The supported version will need to communicate to the EMS to get a license and thus the support. Even if you don’t use any other management features (which I really think you should) you need this.
Do you want me to add more or ?
Here’s another one. Forticlient EMS does not provide your company with a Rebranding tool. This is done from the Fortinet Developer Network and costs thousands of dollars. You can only rebrand your 6.x Forticlient versions without paying extra.
OH and on a recent release, their own Fortishield was blocking a Forticlient update, had to release a special notice for a workaround in their documentation. It’s a real joke. I don’t even think u/afroman_says could give a positive spin on this one and he’s magical when it comes to up-selling Fortinet products.
Furthermore, when talking to TAC L3, they expressed the same feelings towards this software, it apparently causes nothing but issues for them. When an integration between FortiEMS and Fortigate doesn’t work (or anything related to security fabric) you get bounced between TACs until you hit L3 and they decide to just take it into their own hands.
I just want to say, I’m a HUGE fan of Fortinet products, I think a lot of them deserve to be used in corporate settings, not just their Firewalls, unfortunatley, this software and FortiSIEM aren’t it.
‘0 problem’ sounds nice. As tech support seems not necessary, I will probably take free client.
No, we have not started using VPN yet. So I am considering to start with free client.
Thanks. That’s useful info to us.
This. Just to be clear, the installer for the full client is actually generated from EMS to have your settings included, and a client without connection to EMS will time out and block vpn access until telemetry with your EMS Server is re-established. So a client without a server is non-functional / not possible. If you don’t want to run the server yourself, your choice is either to hire an msp to host it for you, or pay for FortiClient EMS Cloud. Vpn/ZTNA would be the proper edition.
Thanks for additional info. I think I posted my reply before reading your ‘edited’ comment which already contains the four points.
Forticlient EMS does not provide your company with a Rebranding tool.
Meh, who rebrands anything other than goofy MSPs?
how many users and would you be using certificates for authentication or just simple user pw, either local or ldap?
Thanks for the detailed explanation. I didn’t expect EMS is so critical for paid FortiClient to work…
Major corporations do.
In no particular order :
FortiNAC
Fortigate
Fortiswitch ( If they could remove Fortilink and put actual L3 routing on the switches, they would sell so much more)
Fortianalyzer
Fortimanager
Fortideceptor
FortiEDR ( Should amalgamate FCT and FortiEDR in one product I.M.O)
Fortiauthenticator is becoming more and more stable with a good base of features.
FortiADC (Their GLBS is much better than it was and the price point is extremely lower than let’s say an F5) P.S Not saying F5 aren’t worth it, they blow the doors off of the FortiADCs, but you don’t always need a Ferrari 
.
FortiWeb - Especially the built-in Azure deployment.
We have 50 users and we want to use password authentication together with FortiToken as FortiGate local users.
Couldn’t agree more! What about the change logs? 
the Mac version is a disaster
I’d set it up and see how it goes without support
But you can buy L3 license and use it as standalone. Fortilink is not a requirement.
Well I’ll be damned, I did not know that - thanks!