What is FortiEDR?
FortiEDR is next-generation endpoint protection, providing real-time detection, protection and automated response.
What do the FortiEDR packages offer?
FortiEDR Predict & Protect Preventive Next-Generation Antivirus (NGAV) protection
FortiEDR's kernel-based NGAV engine uses machine learning to proactively stop malware. The lightweight, configurable FortiEDR agent can be deployed on current as well as legacy operating systems. FortiEDR's malware protection can be assigned to any endpoint group, eliminating the need to reinstall each time. The NGAV engine is continuously enriched with real-time feeds of up-to-date threat data from the cloud.
Post-Infection Real-Time Protection
FortiEDR provides comprehensive protection and recovery capabilities even after your endpoint has been infected. If suspicious processes and behaviour of programmes are identified, all network communication on the part of the end device as well as access to the file system is blocked immediately. FortiEDR can thus prevent data manipulation and theft as well as ransomware encryption even after the end device has been compromised. If ransomware encryption has already begun, FortiEDR can restore corrupted files through "surgical intervention".
Attack surface reduction & vulnerability management
Through automated policy control, including vulnerability assessment and protection of IoT devices, FortiEDR allows proactive reduction of the attack surface that modern IT networks provide. IoT and rouge devices can be identified and controlled according to pre-defined policies, and any system and application vulnerabilities can be closed through virtual patching.
FortiEDR Predict, Protect & Response
FortiEDR Predict & Protect can be supplemented by FortiEDR Predict, Protect & Response with additional features: If FortiEDR detects the compromise of an endpoint, forensic data is automatically recorded. Infection chains can thus be identified within the company network and combined by FortiEDR into so-called events. This allows a timeline of infection events, enriched with detailed analysis data, to be made available to the IT security team via a web-based interface.
FortiEDR Predict, Protect & Managed Response
FortiEDR Predict, Protect & Managed Response allows you to extend FortiEDR Predict, Protect & Response with managed service solutions from Fortinet. This means that your IT infrastructure is monitored around the clock by Fortinet technicians, who can take predefined measures in the event of a security incident without having direct physical access to the system to be protected. In addition, measures can also be defined in advance on the basis of so-called playbooks, similar to a checklist before the take-off of an aircraft, and thus be carried out semi-automatically. Furthermore, it is possible to have a quarterly risk analysis carried out by Fortinet. Any security incidents or other events can be summarised in detailed reports and made available at regular intervals.
The following table provides a detailed list of all FortiEDR features:
|Discover & Protect||Protect & Respond||Discover, Protect & Respond||On-Prem & Air-Gapped|
|Attack Surface Reduction||✓||✓||✓|
|Post Execution Protection||✓||✓||✓||✓|
|Cloud Threat Intelligence||✓||✓||✓||✓|
|Attack Chain Visualization||✓||✓||✓||✓|
|Endpoint Detection & Response|
|Continous Recording & Analysis||✓||✓||✓|
|AI-based Behaviour Tagging||✓||✓||✓|
|Advanced Forensics & Threat Hunting||✓||✓||✓|
|IOC Ingestion & Search||✓||✓||✓|
|Automated Integrative Incidence Response||✓||✓||✓|
|eXtended Detection & Response||Addon||Addon|
|Managed Detection & Response (MDR)||Managed AV-Addon||Addon||Addon|
|High Fidelity Altert Triage||✓||✓||✓|
|Extended Alert Triage||✓||✓|
|Cross-Platform Alert Triage (Managed XDR)||✓||✓|
|Containment & Remediation Guide||✓||✓|
|Alterting & Reporting||✓||✓|
|Cloud / Managed||✓||✓||✓|
|FortiCare BPS (1st Year)||✓||✓||✓||✓|
Which operating systems are supported by FortiEDR?
- Microsoft Windows XP SP2/SP3, 7, 8/8.1, 10 (32-bit und 64-bit)
- Windows Server 2003 R1 SP1, 2008 R1 SP2, 2008 R2, 2012, 2012 R2, 2016, 2019
- macOS 10.10 (Yosemite), 10.11 (El Captain), 10.12 (Sierra), 10.13 (High Sierra), 10.14 (Mojave), 10.15 (Catalina)
- RedHat Enterprise Linux / Cent OS 6.8, 6.9, 6.10, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7
- Ubuntu LTS (+ Server) 16.04.5, 16.04.6, 18.04.1, 18.04.2 (64-bit)
- VMware Horizons 6/7 & Citrix XenDesktop 7