FortiClient

Company Where Used: Help > About > Copyright page

Default Value: Fortinet

Company WebSite URL Where Used: Help > About > Copyright page

Default Value: http://www.fortinet.com

Company Website Text Where Used: Help > About > Copyright page

Default Value: www.fortinet.com

Feedback Email Where Used: Help > About > Copyright page, Send Feedback

Default Value: forticlient-feedback@fortinet.com

Feedback Email Text Where Used: Help > About > Copyright page, Send Feedback

Default Value: forticlient-feedback@fortinet.com

EULA Where Used: Help > About > Copyright page, Click here to view the license agreement

Default Value: http://www.fortinet.com/doc/legal/EULA.pdf

Knowledge Base Text Where Used: Help menu option

Default Value: Fortinet Knowledge Base

Leave this field blank to omit the field in the console.

Knowledge Base Link Where used: Link used by Knowledge Base text

Default value: http://kb.fortinet.com

Leave this field blank to omit the field in the console.

Advertisement 1 Where used: Link used by dashboard banner advertisement 1

Default value: http://www.forticlient.com/video/001

Advertisement 2 Where used: Link used by dashboard banner advertisement 2

Default value: http://www.forticlient.com/video/002

Advertisement 3 Where used: Link used by dashboard banner advertisement 3

Default value: http://www.forticlient.com/video/003

Resources folder elements:

Appendix C – Rebrand FortiClient

About_red_shield_logo.png Where Used:

File Type: PNG File (.png)

Width: 43 pixels

Height: 43 pixels

Bit Depth: 32

Advertisement_ad_0.png Where Used: Dashboard advertisement banner

File Type: PNG File (.png)

Width: 628 pixels

Height: 66 pixels

Bit Depth: 32

Advertisement_ad_1.png Where Used: Dashboard advertisement banner

File Type: PNG File (.png)

Width: 628 pixels

Height: 66 pixels

BitBit Depth: 32

Advertisement_ad_2.png Where Used: Dashboard advertisement banner

File Type: PNG File (.png)

Width: 628 pixels

Height: 66 pixels

Bit Depth: 32

Antivirus_AV_scan_top_banner_left_hand_ side.png Where Used:

File Type: BMP File (.bmp)

Width: 1 pixel

Height: 40 pixels

Bit Depth: 8

Antivirus_AV_scan_top_banner_right_hand_ side.png Where Used: Banner used in right-click “scan with

product name” dialog box File Type: BMP File (.bmp)

Width: 440 pixels

Height: 40 pixels

Bit Depth: 8

Common_fgt-not-found-page-bg.png Where Used: FortiGate not found page

File Type: PNG File (.png)

Width: 673 pixels

Height: 189 pixels

Bit Depth: 32

Common_fortinet-icon.png Where Used:

File Type: PNG File (.png)

Width: 79 pixels

Height: 79 pixels

Bit Depth: 32

 

Common_registration_icon.png Where Used: FortiGate detected page

File Type: PNG File (.png)

Width: 85 pixels

Height: 85 pixels

Bit Depth: 32

Common_searching-page-bg.png Where Used: Searching for FortiGate page

File Type: PNG File (.png)

Width: 673 pixels

Height: 189 pixels

Bit Depth: 32

Dashboard_forticlient_v5_dashboard_bg.png Where Used: Client console

File Type: PNG File (.png)

Width: 628 pixels

Height: 451 pixels

Bit Depth: 32

Dashboard_warning-shield.png Where Used: Dashboard warning shield, displayed when antivirus is disabled. File Type: PNG File (.png)

Width: 59 pixels

Height: 75 pixels

Bit Depth: 32

Installer_background.bmp Where used: Setup Wizard background image.

File Type: BMP file (.bmp)

Width: 491 pixels

Height: 312 pixels

Bit Depth: 8

Installer_banner.bmp Where Used: Setup Wizard banner image on destination page, ready to install page, installing pages.

File Type: BMP file (.bmp)

Width: 491 pixels

Height: 58 pixels

Bit Depth: 8

LightInstaller_icon.ico Where Used: Light Installer Icon

File Type: ICO File (.ico)

Width: 32 pixels

Height: 32 pixels

Bit Depth: 32

Main_icon.ico Where Used: Shortcut on desktop

File Type: ICO file (.ico)

Width: 48 pixels

Height: 48 pixels

Bit Depth: 32

Appendix C – Rebrand FortiClient

Main_logo_black.ico Where Used: Client console header

File Type: ICO file (.ico)

Width: 32 pixels

Height: 32 pixels

Bit Depth: 32

setup.ico Where Used: Setup icon

File Type: ICO File (.ico)

Width: 256 pixels

Height: 256 pixels

Bit Depth: 32

Tray_Icons_alert.ico Where Used: System tray alert icon

File Type: ICO File (.ico)

Width: 16 pixels

Height: 16 pixels

Bit Depth: 32

Tray_Icons_alert_vpn.ico Where Used: System tray VPN alert icon

File Type: ICO File (.ico)

Width: 16 pixels

Height: 16 pixels

Bit Depth: 32

Tray_Icons_running.ico Where Used: System tray running icon

File Type: ICO File (.ico)

Width: 16 pixels

Height: 16 pixels

Bit Depth: 32

Tray_Icons_scan1.ico, Tray_Icons_scan2.ico,

Tray_Icons_scan3.ico, Tray_Icons_scan4.ico,

Tray_Icons_scan5.ico, Tray_Icons_scan6.ico,

Tray_Icons_scan7.ico, Tray_Icons_scan8.ico,

Tray_Icons_scan9.ico, Tray_Icons_scan10.ico

Tray_Icons_scan11.ico

Where Used: System tray, these eleven images animate the scanning activity of the tray icon.

