FortiEDR Advanced Endpoint Protection
See how FortiEDR stops breaches in real time by identifying and thwarting ransomware and other file-less assaults. Additionally, it minimizes the attack surface and remotely fixes harmed endpoints.
FortiEDR Meets Today’s Endpoint Security Requirements
Explore more about Fortinet’s unique detect and defuse capability for today’s requirements for endpoint security. Also, get to know how Fortinet prevent attacks by extending visibility and security across endpoints and workloads, no matter where they are.
Models and Specifications
Management, architecture, and platform support
A single, integrated management console provides prevention, detection, and incident response capabilities. Extended REST APIs are available to support any console action and beyond.
Protection and detection happen on the endpoint, protecting disconnected endpoints.
Native cloud infrastructure
FortiEDR features multi-tenant management in the cloud. The EDR solution can be deployed as a cloud-native, hybrid, or on-premises. It also supports air-gapped environments.
Lightweight endpoint agent
FortiEDR utilizes less than 1% CPU, up to 120 MB of RAM, 20 MB of disk space, and generates minimal network traffic.
Supported operating systems
FortiEDR supports Windows, MacOS, and Linux operating systems, and offers offline protection.
Security Fabric Integration
FortiEDR leverages the Fortinet Security Fabric architecture and integrates with many Security Fabric components including FortiGate, FortiSandbox, and FortiSIEM.
The FortiEDR connector enables the sharing of endpoint threat intelligence and application information with FortiGate. FortiEDR management can instruct enhanced response actions for FortiGate, such as suspending or blocking an IP address following an infiltration attack.
FortiEDR shares endpoint threat intelligence and discovered assets with FortiNAC. With syslog sharing, FortiEDR management can instruct enhanced response actions for FortiNAC, such as isolating a device.
FortiEDR native integration with FortiSandbox automatically submits files to the sandbox in the cloud, supporting real-time event analysis and classification. Additionally, it also shares threat intelligence with FortiSandbox.
FortiEDR sends events and alerts to FortiSIEM for threat analysis and forensic investigation. FortiSIEM can also utilize JSON and REST APIs to further integrate with FortiEDR.
FortiEDR native integration with FortiGuard Labs allows up-to-date intelligence, supporting real-time incident classification to enable accurate incident response playbook activation.
Use FortiEDR managed EDR (MDR), Incident Response, JumpStart, and Best Practices Services to manage, respond, set up, or tune the EDR Solution for your organization.
Fortinet JumpStart Services assesses a customer’s existing security posture and partners with them to create a customized security implementation plan to ensure successful and proactive:
- Architecture and planning
- Deployment and installation
- Environment tuning
- Prevention mode migration
- Project management
FortiResponder Managed Detection and Response Service (MDR)
We supplement your SOC team, acting as senior SOC analysts by providing:
- 24×7 threat monitoring and response
- Alert triage and response
- Guided remediation instructions with remote remediation and rollback
- Recommended course of action per classified event based on risk profile
- Environment management and MDR
- Quarterly security environment review
FortiResponder Forensics and Incident Response Service
We assist with the analysis, response, containment, and remediation of security incidents to reduce the time to resolution, limiting the overall impact to an organization. FortiResponder Forensics and Incident Response Service can also help organizations that have not deployed FortiEDR for specific incident or breach investigation.
FortiEDR Best Practice Service
Fortinet experts will provide advice and guidance as the customer deploys the product throughout their organization. This advice/guidance will cover:
- Prerequisites and preparation
- Architecture and planning
- Deployment and optimization
- Closeout and basic training