File Type: ICO File (.ico)

Width: 16 pixels

Height: 16 pixels

Bit Depth: 32

Tray_Icons_vpn.ico Where Used: System tray VPN icon

File Type: ICO File (.ico)

Width: 16 pixels

Height: 16 pixels

Bit Depth: 32

VPN_xauth-dialog-logo.png Where Used: VPN xAuth dialog logo

File Type: PNG File (.png)

Width: 88 pixels

Height: 100 pixels

Bit Depth: 32

zzz_rebranding.ini Where Used: This file is used by the FortiClient Configurator tool for element/resource mapping. File Type: Configuration settings (.ini)

When rebranding FortiClient, you can select to digitally sign the installer package using a code signing certificate.

 

Web Security/Web Filter

Web Security/Web Filter

Web Security/Web Filter allows you to block, allow, warn, and monitor web traffic based on URL category or custom URL filters. URL categorization is handled by the FortiGuard Distribution Network (FDN). You can create a custom URL filter exclusion list which overrides the FDN category.

When a FortiClient endpoint is connected to FortiGate/EMS, the Web Security tab becomes the Web Filter tab in the FortiClient console.

Enable/disable Web Security/Web Filter

For FortiClient in standalone mode, you can enable, disable, and configure web security by using the FortiClient console. You can define what sites are allowed, blocked, or monitored, and you can view violations.

For FortiClient in managed mode, an administrator enables, disables, and configures Web Filter by using a FortiClient profile. See FortiClient profiles on page 29.

Enable/disable Web Security

This setting can only be configured when FortiClient is in standalone mode.

To enable or disable Web Security:

  1. On the Web Security tab, toggle the Enable/Disable link in the FortiClient console. Web Security is enabled by default.

The following options are available:

Enable/Disable Select to enable or disable Web Security.

Configure Web Security profiles

X Violations (In the Last 7 Days) Select to view Web Security log entries of the violations that have occurred in the last 7 days.
Settings Select to configure the Web Security profile, exclusion list, and settings, and to view violations.

Enable/disable Web Filter

This setting can only be configured when FortiClient is in managed mode. When FortiClient is connected to a FortiGate/EMS, the Web Security tab will become the Web Filter tab.

A FortiClient profile can include a Web Filter profile from a FortiGate or EMS.

On a FortiGate device, the overall process is as follows:

l Create a Web Filter profile on the FortiGate, l Add the Web Filter profile to the FortiClient Profile on the FortiGate.

On EMS, web filtering is part of the endpoint profile.

Configure Web Security profiles

This setting can only be configured when FortiClient is in standalone mode.

You can configure a Web Security profile to allow, block, warn, or monitor web traffic based on website categories and sub-categories.

Edit Web Security exclusion lists                                                                             Web Security/Web Filter

To configure web security profiles:

  1. On the Web Filter tab, click the Settings
  2. Click a site category.
  3. Click the Action icon, and select an action in the drop-down menu.

The following actions are available:

Allow Set the category or sub-category to Allow to allow access.
Block Set the category or sub-category to Block to block access. The user will receive a Web Page Blocked message in the web browser.
Warn Set the category or sub-category to Warn to block access. The user will receive a Web Page Blocked message in the web browser. The user can select to proceed or go back to the previous web page.
Monitor Set the category or sub-category to Monitor to allow access. The site will be logged.

You can select to enable or disable Site Categories in the Web Security settings page. When site categories are disabled, FortiClient is protected by the exclusion list.

  1. Click OK.

Edit Web Security exclusion lists

This setting can only be configured when FortiClient is in standalone mode.

You can add websites to the exclusion list and set the permission to allow, block, monitor, or exempt.

Edit Web Security exclusion lists

To manage the exclusion list:

  1. On the Web Security tab, click the Settings
  2. Click the Exclusion List
  3. Click the Add icon to add URLs to the exclusion list.

If the website is part of a blocked category, an allow permission in the Exclusion List would allow the user to access the specific URL.

  1. Configure the following settings:
Exclusion List Select to exclude URLs that are explicitly blocked or allowed. Use the add icon to add URLs and the delete icon to delete URLs from the list. Select a URL and select the edit icon to edit the selection.
URL Enter a URL or IP address.
Type Select one of the following pattern types from the drop-down list:

l Simple l Wildcard l RegularExpression

Actions Select one of the following actions from the drop-down list:

Block: Block access to the web site regardless of the URL category or sub-category action.

Allow: Allow access to the web site regardless of the URL category or sub-category action.

Monitor: Allow access to the web site regardless of the URL category or sub-category action. A log message will be generated each time a matching traffic session is established.

  1. Click OK.

Configure Web Security settings                                                                             Web Security/Web Filter

Configure Web Security settings

This setting can only be configured when FortiClient is in standalone mode.

To configure web security settings:

  1. On the Web Security tab, click the Settings icon
  2. Click the Settings
  3. Configure the following settings:
Enable Site Categories Select to enable Site Categories. When site categories are disabled, FortiClient is protected by the exclusion list.
Log all URLs Select to log all URLs.
Identify user initiated web browsing Select to identify web browser that is user initiated.
  1. Click OK.

View violations

This section applies to FortiClient in standalone mode and managed mode.

To view Web Security violations:

  1. On the Web Security tab, click the Settings

Alternately, you can click the X Violations (In the Last 7 Days) link.

  1. Click the Violations

View violations

The following information is displayed.

Website The website name or IP address.
Category The website sub-category.
Time The date and time that the website was accessed.
User The name of the user generating the traffic. Hover the mouse cursor over the column to view the complete entry in the pop-up bubble message.
  1. Click Close.